Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022 Exécuté par Henri (administrateur) sur DESKTOP-DSHMETU (Notebook N650DU) (24-05-2022 17:49:24) Exécuté depuis C:\Users\Henri\Desktop Profils chargés: Henri Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.1706 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files (x86)\Hotkey\HotkeyService.exe ->) () [Fichier non signé] C:\Program Files (x86)\Hotkey\rerun.exe (C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe ->) (mquadr.at software engineering und consulting GmbH -> mquadr.at software engineering & consulting GmbH) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe <3> (C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe ->) (mquadr.at software engineering und consulting GmbH -> Swisscom) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe (DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\GfxDownloadWrapper.exe (explorer.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (mquadr.at software engineering und consulting GmbH -> Swisscom) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (CLEVO CO.) [Fichier non signé] C:\Program Files (x86)\Hotkey\HotkeyService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1704_none_7de951067ca990f6\TiWorker.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18376672 2017-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools) HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_launcher.exe [14751752 2020-02-04] (mquadr.at software engineering und consulting GmbH -> Swisscom) HKU\S-1-5-21-3813632654-1173275650-3664626441-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-09-12] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3813632654-1173275650-3664626441-1001\...\Run: [MicrosoftEdgeAutoLaunch_F8D27F449D5EA26F128DE36A857215A4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547064 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3813632654-1173275650-3664626441-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10994528 2022-04-20] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-3813632654-1173275650-3664626441-1001\...\Run: [] => C:\Program Files\RogueKiller\RogueKiller64.exe [33059896 2018-11-12] (Adlice -> ) HKU\S-1-5-18\...\Run: [] => [X] HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon SELPHY Language Monitor 3: C:\WINDOWS\system32\CNYLCP03.DLL [62976 2016-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Canon INC.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-08-26] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-14] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-02-14] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut1.lnk [2017-12-28] ShortcutTarget: NewShortcut1.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.) [Fichier non signé] Startup: C:\Users\Henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-06-08] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Pas de fichier) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {006AD5AB-3FE4-45C4-A4CC-001B5923D80E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-01] (Google Inc -> Google Inc.) Task: {1D1F5D85-327C-4A8E-AC1C-4CB92FB6EA5D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {2A9F6E25-0402-40A5-B37E-518B2F2203F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {42BB3D06-E0B7-46BD-B626-30C7F0D6DCF4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task Task: {54D8CBF6-0357-4AB0-B6AA-8F7585C2BE64} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {656372A4-5B66-4C47-B666-ED287A488E76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6588B7D1-413D-4149-A5C0-015EAB38F1A7} - System32\Tasks\Opera scheduled Autoupdate 1527579061 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {6E5571D2-8B3E-4D9D-8E48-8D003258A53F} - System32\Tasks\Opera scheduled Autoupdate 1549008994 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {801BCEA4-058A-4C86-93DB-FF2C7408D291} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {80BE7D08-D645-400B-B203-B50E777F5D64} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {8411C331-0984-489F-B73C-4A15DF1C15EC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {8ADB545B-D871-478F-A2CB-AFD928FE2ADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-01] (Google Inc -> Google Inc.) Task: {8F955799-565E-45BE-9DA9-628CABAA03A8} - System32\Tasks\NWC => C:\Program Files (x86)\ASCOMP Software\Synchredible\nwc.exe [332288 2014-09-30] () [Fichier non signé] Task: {914F42A1-A234-4D4C-BEE9-3B0C47311B53} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {93AA91AF-9EF0-49F6-B7B2-D55F112E02D3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115584 2022-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {AF1A4480-ED34-47E9-9A8E-DE5A1049FB6C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (Pas de fichier) Task: {B59B63FD-3DE2-4227-97C7-E242A070EE03} - System32\Tasks\Opera scheduled assistant Autoupdate 1582790383 => C:\Users\Henri\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Henri\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {C59C4E6F-07B9-4A9C-A022-599E7D242BEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D865E6A7-FE61-4927-A5E3-CB78EEE68BAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7B7A589-A413-468C-ABE8-1C98C7F8BDA8} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3813632654-1173275650-3664626441-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{19879ce2-1c74-4565-b275-747881acacd1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{69d572ee-aab2-4d1c-a160-0233d65e9b31}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bf5aa090-a170-41d9-8994-f2e456211bff}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\Henri\Downloads Edge Notifications: HKU\S-1-5-21-3813632654-1173275650-3664626441-1001 -> hxxps://www.planeteanimal.com; hxxps://www.fust.ch; hxxps://www.zdnet.fr Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.18.0_neutral__d55gg7py3s0m0 [non trouvé(e)] Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Henri\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24] Edge DownloadDir: Default -> C:\Users\Henri\Downloads Edge Notifications: Default -> hxxps://azurplus.fr; hxxps://codingcaptcha.com; hxxps://fr.admininfo.info; hxxps://fr.linuxteaching.com; hxxps://frameboxxindore.com; hxxps://home-theater-designers.com; hxxps://ofsp-coronavirus.ch; hxxps://www-filehorse-com.translate.goog; hxxps://www.astuces-aide-informatique.info; hxxps://www.bestcours.com; hxxps://www.cnetfrance.fr; hxxps://www.cuisineactuelle.fr; hxxps://www.facebook.com; hxxps://www.ferney-voltaire.fr; hxxps://www.filehorse.com; hxxps://www.fust.ch; hxxps://www.planeteanimal.com; hxxps://www.zdnet.fr Edge HomePage: Default -> hxxps://www.google.ch/ Edge StartupUrls: Default -> "hxxps://www.google.ch/" Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats} Edge Session Restore: Default -> est activé. FireFox: ======== FF DefaultProfile: 47x4uvma.default FF ProfilePath: C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\47x4uvma.default [2022-05-24] FF Homepage: Mozilla\Firefox\Profiles\47x4uvma.default -> hxxps://www.google.ch FF Notifications: Mozilla\Firefox\Profiles\47x4uvma.default -> hxxps://www.bluewin.ch FF Extension: (Telemetry coverage) - C:\Users\Henri\AppData\Roaming\Mozilla\Firefox\Profiles\47x4uvma.default\features\{2609e2cc-c3f8-4d2a-820a-e12513f5a638}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-22] [] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default [2022-05-24] CHR Notifications: Default -> hxxps://fr.aliexpress.com; hxxps://meinungsplatz.ch; hxxps://ofsp-coronavirus.ch; hxxps://www.conrad.ch; hxxps://www.lightinthebox.com; hxxps://www.zdnet.fr CHR Session Restore: Default -> est activé. CHR Extension: (Bureau à distance Google Chrome) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2020-03-28] CHR Extension: (Google Docs hors connexion) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-16] CHR Extension: (Video DownloadHelper) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-04] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3803376 2022-02-14] (philandro Software GmbH -> AnyDesk Software GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11762616 2022-05-24] (Microsoft Corporation -> Microsoft Corporation) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] R2 Everything; C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-20] (Malwarebytes Inc. -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [34304 