cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par bernadette (administrateur) sur BERNADETTE (Acer Aspire E5-722) (18-04-2021 12:26:24)
Exécuté depuis C:\Users\baudr\Desktop
Profils chargés: bernadette
Platform: Windows 10 Home Version 2004 19041.867 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\baudr\AppData\Roaming\ZHP\ZHPSuite.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Button Manager moon] => C:\Program Files (x86)\Brother\Button Manager\moon.exe [1819648 2015-11-02] (Avision) [Fichier non signé]
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2016-02-03] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485400 2017-11-13] (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3624390122-424403623-1656999047-1004\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [3695552 2020-08-25] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-3624390122-424403623-1656999047-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3624390122-424403623-1656999047-1004\...\MountPoints2: {c03df097-48cf-11eb-9bc2-ace01082ed34} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3624390122-424403623-1656999047-1004\...\MountPoints2: {c253666b-c442-11ea-9baa-ace01082ed34} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDT.DLL [482816 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\WINDOWS\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS200 series: C:\WINDOWS\system32\CNMLMDT.DLL [1302016 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 8e11 Status Monitor: C:\WINDOWS\system32\hpinksts8e11LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\WSPDFelementMonitor.dll [271360 2017-10-19] (Wondershare Software) [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {040ADC94-C670-4C65-B145-7592FB3BEAA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {391E159D-4F26-487E-B887-3D3139A7C930} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-24] (Avast Software s.r.o. -> Avast Software)
Task: {3E605A17-5AA8-485F-A883-FBB7D30BF544} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {4933528F-507A-4C7E-BC2C-40A1DAA1E4BE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {5CC289D6-5A1D-4D98-AE73-45EAB2237761} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {61C4F562-B138-4F8E-BA9D-350E862596E4} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe
Task: {A7DF0CEF-14CB-44D7-A747-F7C0ECFFB522} - System32\Tasks\{70E2682E-EB3F-49EA-859A-6826F000AE86} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\User\Downloads\epson375164eu.exe -d C:\Users\User\Downloads
Task: {A8BF062C-2FEA-446D-AF31-E55F8FC7AEBC} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {ADBC6115-3456-40BF-9DDE-03967D9DF498} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {C4CE37CF-77C3-41D4-BC1B-8D5C72DAFFAC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {CF7AE703-3C82-4CA5-BC58-B4F4B3369D49} - System32\Tasks\{5D9EB491-3956-4173-8821-56A641EE10D7} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\User\Downloads\epson324006eu.exe -d C:\Users\User\Downloads
Task: {DDD93177-AECE-442B-910A-D0C35FDA8DF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {F19652D4-1164-4352-A4E2-16354B478791} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F2597A6C-14C5-4896-8512-EF524925096A} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EasyShare Registration RunOnce Task.job => rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_7.8.50.2.sxt

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{3e16e49a-a834-4ee8-ab1e-73d077fead29}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{7c934ee3-b7a9-4b25-9a6b-db78b5b900eb}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{b4929e30-c1c2-44de-9e6e-49403c415602}: [DhcpNameServer] 192.168.43.1

Edge:
=======
Edge Profile: C:\Users\baudr\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: seizzgtx.default-1514296093073
FF ProfilePath: C:\Users\baudr\AppData\Roaming\TomTom\HOME\Profiles\kbtnnllx.default [2017-03-03]
FF ProfilePath: C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073 [2021-04-18]
FF DownloadDir: C:\Users\baudr\Desktop
FF Homepage: Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073 -> hxxps://fr.yahoo.com/
FF Notifications: Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073 -> hxxps://mail.yahoo.com
FF Extension: (Forget me not - Nettoyez les cookies et autres données de navigation) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\forget-me-not@lusito.info.xpi [2020-09-20]
FF Extension: (I don't care about cookies) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-03-09]
FF Extension: (uBlock Origin) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-18]
