Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Exécuté par edema (administrateur) sur LAPTOP-JQ6PQOL4 (LENOVO 80XV) (15-09-2019 12:53:27)
Exécuté depuis C:\Users\edema\Downloads
Profils chargés: edema & (Profils disponibles: defaultuser0 & edema)
Platform: Windows 10 Home Version 1803 17134.1006 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bloomberg Finance L.P.) [Fichier non signé] C:\blp\Wintrv\Smartclient\OfficeHost\blpaddinhost.exe
(Bloomberg L.P. -> Bloomberg L.P.) C:\blp\DAPI\bbcomm.exe
(Bloomberg L.P.) [Fichier non signé] C:\blp\API\Office Tools\bxlartd.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\edema\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\edema\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\edema\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [1044904 2016-12-30] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301146\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953747\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300064\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301193\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953779\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300095\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301350\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953794\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> )
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> )
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [179208 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> )
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [179208 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [Discord] => C:\Users\edema\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [CLRHost] => C:\blp\API\Office Tools\bbxlcmd.exe [2158592 2018-01-25] (Bloomberg L.P. -> )
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [Chromium] => c:\users\edema\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [EpicGamesLauncher] => "E:\FRNT\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Run: [com.squirrel.Teams.Teams] => C:\Users\edema\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-31] (Google LLC -> Google LLC)
Startup: C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-05-06]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {005150AB-48E5-457A-9338-BEFCFECC9126} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {0AC57BD3-9C0A-4510-8815-F91DA7D582AB} - System32\Tasks\{11279480-CCB7-C18F-C20E-41B8A20580B4}\Rilupe => C:\Users\edema\AppData\Local\Sogurekopud\Rilupe.exe [529920 2013-04-12] () [Fichier non signé]
Task: {0B8570F3-FA5D-499A-ABA2-70D8C9C14402} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0DD9C7CB-570C-458A-837C-592D2AF1E935} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {14E0821B-E214-4A0D-AE76-0D4FBC221C6D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B018958-DE73-4708-AC78-D6DD361BCA10} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {24C6F4C9-E965-4501-BA08-AA539D40F818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {31C0F808-E3D5-4863-A1E2-7076239B827B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45809232-0654-4C04-8ECA-E30623AD3EEB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a183bc84-f780-4989-812b-ba1b40a869a1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4947F0F3-2AD7-498A-836A-2DF0B8C36B43} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {498B709D-4F9A-4885-A188-D1F4CC83BA37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1569912 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D0A983E-B49E-4C85-AECF-59EFC0AA10F4} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {5D63CEF7-19AE-4A0A-8FBC-3F7FDD1C1385} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7D1915C6-6D79-4655-978E-3F8DC3312074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {87A2FBB1-6774-456C-B223-EDC69A58D096} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {A31FA9F4-7E58-4152-B812-490841C30D56} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A6FB7274-56B3-49DD-A42B-FFDAD524A0A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-18] (Google Inc -> Google Inc.)
Task: {ABE1380D-16D3-46FD-BBA7-CD37946A6B37} - System32\Tasks\HPCustParticipation HP ENVY 7640 series => C:\Program Files\HP\HP ENVY 7640 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {AFB30E96-5636-4A1D-ABAF-D97459EB109C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B832FA77-4DC8-49A3-8AE0-D6B44723D9A0} - System32\Tasks\App Explorer => C:\Users\edema\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7399080 2019-06-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {BC60274E-B6C1-4C82-93A9-7D64FBF70769} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BCFAEDF9-A5A4-4F15-B019-E3E91EFFD6AD} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C2E2A9F4-33AC-4688-8072-11325DF5062B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF1A8F0B-8906-4C26-BEA7-3AD191999AAE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\54c3e189-040e-4129-b719-0e368defb1c0 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D8C3D3DC-99DC-42DE-BF61-38EF866501BC} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DDB865B8-A74F-4084-AFCC-8BAB4DEEA5B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF0B6F6F-E4A3-441F-BADF-39599EB27841} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E09227B4-D210-4E58-8032-199F82FA6D32} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E42D8E76-8D15-4100-8830-6E8085FCD6F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4CF2B5B-C2C0-4095-8225-FC798FE7EFEB} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {F462D9F5-A439-4DA2-AA8D-28465B4F56B2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\968c013e-a93c-4e32-81d6-b1d1e8e17bab => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{14439d01-98a6-4a2e-9bbe-00c35ea33212}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7d6fcace-7f28-407f-9e08-8b4472fbf8c1}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {88C25964-E496-45D5-BE0E-EA12B873EBA8} URL =
SearchScopes: HKLM-x32 -> DefaultScope {88C25964-E496-45D5-BE0E-EA12B873EBA8} URL =
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142300142 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09142019142301396 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3655374664-1735676624-2911693723-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09152019123953841 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Pas de fichier
Edge:
======
DownloadDir: C:\Users\edema\Downloads
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.17.0_neutral__d55gg7py3s0m0 [2019-08-15]
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default [2019-08-26]
CHR Extension: (Slides) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-18]
CHR Extension: (Docs) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-18]
CHR Extension: (Google Drive) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-18]
CHR Extension: (YouTube) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-18]
CHR Extension: (Sheets) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-07-01]
CHR Extension: (Gmail) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\edema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-26]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atiesrxx.exe [475328 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] (BattlEye Innovations e.K. -> )
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2017-01-23] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-09-27] (FUTUREMARK INC -> Futuremark)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [190808 2018-07-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [54128 2017-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atikmdag.sys [44675376 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0331206.inf_amd64_4459b27c3381c034\B330720\atikmpag.sys [545072 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97672 2018-01-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-04-10] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [28752 2017-01-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-10] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-09-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-14] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-09-14] (Malwarebytes Corporation -> Malwarebytes)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD. -> CASIO COMPUTER CO.,LTD.)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [964136 2017-03-02] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [212552 2018-04-27] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)
U4 AppMgmt; pas de ImagePath
U4 CscService; pas de ImagePath
U4 napagent; pas de ImagePath
U4 PeerDistSvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-15 12:53 - 2019-09-15 12:55 - 000041649 _____ C:\Users\edema\Downloads\FRST.txt
2019-09-15 12:52 - 2019-09-15 12:53 - 000000000 ____D C:\FRST
2019-09-15 12:50 - 2019-09-15 12:50 - 001614848 _____ (Farbar) C:\Users\edema\Downloads\FRST64.exe
2019-09-15 12:48 - 2019-09-15 12:48 - 000000000 ___HD C:\$WINDOWS.~BT
2019-09-14 14:23 - 2019-09-14 14:23 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-14 14:23 - 2019-09-14 14:23 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-14 14:23 - 2019-09-14 14:23 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-14 14:23 - 2019-09-14 14:23 - 000000000 ___HD C:\OneDriveTemp
2019-09-14 14:22 - 2019-09-14 14:22 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-14 12:36 - 2019-09-14 12:36 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3655374664-1735676624-2911693723-1001
2019-09-14 12:36 - 2019-09-14 12:36 - 000002458 _____ C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-13 18:07 - 2019-09-04 12:16 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-13 18:07 - 2019-09-04 12:16 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-13 18:07 - 2019-09-04 12:16 - 000810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-13 18:07 - 2019-09-04 12:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-13 18:07 - 2019-09-04 12:16 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-13 18:07 - 2019-09-04 12:15 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-13 18:07 - 2019-09-04 12:15 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-13 18:07 - 2019-09-04 12:15 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-13 18:07 - 2019-09-04 12:15 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-13 18:07 - 2019-09-04 12:06 - 000581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-13 18:07 - 2019-09-04 12:06 - 000541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-13 18:07 - 2019-09-04 12:06 - 000402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-13 18:07 - 2019-09-04 12:01 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-13 18:07 - 2019-09-04 12:01 - 001516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-13 18:07 - 2019-09-04 12:00 - 021399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-13 18:07 - 2019-09-04 12:00 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-13 18:07 - 2019-09-04 11:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-13 18:07 - 2019-09-04 11:43 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-13 18:07 - 2019-09-04 11:40 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-13 18:07 - 2019-09-04 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-13 18:07 - 2019-09-04 11:40 - 000957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-13 18:07 - 2019-09-04 11:40 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-13 18:07 - 2019-09-04 11:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-09-13 18:07 - 2019-09-04 10:50 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-13 18:07 - 2019-09-04 10:33 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-13 18:07 - 2019-09-04 07:25 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-13 18:07 - 2019-09-04 07:25 - 001613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-09-13 18:07 - 2019-09-04 07:24 - 000705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-13 18:07 - 2019-09-04 07:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-13 18:07 - 2019-09-04 07:19 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-13 18:07 - 2019-09-04 07:19 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-13 18:07 - 2019-09-04 07:17 - 001213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-13 18:07 - 2019-09-04 07:17 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-13 18:07 - 2019-09-04 07:15 - 005627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-13 18:07 - 2019-09-04 07:15 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-13 18:07 - 2019-09-04 07:15 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-13 18:07 - 2019-09-04 07:15 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-13 18:07 - 2019-09-04 07:15 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 007437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 003290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 002469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-13 18:07 - 2019-09-04 07:14 - 000420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-09-13 18:07 - 2019-09-04 07:14 - 000361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-13 18:07 - 2019-09-04 07:13 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-13 18:07 - 2019-09-04 07:13 - 001141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-13 18:07 - 2019-09-04 07:13 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-13 18:07 - 2019-09-04 07:13 - 000692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-13 18:07 - 2019-09-04 07:13 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-13 18:07 - 2019-09-04 07:13 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-09-13 18:07 - 2019-09-04 07:13 - 000129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-13 18:07 - 2019-09-04 07:10 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-13 18:07 - 2019-09-04 07:03 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-13 18:07 - 2019-09-04 07:03 - 001993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-13 18:07 - 2019-09-04 07:02 - 006568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-13 18:07 - 2019-09-04 06:55 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-13 18:07 - 2019-09-04 06:48 - 019385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-13 18:07 - 2019-09-04 06:48 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-09-13 18:07 - 2019-09-04 06:46 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-09-13 18:07 - 2019-09-04 06:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-13 18:07 - 2019-09-04 06:45 - 022734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-13 18:07 - 2019-09-04 06:45 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-13 18:07 - 2019-09-04 06:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-13 18:07 - 2019-09-04 06:43 - 003402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-13 18:07 - 2019-09-04 06:43 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-13 18:07 - 2019-09-04 06:42 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-09-13 18:07 - 2019-09-04 06:42 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-09-13 18:07 - 2019-09-04 06:42 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-13 18:07 - 2019-09-04 06:42 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-13 18:07 - 2019-09-04 06:41 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-09-13 18:07 - 2019-09-04 06:41 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 002179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-13 18:07 - 2019-09-04 06:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 003203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 002166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-13 18:07 - 2019-09-04 06:39 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-13 18:07 - 2019-09-04 06:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-13 18:07 - 2019-09-04 06:38 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-13 18:07 - 2019-09-04 06:38 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-13 18:07 - 2019-09-04 06:38 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-09-13 18:07 - 2019-09-04 06:38 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-13 18:07 - 2019-09-04 05:22 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-09-13 18:07 - 2019-08-16 00:55 - 000786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-13 18:07 - 2019-08-16 00:55 - 000604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-13 18:07 - 2019-08-13 12:09 - 000771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-13 18:07 - 2019-08-13 12:09 - 000571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-09-13 18:07 - 2019-08-13 12:08 - 000117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-13 18:07 - 2019-08-13 11:51 - 004853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-09-13 18:07 - 2019-08-13 11:51 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-09-13 18:07 - 2019-08-13 11:50 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-09-13 18:07 - 2019-08-13 11:47 - 001262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-13 18:07 - 2019-08-13 06:54 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-13 18:07 - 2019-08-13 06:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-13 18:07 - 2019-08-13 06:46 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-13 18:07 - 2019-08-13 06:46 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-13 18:07 - 2019-08-13 06:45 - 000723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-13 18:07 - 2019-08-13 06:44 - 002161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-13 18:07 - 2019-08-13 06:44 - 001793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-13 18:07 - 2019-08-13 06:17 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-09-13 18:07 - 2019-08-13 06:16 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-13 18:07 - 2019-08-13 06:15 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-13 18:07 - 2019-08-13 06:14 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-09-13 18:07 - 2019-08-13 06:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-13 18:07 - 2019-08-13 06:13 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-13 18:07 - 2019-08-13 06:12 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-13 18:07 - 2019-08-13 06:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-13 18:07 - 2019-08-13 06:12 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2019-09-13 18:07 - 2019-08-13 06:12 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2019-09-13 18:07 - 2019-08-13 06:11 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-09-13 18:07 - 2019-08-13 06:08 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-13 18:07 - 2019-08-13 06:08 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-13 18:07 - 2019-08-13 06:08 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 18:07 - 2019-08-13 04:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-13 18:07 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-13 18:07 - 2019-08-13 04:49 - 000806328 _____ C:\WINDOWS\system32\locale.nls
2019-09-13 18:06 - 2019-09-04 12:01 - 000790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-13 18:06 - 2019-09-04 12:01 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-09-13 18:06 - 2019-09-04 12:00 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-13 18:06 - 2019-09-04 11:46 - 012838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-13 18:06 - 2019-09-04 11:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-13 18:06 - 2019-09-04 11:42 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-13 18:06 - 2019-09-04 11:41 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-13 18:06 - 2019-09-04 10:52 - 001453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-13 18:06 - 2019-09-04 10:52 - 000467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-13 18:06 - 2019-09-04 10:51 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-13 18:06 - 2019-09-04 10:51 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-09-13 18:06 - 2019-09-04 10:50 - 000356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-13 18:06 - 2019-09-04 10:48 - 020393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-13 18:06 - 2019-09-04 10:38 - 012039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-13 18:06 - 2019-09-04 10:38 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-13 18:06 - 2019-09-04 10:35 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-13 18:06 - 2019-09-04 07:24 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-13 18:06 - 2019-09-04 07:24 - 001298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-09-13 18:06 - 2019-09-04 07:15 - 000500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-13 18:06 - 2019-09-04 07:15 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 009084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-13 18:06 - 2019-09-04 07:13 - 004405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 002773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 002571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-13 18:06 - 2019-09-04 07:13 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-13 18:06 - 2019-09-04 07:13 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-13 18:06 - 2019-09-04 07:13 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-13 18:06 - 2019-09-04 07:13 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-13 18:06 - 2019-09-04 07:05 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-13 18:06 - 2019-09-04 07:04 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 006046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 002331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 002261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 001980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 000581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-13 18:06 - 2019-09-04 07:03 - 000538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-13 18:06 - 2019-09-04 07:02 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-13 18:06 - 2019-09-04 07:02 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-13 18:06 - 2019-09-04 07:02 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-13 18:06 - 2019-09-04 07:02 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-13 18:06 - 2019-09-04 06:54 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-13 18:06 - 2019-09-04 06:45 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-09-13 18:06 - 2019-09-04 06:45 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-13 18:06 - 2019-09-04 06:44 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-09-13 18:06 - 2019-09-04 06:44 - 004388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-13 18:06 - 2019-09-04 06:44 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-13 18:06 - 2019-09-04 06:43 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-09-13 18:06 - 2019-09-04 06:43 - 004849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 007572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-13 18:06 - 2019-09-04 06:42 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-13 18:06 - 2019-09-04 06:41 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-09-13 18:06 - 2019-09-04 06:41 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-13 18:06 - 2019-09-04 06:41 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-09-13 18:06 - 2019-09-04 06:41 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-13 18:06 - 2019-09-04 06:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-09-13 18:06 - 2019-09-04 06:40 - 001808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-13 18:06 - 2019-09-04 06:40 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-09-13 18:06 - 2019-09-04 06:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-13 18:06 - 2019-09-04 06:39 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-13 18:06 - 2019-09-04 06:39 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-13 18:06 - 2019-09-04 06:39 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-09-13 18:06 - 2019-09-04 06:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-09-13 18:06 - 2019-09-04 06:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-13 18:06 - 2019-09-04 06:38 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-09-13 18:06 - 2019-09-04 06:38 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-13 18:06 - 2019-08-15 11:59 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-13 18:06 - 2019-08-13 20:21 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-13 18:06 - 2019-08-13 20:21 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-09-13 18:06 - 2019-08-13 20:20 - 003701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-13 18:06 - 2019-08-13 20:20 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-13 18:06 - 2019-08-13 20:06 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-09-13 18:06 - 2019-08-13 20:06 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-13 18:06 - 2019-08-13 20:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-13 18:06 - 2019-08-13 20:05 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-13 18:06 - 2019-08-13 17:06 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-13 18:06 - 2019-08-13 17:04 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-13 18:06 - 2019-08-13 17:04 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-13 18:06 - 2019-08-13 16:46 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-13 18:06 - 2019-08-13 16:45 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-09-13 18:06 - 2019-08-13 16:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2019-09-13 18:06 - 2019-08-13 16:43 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-13 18:06 - 2019-08-13 16:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-09-13 18:06 - 2019-08-13 16:43 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2019-09-13 18:06 - 2019-08-13 16:42 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-13 18:06 - 2019-08-13 16:40 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-09-13 18:06 - 2019-08-13 16:39 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-13 18:06 - 2019-08-13 12:14 - 004040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-13 18:06 - 2019-08-13 11:49 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-13 18:06 - 2019-08-13 11:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-13 18:06 - 2019-08-13 11:46 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-13 18:06 - 2019-08-13 11:46 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-13 18:06 - 2019-08-13 08:37 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-13 18:06 - 2019-08-13 06:45 - 002718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-13 18:06 - 2019-08-13 06:45 - 000722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-13 18:06 - 2019-08-13 06:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-13 18:06 - 2019-08-13 06:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-13 18:06 - 2019-08-13 06:11 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-13 18:06 - 2019-08-13 06:11 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-09-13 18:06 - 2019-08-13 02:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-13 18:06 - 2019-08-13 02:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-13 18:06 - 2019-08-13 02:57 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-13 18:06 - 2019-08-13 02:57 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-11 19:06 - 2019-09-11 19:06 - 000009380 _____ C:\Users\edema\Desktop\Super calculateur.xlsx
2019-09-10 20:01 - 2019-09-10 20:01 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-10 19:58 - 2019-09-01 05:57 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-10 19:58 - 2019-09-01 05:57 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-10 19:56 - 2019-09-10 19:56 - 000001047 _____ C:\Users\edema\Desktop\Celestia.lnk
2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\{11279480-CCB7-C18F-C20E-41B8A20580B4}
2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\Users\edema\AppData\Local\Sogurekopud
2019-09-10 19:56 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celestia
2019-09-10 19:55 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\{3E1E0222-1636-7A5A-4E6E-5272A6868AAA}
2019-09-10 19:55 - 2019-09-10 19:56 - 000000000 ____D C:\Program Files (x86)\Celestia
2019-09-10 19:55 - 2019-09-10 19:55 - 000002983 _____ C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search Powered by Yahoo!.lnk
2019-09-10 19:54 - 2019-09-10 19:56 - 000000000 ____D C:\ProgramData\xaaea
2019-09-10 19:54 - 2019-09-10 19:54 - 034363645 _____ (Shatters Software ) C:\Users\edema\Downloads\Celestia.exe
2019-08-31 11:28 - 2019-08-31 11:28 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000002404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-31 11:28 - 2019-08-31 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2019-08-31 11:20 - 2019-08-31 11:20 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-26 19:17 - 2019-08-26 19:40 - 210309526 _____ C:\Users\edema\Downloads\FTBBeyondServer_1.11.0 (1).zip
2019-08-26 19:15 - 2019-08-26 19:15 - 000000000 ____D C:\Users\edema\AppData\Roaming\Google
2019-08-26 19:06 - 2019-08-26 19:06 - 210309526 _____ C:\Users\edema\Downloads\FTBBeyondServer_1.11.0.zip
2019-08-24 16:53 - 2019-08-24 16:56 - 000010197 _____ C:\Users\edema\Desktop\Simulation.xlsx
2019-08-24 16:52 - 2019-08-24 16:52 - 000000000 ____D C:\Users\edema\Desktop\Paul Landrin
2019-08-23 11:26 - 2019-08-23 11:26 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-23 11:26 - 2019-08-23 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-23 11:26 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-08-23 11:26 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-08-22 19:17 - 2019-08-22 19:17 - 000002413 _____ C:\Users\edema\Desktop\Microsoft Teams.lnk
2019-08-22 19:17 - 2019-08-22 19:17 - 000000000 ____D C:\Users\edema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-08-22 19:17 - 2019-08-22 19:17 - 000000000 ____D C:\Users\edema\AppData\Roaming\Microsoft Teams
2019-08-21 18:30 - 2019-08-21 18:30 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2019-08-19 19:26 - 1996-12-25 00:32 - 1459978240 ____N C:\Users\edema\Downloads\Super Mario Sunshine (Europe) (En,Fr,De,Es,It).iso
2019-08-19 19:22 - 2019-08-19 19:22 - 1370729234 _____ C:\Users\edema\Downloads\Super Mario Sunshine (Europe) (En,Fr,De,Es,It).zip
2019-08-19 19:15 - 2019-08-19 19:15 - 000000000 ____D C:\Program Files\AVAST Software
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-15 12:57 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-15 12:48 - 2018-05-21 12:34 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-15 12:38 - 2018-05-21 19:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-14 15:57 - 2017-12-26 17:07 - 000000000 ____D C:\Users\edema\AppData\Local\PlaceholderTileLogoFolder
2019-09-14 15:57 - 2017-12-26 16:49 - 000000000 ____D C:\Users\edema\AppData\Local\Packages
2019-09-14 14:34 - 2018-07-08 19:26 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-14 14:27 - 2018-05-21 19:33 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-14 14:27 - 2018-04-12 18:18 - 000791028 _____ C:\WINDOWS\system32\perfh00C.dat
2019-09-14 14:27 - 2018-04-12 18:18 - 000149524 _____ C:\WINDOWS\system32\perfc00C.dat
2019-09-14 14:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-14 14:23 - 2017-12-24 21:45 - 000000000 ___RD C:\Users\edema\OneDrive
2019-09-14 14:22 - 2018-05-21 19:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-14 14:22 - 2018-05-21 19:24 - 000000000 ____D C:\Users\edema
2019-09-14 14:22 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-09-14 14:22 - 2017-09-18 05:51 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2019-09-14 13:59 - 2017-12-24 22:35 - 000000000 ____D C:\Users\edema\Desktop\Papa
2019-09-14 13:50 - 2018-05-21 19:24 - 000000000 ____D C:\Users\edema\AppData\Local\Host App Service
2019-09-14 13:47 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-14 13:47 - 2017-12-26 17:05 - 000000000 ___RD C:\Users\edema\3D Objects
2019-09-14 13:47 - 2016-07-29 19:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-14 12:51 - 2018-05-21 19:21 - 000290600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-14 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-14 12:50 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-14 12:34 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-13 18:14 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-08 21:46 - 2018-12-31 12:56 - 000000000 ____D C:\Users\edema\Desktop\Brignac
2019-09-01 16:29 - 2018-12-31 13:13 - 000000000 ____D C:\Users\edema\Desktop\Travaux Malesherbes 2018
2019-08-31 11:27 - 2017-09-18 05:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-31 11:25 - 2019-06-17 22:37 - 000002225 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-31 11:25 - 2018-09-18 22:35 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-31 11:24 - 2017-12-25 11:37 - 000000000 ____D C:\Program Files\rempl
2019-08-24 14:31 - 2019-06-23 15:37 - 000000000 ____D C:\Users\edema\Evernote
2019-08-23 11:26 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-22 19:18 - 2018-01-19 17:37 - 000000000 ____D C:\Users\edema\AppData\Local\SquirrelTemp
2019-08-16 01:17 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-16 01:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
==================== Fichiers à la racine de certains dossiers ================
2018-04-18 12:10 - 2018-04-18 12:10 - 000003987 _____ () C:\Users\edema\AppData\Local\recently-used.xbel
2018-08-12 18:35 - 2018-11-20 14:49 - 000007597 _____ () C:\Users\edema\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt ================
2018-06-27 20:03 - 2018-06-27 20:03 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2018-06-27 20:03 - 2018-06-27 20:03 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2018-02-08 18:40 - 1997-02-27 00:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMCT2FR.DLL
2018-02-08 18:40 - 1998-07-13 01:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2017-09-18 05:53 - 2017-09-18 15:26 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2018-02-08 18:40 - 1997-02-27 00:00 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMFR.DLL
2018-02-08 18:40 - 1997-02-27 00:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMSKFR.DLL
2018-02-08 18:40 - 2001-08-28 14:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2018-02-08 18:40 - 1997-02-27 00:00 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SYSINFR.DLL
2018-02-08 18:40 - 1998-07-13 01:00 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL
2018-02-08 18:40 - 1997-07-29 00:50 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5FR.DLL
2019-09-10 19:54 - 2019-09-10 19:54 - 034363645 _____ (Shatters Software ) C:\Users\edema\Downloads\Celestia.exe
2019-09-15 12:50 - 2019-09-15 12:50 - 001614848 _____ (Farbar) C:\Users\edema\Downloads\FRST64.exe
2019-05-29 14:05 - 2019-05-29 14:05 - 095911542 _____ (The Scribus Team) C:\Users\edema\Downloads\Scribus.exe
2019-05-06 17:50 - 2019-05-06 17:52 - 015382528 _____ C:\Users\edema\Downloads\Shotcut.exe
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ============================