2017-05-11] (CLEVO CO.) [Fichier non signé] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-05-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13269992 2022-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AirplaneModeHid; C:\WINDOWS\system32\DRIVERS\AirplaneModeHid.sys [52632 2017-06-23] (Insyde Software Corp. -> Insyde Corporation) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30320 2017-11-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73328 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53360 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22640 2018-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341104 2018-07-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MpKsl1b2e55c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11173DA4-2390-40D9-BCA7-9D0C29C6945F}\MpKslDrv.sys [137464 2022-05-24] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2017-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R2 WiseFs; C:\WINDOWS\WiseFs64.sys [66128 2018-07-29] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com) S3 MpKsl5d7f2d01; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFC41DF5-A634-4DD7-893D-A4B3A991BAC4}\MpKslDrv.sys [X] U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-24 17:49 - 2022-05-24 17:50 - 000027205 _____ C:\Users\Henri\Desktop\FRST.txt 2022-05-24 17:49 - 2022-05-24 17:49 - 000000000 ____D C:\FRST 2022-05-24 17:45 - 2022-05-24 17:44 - 002367488 _____ (Farbar) C:\Users\Henri\Desktop\FRST64.exe 2022-05-24 17:44 - 2022-05-24 17:44 - 002367488 _____ (Farbar) C:\Users\Henri\Downloads\FRST64.exe 2022-05-24 09:26 - 2022-05-24 09:26 - 000001860 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2022-05-24 09:26 - 2022-05-24 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2022-05-24 09:17 - 2022-05-24 09:24 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-05-24 09:17 - 2022-05-24 09:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2022-05-24 09:16 - 2022-05-24 11:22 - 000343374 _____ C:\WINDOWS\ntbtlog.txt 2022-05-24 09:13 - 2022-05-24 17:47 - 106168320 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-05-24 09:13 - 2022-05-24 09:14 - 215528880 _____ (SUPERAntiSpyware) C:\Users\Henri\Downloads\SUPERAntiSpyware.exe 2022-05-24 09:12 - 2022-05-24 09:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-05-24 09:02 - 2022-05-24 09:02 - 008551608 _____ (Malwarebytes) C:\Users\Henri\Downloads\adwcleaner (1).exe 2022-05-23 18:20 - 2022-05-23 18:20 - 008551608 _____ (Malwarebytes) C:\Users\Henri\Downloads\adwcleaner.exe 2022-05-23 09:46 - 2022-05-23 09:46 - 000101097 _____ C:\Users\Henri\Downloads\Raiffeisen_1653291987303.pdf 2022-05-18 11:28 - 2022-05-18 11:28 - 000101344 _____ C:\Users\Henri\Downloads\Raiffeisen_1652866081432.pdf 2022-05-18 11:28 - 2022-05-18 11:28 - 000101235 _____ C:\Users\Henri\Downloads\Raiffeisen_1652866112562.pdf 2022-05-16 16:38 - 2022-05-16 16:38 - 000421687 _____ C:\Users\Henri\Downloads\Non confirmé 782509.crdownload 2022-05-16 16:17 - 2022-05-16 16:17 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-05-16 16:16 - 2022-05-16 16:16 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-05-16 09:05 - 2022-05-16 09:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-05-16 09:05 - 2022-05-16 09:05 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-05-16 08:46 - 2022-05-16 08:46 - 000000000 ___HD C:\$WinREAgent 2022-05-11 16:10 - 2022-05-11 16:10 - 001408920 _____ (SOURCENEXT CORPORATION) C:\Users\Henri\Downloads\nettool_1223 (3).EXE 2022-05-10 17:16 - 2022-05-10 17:16 - 000069291 _____ C:\Users\Henri\Downloads\details_5114AE7DBBE342CAE7F474318E3ED3854A92D06AB9BA22864C895BBA718B3EDF_20220510 (2).pdf 2022-05-10 17:15 - 2022-05-10 17:15 - 000079154 _____ C:\Users\Henri\Downloads\details_5114AE7DBBE342CAE7F474318E3ED3854A92D06AB9BA22864C895BBA718B3EDF_20220510 (1).pdf 2022-05-10 17:15 - 2022-05-10 17:15 - 000069291 _____ C:\Users\Henri\Downloads\details_5114AE7DBBE342CAE7F474318E3ED3854A92D06AB9BA22864C895BBA718B3EDF_20220510.pdf 2022-05-10 17:12 - 2022-05-10 17:12 - 000139070 _____ C:\Users\Henri\Downloads\Facture_202204.pdf 10.05.2022.pdf 2022-05-06 12:08 - 2022-05-06 12:08 - 000138833 _____ C:\Users\Henri\Downloads\Facture_202204.pdf 2022-05-05 10:27 - 2022-05-05 10:27 - 000123377 _____ C:\Users\Henri\Downloads\Releve_n_003_du_31_03_2022_773223933_h3AQUDHb.pdf 2022-05-05 10:26 - 2022-05-05 10:26 - 000122826 _____ C:\Users\Henri\Downloads\Releve_n_002_du_28_02_2022_768862729_MC7GNWX2.pdf 2022-05-05 10:25 - 2022-05-05 10:25 - 000123392 _____ C:\Users\Henri\Downloads\Releve_n_004_du_29_04_2022_777136654_JECko7j7.pdf 2022-05-04 08:51 - 2022-05-04 08:51 - 000023478 _____ C:\Users\Henri\Downloads\Planning arrosage 2022 DV.pdf 2022-04-30 19:06 - 2022-04-30 19:06 - 000965236 _____ C:\Users\Henri\Downloads\Liste_regl_Berufe_F.pdf 2022-04-28 17:57 - 2022-04-28 17:57 - 000009030 _____ C:\WINDOWS\HL-2030.INI 2022-04-28 17:57 - 2022-04-28 17:57 - 000000151 _____ C:\WINDOWS\BRVIDEO.INI 2022-04-28 17:57 - 2022-04-28 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother HL-2030 2022-04-28 17:57 - 2022-04-28 17:57 - 000000000 ____D C:\Program Files (x86)\Brownie 2022-04-28 17:57 - 2022-04-28 17:57 - 000000000 ____D C:\Program Files (x86)\Brother 2022-04-28 17:57 - 2022-04-28 17:57 - 000000000 _____ C:\WINDOWS\brmx2001.ini 2022-04-28 17:57 - 2009-05-25 19:14 - 000196608 ____N (brother) C:\WINDOWS\SysWOW64\Pdrvinst.dll 2022-04-28 17:57 - 2008-10-23 00:00 - 000111928 ____N (Brother Industries Ltd) C:\WINDOWS\SysWOW64\BRRBTOOL.EXE 2022-04-28 17:57 - 2007-01-16 00:00 - 000024223 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\brlm03a.dll 2022-04-28 17:57 - 2006-12-21 11:23 - 000176128 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL 2022-04-28 17:57 - 2004-08-10 01:00 - 000000114 _____ C:\WINDOWS\SysWOW64\brlmw03a.ini 2022-04-28 17:57 - 2004-08-10 00:42 - 000077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\brlmw03a.dll 2022-04-28 17:56 - 2022-05-23 23:40 - 000000327 _____ C:\WINDOWS\Brownie.ini 2022-04-28 17:56 - 2022-04-28 17:56 - 000000000 ____D C:\Users\Henri\Downloads\install 2022-04-28 17:55 - 2022-04-28 17:55 - 105634606 _____ (A.I.SOFT,INC.) C:\Users\Henri\Downloads\HL2030_70-inst-win7-A2-fr.EXE 2022-04-28 17:54 - 2022-04-28 17:54 - 001408920 _____ (SOURCENEXT CORPORATION) C:\Users\Henri\Downloads\nettool_1223 (2).EXE 2022-04-28 17:24 - 2022-05-11 16:10 - 000000000 ____D C:\Users\Henri\Downloads\NetworkRepairTool 2022-04-28 17:24 - 2022-04-28 17:24 - 001408920 _____ (SOURCENEXT CORPORATION) C:\Users\Henri\Downloads\nettool_1223.EXE 2022-04-28 17:24 - 2022-04-28 17:24 - 001408920 _____ (SOURCENEXT CORPORATION) C:\Users\Henri\Downloads\nettool_1223 (1).EXE 2022-04-28 17:24 - 2022-04-28 17:24 - 000000000 ____D C:\ProgramData\Brother 2022-04-25 12:10 - 2022-04-25 12:10 - 000000000 ____D C:\Users\Henri\Desktop\CAISSE 2022-04-24 09:12 - 2022-04-24 09:14 - 000000000 ____D C:\Users\Henri\Desktop\Photos salle de bains 2022-04-24 08:54 - 2022-04-24 08:54 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-04-24 08:54 - 2022-04-24 08:54 - 000000000 ____D C:\Program Files\PCHealthCheck ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-24 17:50 - 2018-01-01 18:58 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-24 17:48 - 2022-02-14 12:29 - 000000000 ____D C:\ProgramData\AnyDesk 2022-05-24 17:48 - 2022-02-14 12:26 - 000000000 ____D C:\Users\Henri\AppData\Roaming\AnyDesk 2022-05-24 17:48 - 2020-08-05 12:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-05-24 17:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-24 17:48 - 2018-01-01 19:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-05-24 17:48 - 2017-12-28 20:27 - 000000000 __SHD C:\Users\Henri\IntelGraphicsProfiles 2022-05-24 17:47 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-05-24 17:33 - 2020-08-05 11:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-05-24 14:30 - 2020-08-05 12:01 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4C5EAB2D-1E0B-422A-ACD6-01D8CAA48455} 2022-05-24 11:53 - 2020-08-05 12:01 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-24 11:53 - 2019-12-07 16:50 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2022-05-24 11:53 - 2019-12-07 16:50 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2022-05-24 11:53 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-05-24 11:52 - 2020-11-29 14:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-05-24 11:46 - 2022-04-03 10:07 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-05-24 11:45 - 2018-01-01 19:05 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2022-05-24 11:22 - 2018-03-12 11:07 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2022-05-24 11:22 - 2018-03-12 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2022-05-24 11:22 - 2018-01-01 19:05 - 000000000 ____D C:\Program Files\RogueKiller 2022-05-24 09:19 - 2020-08-05 11:52 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-24 09:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-05-24 08:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-05-24 08:01 - 2018-04-15 09:14 - 000000000 ____D C:\Users\Henri\AppData\Roaming\WhatsApp 2022-05-23 17:29 - 2018-03-15 15:26 - 000001112 _____ C:\Users\Public\Desktop\PSWizard.lnk 2022-05-23 17:29 - 2018-03-15 15:26 - 000000000 ____D C:\Program Files (x86)\Network Print Monitor 2022-05-23 14:59 - 2018-07-11 12:47 - 000000000 ____D C:\Users\Henri\AppData\Local\D3DSCache 2022-05-22 08:18 - 2020-01-20 11:05 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-05-22 08:18 - 2020-01-20 11:05 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-05-19 08:15 - 2021-12-13 09:22 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3813632654-1173275650-3664626441-1001 2022-05-19 08:15 - 2020-08-05 12:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3813632654-1173275650-3664626441-1001 2022-05-19 08:15 - 2020-08-05 11:20 - 000002478 _____ C:\Users\Henri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-05-18 08:33 - 2021-10-22 11:57 - 000000000 ____D C:\Users\Henri\AppData\Local\WhatsApp 2022-05-16 17:00 - 2020-08-05 11:52 - 000460120 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-05-16 17:00 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-05-16 17:00 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-05-16 16:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-05-16 08:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-05-15 10:47 - 2018-01-01 18:42 - 000000000 ____D C:\Users\Henri\AppData\Roaming\CACHE 2022-05-13 08:31 - 2017-12-30 16:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-05-13 08:29 - 2017-12-30 16:32 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-05-11 16:47 - 2018-01-05 20:20 - 000177508 _____ C:\Users\Henri\Documents\brother 2030 2022-05-11 16:47 - 2018-01-05 20:20 - 000000441 _____ C:\WINDOWS\BRWMARK.INI 2022-05-11 16:47 - 2018-01-05 20:20 - 000000054 _____ C:\WINDOWS\SysWOW64\BD2030.DAT 2022-05-06 12:10 - 2020-06-12 09:59 - 000000000 ____D C:\Users\Henri\AppData\Local\Everything 2022-05-06 12:10 - 2020-06-07 12:07 - 000000000 ____D C:\Users\Henri\AppData\Roaming\Everything 2022-04-30 17:19 - 2017-12-28 18:55 - 000000000 ____D C:\Users\Henri\AppData\Local\Packages 2022-04-29 08:46 - 2020-08-05 12:01 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-29 08:46 - 2020-08-05 12:01 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-28 17:57 - 2017-12-28 20:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-04-28 17:23 - 2018-01-05 20:24 - 000000000 ____D C:\Users\Henri\AppData\Local\ElevatedDiagnostics 2022-04-25 12:09 - 2019-05-01 18:51 - 000000000 ____D C:\Users\Henri\Desktop\RUDY DOSSIER CANDIDATURE ==================== Fichiers à la racine de certains dossiers ======== 2018-01-02 13:37 - 2018-01-02 13:37 - 000527423 _____ ( ) C:\Users\Henri\Lame_v3.99.3_for_Windows.exe 2021-05-01 11:32 - 2021-05-01 11:32 - 129552592 _____ (WhatsApp) C:\Users\Henri\WhatsAppSetup.exe 2018-02-08 17:30 - 2018-02-08 17:30 - 000099384 _____ () C:\Users\Henri\AppData\Roaming\inst.exe 2019-11-02 13:43 - 2019-11-02 13:47 - 000000153 _____ () C:\Users\Henri\AppData\Roaming\licecap.ini 2018-02-08 17:30 - 2018-02-08 17:30 - 000007859 _____ () C:\Users\Henri\AppData\Roaming\pcouffin.cat 2018-02-08 17:30 - 2018-02-08 17:30 - 000001167 _____ () C:\Users\Henri\AppData\Roaming\pcouffin.inf 2018-02-08 17:30 - 2018-02-08 17:30 - 000000055 _____ () C:\Users\Henri\AppData\Roaming\pcouffin.log 2018-02-08 17:30 - 2018-02-08 17:30 - 000082816 _____ (VSO Software) C:\Users\Henri\AppData\Roaming\pcouffin.sys 2018-09-01 18:53 - 2018-09-01 18:53 - 000003584 _____ () C:\Users\Henri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================