Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021 Exécuté par Michel (administrateur) sur T9A20 (Dell Inc. Inspiron 3721) (30-11-2021 20:13:14) Exécuté depuis C:\Users\Michel\Desktop Profils chargés: Michel Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicShellService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Qualcomm Atheros -> Atheros) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" HKU\S-1-5-21-59222037-1181796353-3248129865-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-59222037-1181796353-3248129865-1001\...\Run: [66610F95EFEE415873D8B7FF99A514523ACA3878._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKLM\...\Windows x64\Print Processors\Canon MP490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Y.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP490 series: C:\WINDOWS\system32\CNMLM9Y.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0E5A7477-8BB1-458B-8D6D-936A3157E26D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0EC4884B-A108-4D7C-9E6B-29E6F6710A59} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {15234CD5-15AC-4CB8-8960-24F54D125482} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {1BABC6B3-7FEF-4D4B-B02F-7ED741F1611D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {2210F2C3-769E-41E7-9943-252E70340B2F} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4167080 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated) Task: {252C69FA-3DD1-4F2C-A0C1-E6A76836D541} - System32\Tasks\{FF04B77C-A88A-4F5D-B0A3-8DA140CBE40C} => "c:\windows\system32\launchwinapp.exe" http://ui.skype.com/ui/0/7.28.64.101/fr/abandoninstall?page=tsMain hxxp://ui.skype.com/ui/0/7.28.64.101/fr/abandoninstall?page=tsMain (Pas de fichier) Task: {3106B81C-674E-4692-8326-FCA3FC5F9A8F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier) Task: {3628F953-3B34-44B0-99FF-6703CE94D182} - \WPD\SqmUpload_S-1-5-21-59222037-1181796353-3248129865-1001 -> Pas de fichier <==== ATTENTION Task: {42C7A846-B7A3-402A-BA01-2E73DB1A724E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {464CF606-5E0F-44C4-99D3-1A0AF90515B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {4CAF4C99-25B6-47E0-888A-48316DEB59EE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {4FB0AB78-85CF-49A7-BD94-FAFF7E4FF24F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {522E3B77-7293-4259-A1BA-04B8A369CB3E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {53AD43E2-238C-41E3-AD59-525E3D096ADE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-12-03] (CyberLink Corp. -> CyberLink) Task: {5676C4AA-A6CC-4898-86D0-99526074CC6E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {5D4E7856-678C-4F83-A253-5AC5A549DE76} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION Task: {63242C58-7BD8-4219-B973-929503561639} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {64D29C67-0D03-4FE9-B54E-05E6D3768C43} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {6B398D76-E366-4927-9490-77013EE68729} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7F4B285F-3DC8-4971-819E-1BC9E6DACF5F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {82A3EB16-131A-4515-BA70-FF7B995BF744} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {936D9D5B-A54E-4BF2-A92C-08DCDEFFA907} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {98A68100-0D52-4DCE-9DA0-D1022ED4E0C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {99233EE8-EF4F-4B14-A498-CBF6F95CF26A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {9C41A5EC-F56C-455E-905E-295D7F84B133} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {A465D64D-A4BF-4381-AE9B-984111CB66CB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A91ACA1E-C328-40BE-8A43-9F6DA631052D} - System32\Tasks\G2MUpdateTask-S-1-5-21-59222037-1181796353-3248129865-1001 => C:\Users\Michel\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {B3ACF5C9-9147-4EF8-9688-3AEB85AC78BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B81D4645-A156-457B-8B9F-2175A47E79D0} - \PCDEventLauncherTask -> Pas de fichier <==== ATTENTION Task: {BAAFFABC-35D8-40B2-9614-6C5118881619} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {BF1632FA-B83F-4164-9F7B-4334C4CD26E8} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [6762544 2012-07-09] (Dell Inc. -> Dell, Inc.) Task: {BF6C4CAB-2F7E-4766-9F59-BFF0FB873AEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C1A0930E-EEA6-40A3-B4BA-93DF7848DF27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2DA1C62-FA1E-42A9-B3EB-6461F744F1FE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {CD63DEE5-B5A4-4492-90B4-75A74696618C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {DA405608-3704-40E4-AD1E-55783B29FB51} - \SystemToolsDailyTest -> Pas de fichier <==== ATTENTION Task: {F0027921-4AC1-4AB4-B3ED-C8DD2C2E933B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-24] (Mozilla Corporation -> Mozilla Foundation) Task: {F103F98B-ABCF-499D-B723-D9CFA4A8438B} - System32\Tasks\G2MUploadTask-S-1-5-21-59222037-1181796353-3248129865-1001 => C:\Users\Michel\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {FE62F481-1005-491F-AE09-CD96D8EDE360} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-59222037-1181796353-3248129865-1001.job => C:\Users\Michel\AppData\Local\GoToMeeting\19932\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-59222037-1181796353-3248129865-1001.job => C:\Users\Michel\AppData\Local\GoToMeeting\19932\g2mupload.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{b0b7043f-dcdc-43e3-998f-be36a304930a}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{f692766f-14ad-481f-9c21-17d69d1ff84b}: [DhcpNameServer] 192.168.1.11 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-30] Edge Extension: (uBlock Origin) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-11-22] FireFox: ======== FF DefaultProfile: a317dphf.default-1612284751276 FF ProfilePath: C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\a317dphf.default-1612284751276 [2021-11-30] FF Extension: (uBlock Origin) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\a317dphf.default-1612284751276\Extensions\uBlock0@raymondhill.net.xpi [2021-11-24] FF Extension: (Green Blocker) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\a317dphf.default-1612284751276\Extensions\{585d400a-21d7-4270-a3c5-8c09aa351c1d}.xpi [2021-10-04] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (Pas de nom) - C:\Program Files\McAfee\MSK [2013-12-27] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [Fichier non signé] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default [2021-11-20] CHR StartupUrls: Default -> "hxxp://www.google.fr/" CHR Extension: (Google Docs) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05] CHR Extension: (YouTube) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05] CHR Extension: (Recherche Google) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-01] CHR Extension: (Bookmark Manager) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-18] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18] CHR Extension: (Gmail) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe) R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [63488 2012-10-28] (IvoSoft) [Fichier non signé] R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> ) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] (CyberLink -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Qualcomm Atheros -> Atheros) [Fichier non signé] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink) S3 MpKslfedea79b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1F74030A-231D-4038-BFA8-9CF27CD35BD5}\MpKslDrv.sys [130296 2021-11-30] (Microsoft Windows -> Microsoft Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-30 20:13 - 2021-11-30 20:14 - 000022811 _____ C:\Users\Michel\Desktop\FRST.txt 2021-11-30 20:10 - 2021-11-30 20:09 - 000300162 _____ C:\Users\Michel\Desktop\ZHPDiag.txt 2021-11-30 19:57 - 2021-11-30 19:58 - 003477656 _____ (Nicolas Coolman) C:\Users\Michel\Downloads\ZHPSuite.exe 2021-11-30 19:55 - 2021-11-30 20:00 - 000000905 _____ C:\Users\Michel\Desktop\ZHPSuite.lnk 2021-11-30 19:55 - 2021-11-30 19:58 - 003477656 _____ (Nicolas Coolman) C:\Users\Michel\Desktop\ZHPSuite.exe 2021-11-30 19:04 - 2021-11-30 20:14 - 000000000 ____D C:\FRST 2021-11-30 18:43 - 2021-11-30 19:01 - 002311680 _____ (Farbar) C:\Users\Michel\Desktop\FRST64.exe 2021-11-25 12:03 - 2021-11-25 12:03 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2021-11-22 15:53 - 2021-11-22 15:53 - 002101944 _____ (Malwarebytes) C:\Users\Michel\Downloads\MBSetup.exe 2021-11-20 15:05 - 2021-11-20 15:05 - 003291288 _____ (Nicolas Coolman) C:\Users\Michel\Downloads\ZHPCleaner(1).exe 2021-11-20 14:56 - 2021-11-20 14:56 - 003291288 _____ (Nicolas Coolman) C:\Users\Michel\Downloads\ZHPCleaner.exe 2021-11-20 14:19 - 2021-07-07 19:52 - 008553680 _____ (Malwarebytes) C:\Users\Michel\Desktop\adwcleaner_8.3.0.exe 2021-11-20 12:46 - 2021-11-20 14:57 - 000000000 ____D C:\ProgramData\scre..tion_b15b0581876c57b7_0015.000d_223d769da687f523 2021-11-20 12:44 - 2021-11-20 12:44 - 000086688 _____ C:\Users\Michel\Downloads\ConnectWiseControl.Client.exe 2021-11-20 12:40 - 2021-11-20 14:11 - 000000000 ____D C:\Users\Michel\AppData\Roaming\AnyDesk 2021-11-20 12:36 - 2021-11-20 12:36 - 003803376 _____ (AnyDesk Software GmbH) C:\Users\Michel\Downloads\AnyDesk.exe 2021-11-15 11:57 - 2021-11-15 11:57 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-15 11:57 - 2021-11-15 11:57 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-13 10:53 - 2021-11-13 10:53 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-13 10:53 - 2021-11-13 10:53 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-13 10:52 - 2021-11-13 10:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-13 10:51 - 2021-11-13 10:51 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-13 10:21 - 2021-11-13 10:21 - 000000000 ___HD C:\$WinREAgent ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-30 20:14 - 2013-08-29 14:06 - 000000000 ____D C:\Temp 2021-11-30 20:09 - 2019-11-09 17:56 - 000000000 ____D C:\Users\Michel\AppData\Roaming\ZHP 2021-11-30 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-30 19:47 - 2014-10-25 19:43 - 000000000 __SHD C:\Users\Michel\IntelGraphicsProfiles 2021-11-30 19:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-30 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-30 19:17 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-30 18:58 - 2021-07-22 13:39 - 001772722 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-30 18:58 - 2019-12-07 15:49 - 000792858 _____ C:\WINDOWS\system32\perfh00C.dat 2021-11-30 18:58 - 2019-12-07 15:49 - 000149988 _____ C:\WINDOWS\system32\perfc00C.dat 2021-11-30 18:53 - 2021-05-07 21:51 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-30 18:53 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-30 18:53 - 2015-05-21 14:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-30 18:53 - 2015-05-21 14:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-11-30 18:52 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-11-30 18:00 - 2016-11-23 19:15 - 000000000 ____D C:\Users\Michel\AppData\LocalLow\Mozilla 2021-11-30 17:50 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-30 11:32 - 2015-05-21 14:41 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-25 12:04 - 2020-09-27 08:54 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-25 12:04 - 2020-09-27 08:54 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-11-24 17:33 - 2020-09-27 08:55 - 000000000 ____D C:\ProgramData\Packages 2021-11-24 07:55 - 2021-10-09 10:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-11-24 07:55 - 2015-05-21 14:41 - 000001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-22 16:16 - 2021-07-22 13:24 - 000000000 ____D C:\Users\Michel 2021-11-22 16:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-22 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-11-20 15:05 - 2019-11-09 17:56 - 000000915 _____ C:\Users\Michel\Desktop\ZHPCleaner.lnk 2021-11-20 14:36 - 2021-06-17 12:36 - 000000000 ___DC C:\WINDOWS\Panther 2021-11-20 14:32 - 2021-07-22 13:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-11-20 14:22 - 2020-11-13 09:46 - 000000000 ____D C:\Program Files (x86)\Dell 2021-11-20 14:22 - 2013-08-29 13:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-11-20 14:22 - 2013-08-29 13:52 - 000000000 ____D C:\ProgramData\Dell 2021-11-20 14:22 - 2013-08-29 13:52 - 000000000 ____D C:\Program Files\Dell 2021-11-20 14:21 - 2013-08-29 14:00 - 000000000 ____D C:\Program Files (x86)\CyberLink 2021-11-20 12:53 - 2017-03-13 09:53 - 000000000 ____D C:\ProgramData\Package Cache 2021-11-18 09:45 - 2021-07-26 09:07 - 000002459 _____ C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-18 09:45 - 2021-07-22 13:51 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-59222037-1181796353-3248129865-1001 2021-11-18 09:42 - 2021-08-02 12:30 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d77ef63ef45d8a 2021-11-18 09:42 - 2020-09-27 08:53 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-13 11:11 - 2020-09-27 06:51 - 000462008 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-13 11:11 - 2020-04-02 16:10 - 000000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-59222037-1181796353-3248129865-1001.job 2021-11-13 11:11 - 2020-04-02 16:10 - 000000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-59222037-1181796353-3248129865-1001.job 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-13 11:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-13 11:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-13 11:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-13 10:16 - 2013-12-27 14:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-13 10:11 - 2013-12-27 14:06 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-12 18:06 - 2021-07-22 13:51 - 000003800 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-59222037-1181796353-3248129865-1001 2021-11-12 18:06 - 2021-07-22 13:51 - 000003704 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-59222037-1181796353-3248129865-1001 2021-11-04 11:44 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================