FF Extension: (McAfee® WebAdvisor) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2021-04-08] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (NoScript) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-04-08]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\baudr\AppData\Roaming\Mozilla\Firefox\Profiles\seizzgtx.default-1514296093073\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Fichier non signé]
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [77472 2017-11-13] (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
S2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
S2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-04-17] (McAfee, LLC -> McAfee, LLC)
S2 Mobile_Series; C:\Windows\Mobile_Series_Service.exe [32768 2015-02-12] () [Fichier non signé]
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2017-11-13] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 Kb9xI2c; C:\WINDOWS\System32\drivers\Kb9xI2c.sys [29184 2014-05-06] (Microsoft Windows Hardware Compatibility Publisher -> ENE TECHNOLOGY INC.)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-18] (Malwarebytes Inc -> Malwarebytes)
S3 npf; C:\WINDOWS\System32\drivers\npf.sys [40464 2009-02-08] (CACE TECHNOLOGIES, LLC -> CACE Technologies)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-18 12:26 - 2021-04-18 12:28 - 000018659 _____ C:\Users\baudr\Desktop\FRST.txt
2021-04-18 12:25 - 2021-04-18 12:27 - 000000000 ____D C:\FRST
2021-04-18 12:24 - 2021-04-18 12:24 - 002298368 _____ (Farbar) C:\Users\baudr\Desktop\FRST64.exe
2021-04-18 11:37 - 2021-04-18 11:37 - 000393902 _____ C:\Users\baudr\Desktop\ZHPDiag.html
2021-04-18 11:37 - 2021-04-18 11:37 - 000317105 _____ C:\Users\baudr\Desktop\ZHPDiag.txt
2021-04-18 11:18 - 2021-04-18 11:18 - 000000909 _____ C:\Users\baudr\Desktop\ZHPSuite.lnk
2021-04-18 11:16 - 2021-04-18 11:16 - 003468440 _____ (Nicolas Coolman) C:\Users\baudr\Desktop\ZHPSuite.exe
2021-04-18 11:14 - 2021-04-18 11:14 - 000005027 _____ C:\Users\baudr\Desktop\rapport antimaware.txt
2021-04-18 11:03 - 2021-04-18 11:03 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-18 11:03 - 2021-04-18 11:03 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-18 11:03 - 2021-04-18 11:03 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-18 11:01 - 2021-04-18 11:01 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-18 11:01 - 2021-04-18 11:01 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-18 11:01 - 2021-04-18 11:01 - 000002063 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-18 11:01 - 2021-04-18 10:55 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-18 10:57 - 2021-04-18 11:01 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-18 10:57 - 2021-04-18 10:57 - 000000000 ____D C:\Users\baudr\AppData\Local\mbam
2021-04-18 10:56 - 2021-04-18 10:55 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-18 10:54 - 2021-04-18 10:54 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-18 10:53 - 2021-04-18 10:53 - 002078632 _____ (Malwarebytes) C:\Users\baudr\Desktop\MBSetup.exe
2021-04-18 10:43 - 2021-04-18 10:49 - 000000000 ____D C:\AdwCleaner
2021-04-18 10:41 - 2021-04-18 10:41 - 008457584 _____ (Malwarebytes) C:\Users\baudr\Desktop\adwcleaner_8.0.9.1.exe
2021-04-18 10:34 - 2021-04-18 10:34 - 000008460 _____ C:\Users\baudr\Desktop\ZHPCleaner (R).html
2021-04-18 10:34 - 2021-04-18 10:34 - 000002290 _____ C:\Users\baudr\Desktop\ZHPCleaner (R).txt
2021-04-18 10:31 - 2021-04-18 10:31 - 000008164 _____ C:\Users\baudr\Desktop\ZHPCleaner (S).html
2021-04-18 10:31 - 2021-04-18 10:31 - 000002103 _____ C:\Users\baudr\Desktop\ZHPCleaner (S).txt
2021-04-18 10:03 - 2021-04-18 10:03 - 000000919 _____ C:\Users\baudr\Desktop\ZHPCleaner.lnk
2021-04-18 10:00 - 2021-04-18 10:00 - 003326104 _____ (Nicolas Coolman) C:\Users\baudr\Desktop\ZHPCleaner.exe
2021-04-17 16:23 - 2021-04-18 09:46 - 000170594 _____ C:\WINDOWS\ntbtlog.txt
2021-04-17 16:23 - 2021-04-17 16:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-17 10:42 - 2021-04-18 11:37 - 000000000 ____D C:\Users\baudr\AppData\Roaming\ZHP
2021-04-17 10:42 - 2021-04-17 13:06 - 000000000 ____D C:\Users\baudr\AppData\Local\ZHP
2021-04-11 12:12 - 2021-04-11 12:17 - 000000000 ____D C:\Users\baudr\Desktop\vacances Ete 2020 margaux chez papi et mamie
