Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021 Exécuté par user (administrateur) sur TEMZI (Hewlett-Packard HP ProBook 450 G2) (13-12-2021 13:58:44) Exécuté depuis C:\Users\user\Desktop Profils chargés: user & openpgsvc Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.985 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\nssm\win64\nssm.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (NetSupport Ltd -> NetSupport Ltd) C:\Users\user\AppData\Roaming\WinSupport\client32.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe (PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe <7> (Python Software Foundation -> Python Software Foundation) C:\Program Files (x86)\Odoo 11.0\python\python.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Smadsoft) [Fichier non signé] C:\Program Files (x86)\SMADAV\SMΔRTP.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Zainuddin Nafarin -> Smadav Software) C:\Program Files (x86)\SMADAV\SmadavProtect64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier) HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\UniConverter\WSVCUUpdateHelper.exe (Pas de fichier) HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1916440 2021-11-04] (Smadsoft) [Fichier non signé] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1136279609-3541499935-843867756-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Windows x64\Print Processors\LMADTP4C: C:\Windows\System32\spool\prtprocs\x64\LMADTP4C.DLL [269312 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\LM_LMADTP: C:\WINDOWS\system32\LMADTPLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\autoruning.ini.lnk [2021-05-19] <==== ATTENTION ShortcutTarget: autoruning.ini.lnk -> C:\Users\user\AppData\Roaming\WinSupport\client32.exe (NetSupport Ltd -> NetSupport Ltd) <==== ATTENTION GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1E5D4917-0C47-4CD0-B540-C591D5320A00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1FF67A09-5C0A-49CE-B570-F937D96ACB3E} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1136279609-3541499935-843867756-1001_1 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-04-12] (Microsoft Windows -> Microsoft Corporation) Task: {306982C2-AD74-4BAF-BDBD-33245A35CB11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-26] (Google LLC -> Google LLC) Task: {319F9B55-D3C1-4E3B-8464-C40117557BB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {37AFEDB5-3DA7-412C-96FD-C88AEF52F7F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-26] (Google LLC -> Google LLC) Task: {62A0BC71-78CC-489F-9CFD-F3A2136E24A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4C22D4E-E9B2-4823-822D-B2A44D33E3CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D558C8A6-76A1-4522-AA1C-215C54FB1342} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1916440 2021-11-04] (Smadsoft) [Fichier non signé] Task: {FA98632C-462D-4188-BFAF-2B3397413B99} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 172.30.0.53 172.30.0.54 172.30.0.55 8.8.8.8 Tcpip\..\Interfaces\{8d22abd6-4eb8-4f5d-8626-f8b24f0225b5}: [DhcpNameServer] 172.30.0.53 172.30.0.54 172.30.0.55 8.8.8.8 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-13] Edge Extension: (IDM Integration Module) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-10-21] Edge HKU\S-1-5-21-1136279609-3541499935-843867756-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-03-05] FireFox: ======== FF DefaultProfile: olz23u3l.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\olz23u3l.default [2021-05-19] FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1z7f9zyw.default-release [2021-12-09] Chrome: ======= CHR DefaultProfile: Profile 3 CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-17] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-12-13] CHR Notifications: Profile 3 -> hxxps://www.facebook.com CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-17] CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-17] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-17] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-17] CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-17] CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-17] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-17] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-17] CHR StartupUrls: System Profile -> "hxxp://sc2.searchpo.com/searcher/bingsearch" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12872144 2021-05-26] (EnigmaSoft Limited -> EnigmaSoft Limited) R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22496 2017-05-24] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [210784 2010-04-03] (Microsoft Corporation -> Microsoft Corporation) R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation -> Microsoft Corporation) R2 odoo-server-11.0; C:\Program Files (x86)\Odoo 11.0\nssm\win64\nssm.exe [331264 2017-09-28] () [Fichier non signé] R2 PostgreSQL_For_Odoo; C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe [80384 2017-08-08] (PostgreSQL Global Development Group) [Fichier non signé] R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2175328 2010-04-03] (Microsoft Corporation -> Microsoft Corporation) R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526800 2021-05-26] (EnigmaSoft Limited -> EnigmaSoft Limited) S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation -> Microsoft Corporation) S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82912 2017-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) S2 AppServicea; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceb; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicec; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiced; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicee; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicef; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceg; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceh; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicei; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicej; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicek; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicel; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicem; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicen; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceo; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicep; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceq; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicer; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServices; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicet; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServiceu; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicev; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicew; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicex; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION S2 AppServicey; C:\WINDOWS\system32\J28TD5JU9I.tmp [X] <==== ATTENTION R2 MSSQLServerOLAPService; "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Config" S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION S2 WinDefender; C:\WINDOWS\windefender.exe [X] <==== ATTENTION ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-11-02] (EnigmaSoft Limited -> EnigmaSoft Limited) R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company) S3 MpKslc4f8ad10; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B92F356C-28D7-4EB2-A0A8-CCDFF560E75F}\MpKslDrv.sys [107744 2021-05-19] (Microsoft Windows -> Microsoft Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-19] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-13 13:58 - 2021-12-13 14:02 - 000019509 _____ C:\Users\user\Desktop\FRST.txt 2021-12-13 13:57 - 2021-12-13 13:57 - 002311168 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2021-12-13 08:51 - 2021-12-13 14:00 - 000000000 ____D C:\FRST 2021-12-13 08:41 - 2021-12-13 08:43 - 000003490 _____ C:\RstAssociations.txt 2021-12-09 09:43 - 2021-12-09 09:43 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1136279609-3541499935-843867756-1001_1 2021-12-07 11:04 - 2021-12-07 11:05 - 000000000 ____D C:\LMD70SE 2021-12-07 11:02 - 2020-11-08 10:05 - 000000000 ____D C:\LMD 70 2021-12-06 14:47 - 2021-12-06 14:47 - 003799373 _____ C:\Users\user\Downloads\MGT.PDF 2021-11-30 11:03 - 2021-12-13 11:14 - 000030720 _____ C:\Users\user\Desktop\CREANCES 2021 PAR CLIENT.xls 2021-11-29 16:10 - 2021-11-29 16:32 - 000462848 _____ C:\Users\user\Desktop\CHIFFRE D'AFFAIRE ET CRANCES 2014_2020.xls 2021-11-28 15:33 - 2021-11-28 15:33 - 000025534 _____ C:\Users\user\Downloads\Balance odoo.xlsx 2021-11-24 16:21 - 2021-11-24 16:21 - 000060928 _____ C:\Users\user\Downloads\CA_CREANCES_CANEVA (1).xls 2021-11-16 10:44 - 2021-11-16 11:25 - 000047616 _____ C:\Users\user\Desktop\LISTE DES EQUIPEMENTS OBSOLETES AU 31-12-2020.xls ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-13 13:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-13 13:53 - 2020-11-26 14:23 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-13 13:38 - 2021-04-12 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-13 10:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-13 10:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-13 09:20 - 2020-12-23 00:00 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-13 08:14 - 2021-05-24 11:03 - 000000000 ____D C:\Users\user\AppData\Roaming\Smadav 2021-12-13 08:12 - 2020-07-30 12:29 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles 2021-12-13 08:11 - 2020-07-30 12:29 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-12-12 12:10 - 2021-06-20 11:42 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-12 12:10 - 2021-06-20 11:42 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72fbcbcf4e903 2021-12-08 14:04 - 2021-04-12 17:58 - 002079696 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-08 14:04 - 2019-12-07 15:50 - 000833160 _____ C:\WINDOWS\system32\perfh00C.dat 2021-12-08 14:04 - 2019-12-07 15:50 - 000167890 _____ C:\WINDOWS\system32\perfc00C.dat 2021-12-08 14:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-08 11:16 - 2020-11-26 14:34 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-12-07 11:05 - 2020-11-08 09:43 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMD-Tools SE 2021-12-06 10:39 - 2020-11-05 09:46 - 000000000 ____D C:\Users\user\Documents\SQL Server Management Studio 2021-11-17 10:43 - 2021-05-24 11:03 - 000000000 __SHD C:\[Smad-Cage] ==================== Fichiers à la racine de certains dossiers ======== 2021-05-19 16:49 - 2021-05-20 08:09 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2021-05-19 16:49 - 2021-05-20 08:10 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2021-05-19 16:49 - 2021-05-20 08:10 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2021-05-19 16:49 - 2021-05-20 08:10 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2021-05-19 16:49 - 2021-05-20 08:10 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2021-05-19 16:49 - 2021-05-20 08:10 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2021-05-19 16:31 - 2021-05-19 16:32 - 000000000 _____ () C:\Program Files (x86)\temp_files 2021-05-19 16:30 - 2021-05-19 16:30 - 000032768 _____ () C:\Users\user\AppData\Roaming\1621438220683-shm 2021-05-19 16:30 - 2021-05-19 16:30 - 000000000 _____ () C:\Users\user\AppData\Roaming\1621438220683-wal 2021-04-12 16:28 - 2021-04-12 16:28 - 000321226 ___SH () C:\Users\user\AppData\Roaming\viesvic 2021-05-19 14:56 - 2021-05-19 14:56 - 000000560 _____ () C:\Users\user\AppData\Local\bowsakkdestx.txt ==================== FLock ============================== 2021-11-02 13:42 C:\WINDOWS\system32\config\SYSTEM 2021-08-04 08:11 C:\WINDOWS\system32\Drivers\192vn335.sys ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================