2021-04-09 09:37 - 2021-04-09 09:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-09 09:33 - 2021-04-17 16:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-04-08 18:39 - 2021-04-08 18:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-08 18:38 - 2021-04-08 18:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-08 18:37 - 2021-04-08 18:37 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-08 18:37 - 2021-04-08 18:37 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-08 18:36 - 2021-04-08 18:36 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-08 18:36 - 2021-04-08 18:36 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-08 18:35 - 2021-04-08 18:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-08 18:35 - 2021-04-08 18:35 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-08 18:34 - 2021-04-08 18:34 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-08 18:34 - 2021-04-08 18:34 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-08 18:34 - 2021-04-08 18:34 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-21 12:06 - 2021-04-08 18:47 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-21 12:06 - 2021-03-21 12:06 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-21 12:05 - 2021-03-21 12:05 - 000000905 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-03-21 12:05 - 2021-03-21 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-21 12:02 - 2021-03-21 12:02 - 030972600 _____ (Piriform Software Ltd) C:\Users\baudr\Desktop\ccsetup577 ccleaner.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-18 12:24 - 2020-09-26 12:26 - 000004186 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6419FE75-C838-4D6D-8128-FB211EB97026}
2021-04-18 12:23 - 2019-02-05 14:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-18 12:22 - 2017-01-04 13:16 - 000000000 ____D C:\Users\baudr\AppData\LocalLow\Mozilla
2021-04-18 12:21 - 2020-09-26 11:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-18 12:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-18 11:12 - 2021-01-05 17:57 - 000000000 ____D C:\Users\baudr\Desktop\photos j3 a trier
2021-04-18 11:01 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-18 10:55 - 2016-02-04 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-18 10:49 - 2016-09-16 14:15 - 000000000 ____D C:\Users\baudr\AppData\Roaming\Hewlett-Packard
2021-04-18 10:49 - 2016-09-16 13:46 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-04-18 10:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-18 10:00 - 2018-12-17 12:07 - 000000000 ____D C:\Program Files\CCleaner
2021-04-18 09:59 - 2020-09-26 12:08 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 09:59 - 2019-12-07 16:49 - 000793010 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-18 09:59 - 2019-12-07 16:49 - 000150140 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-18 09:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-18 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-18 09:52 - 2020-09-26 11:45 - 000459736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-18 09:51 - 2020-09-26 12:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-18 09:51 - 2020-09-26 11:44 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-18 09:50 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 09:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-18 09:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-18 09:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-18 09:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-17 16:23 - 2016-02-01 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-17 16:21 - 2017-05-28 17:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-04-17 10:13 - 2017-04-13 10:33 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-17 10:08 - 2020-12-27 09:28 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-17 09:53 - 2020-12-23 10:46 - 000000000 ____D C:\ProgramData\AnyDesk
2021-04-17 09:53 - 2020-12-23 10:46 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-04-17 09:53 - 2020-12-22 17:24 - 000000000 ____D C:\Users\baudr\AppData\Roaming\AnyDesk
2021-04-17 09:45 - 2016-01-22 17:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-17 09:29 - 2016-01-22 17:10 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 10:47 - 2018-06-12 11:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-13 10:46 - 2020-12-27 09:27 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-13 10:46 - 2020-12-27 09:27 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-11 15:40 - 2021-01-01 18:13 - 000000000 ____D C:\Users\baudr\Desktop\honor 1er janvier
2021-04-09 10:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-09 09:37 - 2016-02-01 16:39 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-08 17:34 - 2019-01-21 17:58 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-03-21 12:17 - 2020-09-17 13:49 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-21 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-21 12:07 - 2017-04-10 14:27 - 000000000 ____D C:\temp

==================== Fichiers à la racine de certains dossiers ========

2016-09-05 15:30 - 2016-09-05 15:30 - 000000017 _____ () C:\Users\baudr\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité