Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Exécuté par lebar (administrateur) sur DESKTOP-6U2EG80 (04-09-2021 13:24:12)
Exécuté depuis C:\Users\lebar\OneDrive\Bureau
Profils chargés: lebar
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Users\lebar\AppData\Local\Temp\csrss\injector\injector.exe
() [Fichier non signé] C:\Windows\rss\csrss.exe
(Accès refusé) [Fichier non signé] C:\Windows\windefender.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Users\lebar\Autodesk\Genuine Service\GenuineService.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\LAClient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logicool\SetPointP\SetPoint.exe
(Marvell Semiconductor -> Marvell) C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\SnagPriv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9029088 2016-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logicool\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2020\Snagit32.exe [9285600 2019-12-05] (TechSmith Corporation -> TechSmith Corporation)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Run: [LivelyWind] => C:\WINDOWS\rss\csrss.exe [4663808 2021-08-19] () [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\MountPoints2: {c39093fb-ad79-11eb-985f-086a0a1a210e} - "D:\Bin\ASSETUP.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2021-05-05]
ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing LLC -> WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2021-05-22]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2021-05-05]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing LLC -> WinZip Computing, S.L.)
Startup: C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2021-08-15]
ShortcutTarget: GenuineService.lnk -> C:\Users\lebar\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
Startup: C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUNDLL32.EXE.lnk [2021-08-30] <==== ATTENTION
ShortcutAndArgument: RUNDLL32.EXE.lnk -> C:\Windows\System32\rundll32.exe => C:\Users\lebar\AppData\Local\Temp\AGXXVR~1.DLL,kkpINQ==
BootExecute: PDBoot.exeautocheck autochk *
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07429A81-DDB8-4F0E-B084-F6B661CD7B0E} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {0C0A2B8E-832F-49D8-BF7B-B4C145E5F9F6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {16EA209C-D482-4E41-B8D6-1D5744342949} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {1C4AD972-A080-4A0A-B1F7-3DCE209AEEB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29067801-4B56-4150-BEAD-3EA07EEDEF96} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704 2014-07-31] (TechSmith Corporation -> TechSmith Corporation)
Task: {2A3C1171-CA91-4859-A894-4B54CD1F9F55} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {341C8CD8-AC0E-4EE9-B5B4-39F207EEA42A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {3773AB36-0592-4429-B53A-C2A2E951146E} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {4B508AF1-F4DA-4834-9D11-4FC7DD7B5649} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [248928 2016-05-02] (WinZip Computing LLC -> WinZip Computing, S.L.)
Task: {4CC326F0-A442-4790-A575-B8FED89B7804} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51FC7C9E-9EA8-495C-841D-8F4B4A36FFA5} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2021-08-13] (Stanislav Zinukhov -> www.startisback.com)
Task: {576DF106-8F81-4B7A-B7D2-E80F60238DED} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {6073BFFF-C65F-4BBF-BBDE-7AD5D2862085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77810F5D-E8B0-4FD6-8544-A7EC6FD6A653} - System32\Tasks\csrss => C:\WINDOWS\rss\csrss.exe [4663808 2021-08-19] () [Fichier non signé] <==== ATTENTION
Task: {8BC76E17-5A7A-486B-86CA-18AC9F75B5C9} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {99D99F2A-B808-49E5-AF79-654271181551} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32704 2021-02-02] (Microsoft Corporation -> Microsoft)
Task: {A631241C-6172-42C3-958E-ED37FACE9C45} - System32\Tasks\Smart Clock => C:\Users\lebar\AppData\Roaming\Smart Clock\SmartClock.exe <==== ATTENTION
Task: {ABBEB20C-62A6-4178-BBF4-D22FA84DEC0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B43A400C-761A-4032-946C-2995779B7BF8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {C4B3F8CA-ACA1-4AAC-B162-50983EA5837B} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20013672 2021-05-13] (Goversoft LLC -> Goversoft LLC)
Task: {C615B541-7BE6-4E84-A753-E105A45E30B5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB0C02D8-F14E-4CFB-BEC2-5075588B821B} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D0249F4F-FAFA-4E1A-A7C3-ED090C86D839} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {E9A23018-E205-496D-984E-484E22F98CC6} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {FE25F2B2-2146-409A-B05E-DAFC11C5D792} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2323928 2021-02-02] (Microsoft Corporation -> Microsoft)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1200616464-3371344902-2719527435-1001] => 127.0.0.1:17736
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{10dd2f77-5908-4d3e-9f3c-649778d06607}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{10dd2f77-5908-4d3e-9f3c-649778d06607}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{c5389600-5779-44bc-a34b-f8b137677855}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lebar\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-04]
Edge Notifications: Default -> hxxps://0.checkup02.biz
Edge Extension: (Plus) - C:\Users\lebar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2021-08-20]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_8_conv@pdfforge.org] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi
FF Extension: (PDF Architect 8 Creator) - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi [2020-11-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logicool\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logicool\SetPointP\LogiSmoothFirefoxExt [2021-05-07] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_8_conv@pdfforge.org] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: PDF Architect 8 -> C:\Program Files\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 8 -> C:\Program Files (x86)\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default [2021-09-03]
CHR DownloadDir: C:\Users\lebar\Downloads
CHR Notifications: Default -> hxxps://0.brandalpha.ru; hxxps://allowsuccess.org; hxxps://beastbuying.com; hxxps://flymedia.club; hxxps://quicklisti.com; hxxps://www.youtube.com; hxxps://www109.zippyshare.com
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-01]
CHR Extension: (Docs) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-01]
CHR Extension: (Google Drive) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-01]
CHR Extension: (YouTube) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-01]
CHR Extension: (Sheets) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Citations en bas de page) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghccdmbfigmijeekcmgieglignhcddcc [2021-08-19]
CHR Extension: (Plus) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2021-08-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-01]
CHR Extension: (Gmail) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-07]
Opera:
=======
OPR Profile: C:\Users\lebar\AppData\Roaming\Opera Software\Opera Stable [2021-05-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\lebar\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-02-20] (ASUSTeK Computer Inc. -> )
R2 Marvell PNP Listener; C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe [96584 2014-11-28] (Marvell Semiconductor -> Marvell)
S3 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14657832 2021-07-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefender; C:\WINDOWS\windefender.exe [1987072 2021-08-19] (Accès refusé) [Fichier non signé] <==== ATTENTION
S2 AdAppMgrSvc; "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe" [X]
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-07-14] (CPUID -> CPUID)
R2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [120960 2015-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Raxco Software, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (cert@ezbsystems.com -> EZB Systems, Inc.)
R3 MpKsl92d3e0a5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1054590-B440-46B2-992C-0DF369956ADD}\MpKslDrv.sys [130296 2021-09-04] (Microsoft Windows -> Microsoft Corporation)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-13] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 13:20 - 2021-09-04 13:24 - 000000000 ____D C:\FRST
2021-09-02 21:19 - 2021-09-02 21:19 - 000000000 ____D C:\Users\lebar\AppData\Local\WhyNotWin11
2021-09-01 10:51 - 2021-08-31 18:50 - 000014833 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_12.ods
2021-09-01 10:51 - 2021-08-31 11:04 - 000017943 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_0_1.odt
2021-09-01 10:51 - 2021-08-31 11:04 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_11.odt
2021-08-31 12:00 - 2021-08-31 12:15 - 000000000 ___RD C:\Users\lebar\OneDrive\Documents\Scanned Documents
2021-08-31 12:00 - 2021-08-31 12:00 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Fax
2021-08-31 10:46 - 2021-08-30 17:05 - 000017944 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_0.odt
2021-08-31 10:46 - 2021-08-30 17:05 - 000014305 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_11.ods
2021-08-31 10:46 - 2021-08-30 17:05 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_10.odt
2021-08-30 20:21 - 2021-08-30 20:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-08-30 16:49 - 2021-08-28 20:56 - 000026228 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_1.odt
2021-08-30 16:49 - 2021-08-28 20:40 - 000014316 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_10.ods
2021-08-30 16:49 - 2021-08-28 20:40 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_9.odt
2021-08-30 16:22 - 2021-09-03 17:18 - 014009564 _____ C:\ProgramData\Gskyj.tmp
2021-08-30 16:20 - 2021-08-30 16:20 - 000000000 ____D C:\ProgramData\Posse
2021-08-30 16:19 - 2021-08-31 08:35 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Smart Clock
2021-08-30 16:19 - 2021-08-30 16:19 - 000003090 _____ C:\WINDOWS\system32\Tasks\Smart Clock
2021-08-30 16:19 - 2021-08-30 16:19 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Seraph
2021-08-30 16:19 - 2021-08-30 16:19 - 000000000 ____D C:\Program Files (x86)\foler
2021-08-30 10:56 - 2021-08-30 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2021-08-30 10:56 - 2021-08-30 10:56 - 000000000 ____D C:\Program Files (x86)\Free PDF to Word Doc Converter
2021-08-28 20:21 - 2021-08-27 09:35 - 000014174 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_9.ods
2021-08-27 09:20 - 2021-08-26 17:12 - 000014682 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_4.ods
2021-08-27 09:20 - 2021-08-26 11:11 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_8.odt
2021-08-26 10:50 - 2021-08-25 21:34 - 000014287 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_8.ods
2021-08-26 10:50 - 2021-08-25 10:03 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_7.odt
2021-08-25 17:23 - 2021-08-25 17:23 - 004359626 _____ C:\Users\lebar\OneDrive\Documents\REPAM P14.tif
2021-08-25 09:05 - 2021-08-24 09:24 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_6.odt
2021-08-24 09:08 - 2021-08-22 10:33 - 000014447 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_1.odt
2021-08-22 08:48 - 2021-08-20 21:20 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_5.odt
2021-08-20 21:05 - 2021-08-20 17:23 - 000014452 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_7.ods
2021-08-20 21:05 - 2021-08-20 16:33 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_4.odt
2021-08-20 16:14 - 2021-08-19 10:24 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_3.odt
2021-08-19 21:32 - 2021-09-04 12:00 - 000003270 _____ C:\WINDOWS\system32\Tasks\csrss
2021-08-19 21:32 - 2021-08-19 21:32 - 001987072 ____H C:\WINDOWS\windefender.exe
2021-08-19 21:32 - 2021-08-19 21:32 - 000000000 ___HD C:\WINDOWS\rss
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\ProgramData\SketchUp
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2020
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\Program Files\SketchUp
2021-08-19 17:09 - 2021-08-19 17:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-19 10:02 - 2021-08-18 10:55 - 000014258 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_6.ods
2021-08-19 10:02 - 2021-08-18 10:55 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_2.odt
2021-08-19 09:00 - 2021-08-19 09:00 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Thinstall
2021-08-19 09:00 - 2021-08-19 09:00 - 000000000 ____D C:\Users\lebar\AppData\Local\Thinstall
2021-08-18 19:55 - 2021-08-18 19:55 - 000770583 _____ C:\Users\lebar\OneDrive\Documents\Autocad LT 2022 fr.nds
2021-08-18 10:05 - 2021-08-17 20:03 - 000015904 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_1.odt
2021-08-18 10:05 - 2021-08-17 20:03 - 000014258 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_5.ods
2021-08-17 19:47 - 2021-08-17 09:11 - 000010749 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0.odt
2021-08-17 19:47 - 2021-08-17 07:35 - 000014247 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_4.ods
2021-08-17 07:20 - 2021-08-16 21:39 - 000014166 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_3.ods
2021-08-16 16:41 - 2021-08-16 16:41 - 000116785 _____ C:\Users\lebar\OneDrive\Documents\test PCR DU 16-08-2021 (ENGEL_JEAN MARIE_2ddocNeg).pdf
2021-08-16 09:11 - 2021-08-16 09:11 - 000000000 ____D C:\Users\lebar\AppData\Roaming\PDF Architect 8
2021-08-16 09:11 - 2021-08-16 09:11 - 000000000 ____D C:\spellings
2021-08-16 09:08 - 2021-08-30 11:00 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8.lnk
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\Program Files\PDF Architect 8
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\Program Files (x86)\PDF Architect 8
2021-08-16 09:08 - 2021-08-16 09:08 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\PDF Architect
2021-08-16 09:08 - 2021-08-16 09:08 - 000000000 ____D C:\ProgramData\PDF Architect 8
2021-08-15 20:11 - 2021-08-15 20:11 - 002638140 _____ C:\WINDOWS\Minidump\081521-96562-01.dmp
2021-08-15 20:06 - 2021-08-15 18:11 - 000028226 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_1_1.odt
2021-08-15 18:58 - 2021-08-15 20:11 - 969864106 _____ C:\WINDOWS\MEMORY.DMP
2021-08-15 18:58 - 2021-08-15 20:11 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-15 18:58 - 2021-08-15 18:58 - 002772268 _____ C:\WINDOWS\Minidump\081521-107734-01.dmp
2021-08-15 18:09 - 2021-08-15 18:09 - 000000000 ____D C:\Users\lebar\Autodesk
2021-08-15 18:08 - 2021-08-18 10:42 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-08-15 17:15 - 2021-08-15 17:18 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-08-15 10:19 - 2021-08-15 10:19 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Ashampoo Burning Studio 22
2021-08-15 09:32 - 2021-08-15 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2021-08-15 09:32 - 2021-08-15 09:32 - 000000000 ____D C:\Program Files\Cybelsoft
2021-08-15 09:30 - 2021-08-15 09:32 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Cybelsoft
2021-08-15 09:27 - 2021-08-15 09:27 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Ashampoo
2021-08-15 09:13 - 2021-08-15 09:13 - 000000000 ____D C:\ProgramData\Ashampoo
2021-08-14 21:49 - 2021-08-14 21:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-08-14 21:28 - 2021-08-14 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-08-14 21:28 - 2021-08-14 21:28 - 000000000 ____D C:\Program Files (x86)\FinalWire
2021-08-13 18:46 - 2021-08-13 08:56 - 000028440 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_0_1.odt
2021-08-13 16:38 - 2021-08-13 16:38 - 000000000 ____D C:\Program Files\Programmes 2
2021-08-13 08:41 - 2021-08-12 13:04 - 000028442 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_0.odt
2021-08-12 09:04 - 2021-08-15 10:54 - 000000028 _____ C:\WINDOWS\Setup_WIDownload.info
2021-08-12 09:04 - 2021-08-11 18:39 - 000025531 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_1.odt
2021-08-11 14:22 - 2021-08-11 14:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 14:22 - 2021-08-11 14:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 14:22 - 2021-08-11 14:22 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 14:22 - 2021-08-11 14:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 14:22 - 2021-08-11 14:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 14:22 - 2021-08-11 14:22 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 14:22 - 2021-08-11 14:22 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 14:18 - 2021-08-11 14:18 - 000000000 ___HD C:\$WinREAgent
2021-08-11 11:24 - 2021-08-11 11:24 - 000000000 ____D C:\Users\lebar\AppData\Local\CEF
2021-08-11 11:11 - 2021-08-11 11:13 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Autodesk
2021-08-11 11:09 - 2021-08-15 09:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD MEP 2022 - Français (French)
2021-08-11 11:09 - 2021-08-11 11:09 - 000000013 _____ C:\WINDOWS\system32\AecArchXKey.txt
2021-08-11 11:09 - 2021-08-11 11:09 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Inventor Server for AutoCAD
2021-08-11 11:04 - 2021-08-11 11:04 - 000000000 ____D C:\Program Files\dotnet
2021-08-11 11:03 - 2021-08-18 10:42 - 000000000 ____D C:\Program Files\Autodesk
2021-08-10 20:56 - 2021-08-13 10:53 - 000000000 ____D C:\Program Files (x86)\StartIsBack
2021-08-10 20:56 - 2021-08-10 20:56 - 000003428 _____ C:\WINDOWS\system32\Tasks\StartIsBack health check
2021-08-10 20:53 - 2021-08-10 20:53 - 000003656 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-08-10 19:58 - 2021-08-10 19:59 - 000116680 _____ C:\Users\lebar\OneDrive\Documents\ENGEL_JEAN MARIE_2ddocNeg.pdf
2021-08-10 10:29 - 2021-09-04 08:40 - 000000000 ____D C:\Program Files\TeamViewer
2021-08-10 10:29 - 2021-08-10 11:07 - 000000000 ____D C:\Users\lebar\AppData\Roaming\TeamViewer
2021-08-10 10:29 - 2021-08-10 10:29 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-08-10 10:29 - 2021-08-10 10:29 - 000000000 ____D C:\Users\lebar\AppData\Local\TeamViewer
2021-08-09 16:28 - 2021-08-09 16:28 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-08-09 09:21 - 2021-08-08 09:19 - 000013865 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_3.ods
2021-08-08 08:39 - 2021-08-07 18:01 - 000014464 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_2.ods
2021-08-07 20:32 - 2021-08-18 10:43 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Autodesk
2021-08-07 20:32 - 2021-08-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-08-07 20:32 - 2021-08-18 10:42 - 000000000 ____D C:\ProgramData\Autodesk
2021-08-07 20:32 - 2021-08-17 08:00 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Autodesk Installer
2021-08-07 20:30 - 2021-08-15 18:10 - 000000000 ____D C:\Users\lebar\AppData\Local\Autodesk
2021-08-07 20:29 - 2021-08-23 21:36 - 000000000 ____D C:\Autodesk
2021-08-07 09:04 - 2021-08-06 10:57 - 000012974 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_2.ods
2021-08-06 09:49 - 2021-08-06 09:49 - 000012929 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_1.ods
2021-08-06 09:17 - 2021-07-19 10:30 - 000012689 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_1.ods
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 13:19 - 2021-05-05 17:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-04 12:43 - 2021-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-04 12:25 - 2021-05-22 10:10 - 000000000 ____D C:\Users\lebar\AppData\Local\CrashDumps
2021-09-04 12:00 - 2021-04-30 19:40 - 000000000 __SHD C:\Users\lebar\IntelGraphicsProfiles
2021-09-04 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-04 08:44 - 2021-05-05 17:43 - 000002686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-04 08:44 - 2019-12-07 16:50 - 001428558 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-04 08:44 - 2019-12-07 16:50 - 000357314 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-04 08:40 - 2021-05-05 17:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-04 08:40 - 2021-05-05 17:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-04 08:40 - 2021-04-30 19:37 - 000000000 ____D C:\Intel
2021-09-03 22:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-03 22:17 - 2021-05-05 17:36 - 000000000 ____D C:\Users\lebar
2021-09-03 22:17 - 2021-04-30 19:42 - 000000000 ___RD C:\Users\lebar\OneDrive
2021-09-03 19:53 - 2021-05-05 11:25 - 000000000 ____D C:\Program Files\WinZip
2021-09-03 19:51 - 2021-05-14 17:39 - 000000000 ____D C:\Users\lebar\AppData\Roaming\vlc
2021-09-03 19:51 - 2021-05-05 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2021-09-03 19:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-03 19:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-03 19:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-09-03 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-03 09:00 - 2021-05-05 11:25 - 000000000 ____D C:\ProgramData\WinZip
2021-09-02 21:19 - 2021-05-04 18:40 - 000000000 ____D C:\Users\lebar\AppData\Local\D3DSCache
2021-08-30 10:57 - 2021-04-30 19:40 - 000000000 ____D C:\Users\lebar\AppData\Local\VirtualStore
2021-08-29 09:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-28 19:00 - 2021-05-05 17:35 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-25 10:29 - 2021-05-18 17:30 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Snagit
2021-08-25 09:01 - 2021-05-07 20:00 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-08-21 20:56 - 2021-05-13 10:35 - 000000000 ____D C:\Users\lebar\AppData\Local\PrivaZer
2021-08-19 21:19 - 2021-04-30 19:40 - 000000000 ____D C:\Users\lebar\AppData\Local\Packages
2021-08-19 17:17 - 2021-05-06 11:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-08-19 08:15 - 2021-05-27 09:29 - 000345184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-18 10:01 - 2021-05-01 20:13 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-16 21:58 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-08-16 08:43 - 2021-05-06 08:09 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 08:43 - 2021-05-06 08:09 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d741c512204f65
2021-08-15 14:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-15 09:32 - 2021-05-05 11:38 - 000000000 ____D C:\ProgramData\DriversCloud.com
2021-08-15 09:27 - 2021-05-17 08:54 - 000000000 ____D C:\Users\lebar\AppData\Local\Ashampoo
2021-08-15 09:13 - 2021-05-17 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-08-15 09:12 - 2021-05-17 08:49 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2021-08-13 10:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-11 21:20 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-11 21:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 14:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 14:18 - 2021-05-01 13:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-11 14:16 - 2021-05-01 13:51 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 11:05 - 2021-05-05 10:58 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-10 20:56 - 2021-05-01 18:51 - 000000000 ____D C:\Users\lebar\AppData\Local\StartIsBack
2021-08-10 09:08 - 2021-04-30 18:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-06 13:11 - 2021-05-01 13:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-06 08:45 - 2021-05-05 10:35 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-06 08:38 - 2021-05-05 17:41 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-06 08:38 - 2021-05-05 17:41 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-05-04 09:18 - 2021-05-04 09:18 - 000000017 _____ () C:\Users\lebar\AppData\Local\resmon.resmoncfg
==================== FLock ==============================
2021-08-19 21:32 C:\WINDOWS\windefender.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par lebar (administrateur) sur DESKTOP-6U2EG80 (04-09-2021 13:24:12)
Exécuté depuis C:\Users\lebar\OneDrive\Bureau
Profils chargés: lebar
Platform: Windows 10 Pro Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Users\lebar\AppData\Local\Temp\csrss\injector\injector.exe
() [Fichier non signé] C:\Windows\rss\csrss.exe
(Accès refusé) [Fichier non signé] C:\Windows\windefender.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Users\lebar\Autodesk\Genuine Service\GenuineService.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\LAClient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logicool\SetPointP\SetPoint.exe
(Marvell Semiconductor -> Marvell) C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2020\SnagPriv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9029088 2016-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logicool\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2020\Snagit32.exe [9285600 2019-12-05] (TechSmith Corporation -> TechSmith Corporation)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Run: [LivelyWind] => C:\WINDOWS\rss\csrss.exe [4663808 2021-08-19] () [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1200616464-3371344902-2719527435-1001\...\MountPoints2: {c39093fb-ad79-11eb-985f-086a0a1a210e} - "D:\Bin\ASSETUP.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2021-05-05]
ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing LLC -> WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2021-05-22]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2021-05-05]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing LLC -> WinZip Computing, S.L.)
Startup: C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2021-08-15]
ShortcutTarget: GenuineService.lnk -> C:\Users\lebar\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
Startup: C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUNDLL32.EXE.lnk [2021-08-30] <==== ATTENTION
ShortcutAndArgument: RUNDLL32.EXE.lnk -> C:\Windows\System32\rundll32.exe => C:\Users\lebar\AppData\Local\Temp\AGXXVR~1.DLL,kkpINQ==
BootExecute: PDBoot.exeautocheck autochk *
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07429A81-DDB8-4F0E-B084-F6B661CD7B0E} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {0C0A2B8E-832F-49D8-BF7B-B4C145E5F9F6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {16EA209C-D482-4E41-B8D6-1D5744342949} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {1C4AD972-A080-4A0A-B1F7-3DCE209AEEB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29067801-4B56-4150-BEAD-3EA07EEDEF96} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704 2014-07-31] (TechSmith Corporation -> TechSmith Corporation)
Task: {2A3C1171-CA91-4859-A894-4B54CD1F9F55} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {341C8CD8-AC0E-4EE9-B5B4-39F207EEA42A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {3773AB36-0592-4429-B53A-C2A2E951146E} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe
Task: {4B508AF1-F4DA-4834-9D11-4FC7DD7B5649} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [248928 2016-05-02] (WinZip Computing LLC -> WinZip Computing, S.L.)
Task: {4CC326F0-A442-4790-A575-B8FED89B7804} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51FC7C9E-9EA8-495C-841D-8F4B4A36FFA5} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [70984 2021-08-13] (Stanislav Zinukhov -> www.startisback.com)
Task: {576DF106-8F81-4B7A-B7D2-E80F60238DED} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
Task: {6073BFFF-C65F-4BBF-BBDE-7AD5D2862085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77810F5D-E8B0-4FD6-8544-A7EC6FD6A653} - System32\Tasks\csrss => C:\WINDOWS\rss\csrss.exe [4663808 2021-08-19] () [Fichier non signé] <==== ATTENTION
Task: {8BC76E17-5A7A-486B-86CA-18AC9F75B5C9} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {99D99F2A-B808-49E5-AF79-654271181551} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32704 2021-02-02] (Microsoft Corporation -> Microsoft)
Task: {A631241C-6172-42C3-958E-ED37FACE9C45} - System32\Tasks\Smart Clock => C:\Users\lebar\AppData\Roaming\Smart Clock\SmartClock.exe <==== ATTENTION
Task: {ABBEB20C-62A6-4178-BBF4-D22FA84DEC0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B43A400C-761A-4032-946C-2995779B7BF8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {C4B3F8CA-ACA1-4AAC-B162-50983EA5837B} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20013672 2021-05-13] (Goversoft LLC -> Goversoft LLC)
Task: {C615B541-7BE6-4E84-A753-E105A45E30B5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB0C02D8-F14E-4CFB-BEC2-5075588B821B} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D0249F4F-FAFA-4E1A-A7C3-ED090C86D839} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {E9A23018-E205-496D-984E-484E22F98CC6} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
Task: {FE25F2B2-2146-409A-B05E-DAFC11C5D792} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2323928 2021-02-02] (Microsoft Corporation -> Microsoft)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1200616464-3371344902-2719527435-1001] => 127.0.0.1:17736
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{10dd2f77-5908-4d3e-9f3c-649778d06607}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{10dd2f77-5908-4d3e-9f3c-649778d06607}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{c5389600-5779-44bc-a34b-f8b137677855}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lebar\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-04]
Edge Notifications: Default -> hxxps://0.checkup02.biz
Edge Extension: (Plus) - C:\Users\lebar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2021-08-20]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_8_conv@pdfforge.org] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi
FF Extension: (PDF Architect 8 Creator) - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi [2020-11-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logicool\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logicool\SetPointP\LogiSmoothFirefoxExt [2021-05-07] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_8_conv@pdfforge.org] - C:\Program Files\PDF Architect 8\creator\plugins\FirefoxAddin\pdf_architect_conv@pdfforge.org.xpi
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: PDF Architect 8 -> C:\Program Files\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 8 -> C:\Program Files (x86)\PDF Architect 8\np-previewer.dll [2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default [2021-09-03]
CHR DownloadDir: C:\Users\lebar\Downloads
CHR Notifications: Default -> hxxps://0.brandalpha.ru; hxxps://allowsuccess.org; hxxps://beastbuying.com; hxxps://flymedia.club; hxxps://quicklisti.com; hxxps://www.youtube.com; hxxps://www109.zippyshare.com
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-01]
CHR Extension: (Docs) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-01]
CHR Extension: (Google Drive) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-01]
CHR Extension: (YouTube) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-01]
CHR Extension: (Sheets) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Citations en bas de page) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghccdmbfigmijeekcmgieglignhcddcc [2021-08-19]
CHR Extension: (Plus) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2021-08-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-01]
CHR Extension: (Gmail) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\lebar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-07]
Opera:
=======
OPR Profile: C:\Users\lebar\AppData\Roaming\Opera Software\Opera Stable [2021-05-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\lebar\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-05-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-02-20] (ASUSTeK Computer Inc. -> )
R2 Marvell PNP Listener; C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe [96584 2014-11-28] (Marvell Semiconductor -> Marvell)
S3 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14657832 2021-07-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefender; C:\WINDOWS\windefender.exe [1987072 2021-08-19] (Accès refusé) [Fichier non signé] <==== ATTENTION
S2 AdAppMgrSvc; "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe" [X]
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-07-14] (CPUID -> CPUID)
R2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [120960 2015-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Raxco Software, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (cert@ezbsystems.com -> EZB Systems, Inc.)
R3 MpKsl92d3e0a5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1054590-B440-46B2-992C-0DF369956ADD}\MpKslDrv.sys [130296 2021-09-04] (Microsoft Windows -> Microsoft Corporation)
R0 mvs91xx; C:\WINDOWS\System32\drivers\mvs91xx.sys [342760 2016-04-13] (Marvell Semiconductor, Inc. -> Marvell Semiconductor, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 13:20 - 2021-09-04 13:24 - 000000000 ____D C:\FRST
2021-09-02 21:19 - 2021-09-02 21:19 - 000000000 ____D C:\Users\lebar\AppData\Local\WhyNotWin11
2021-09-01 10:51 - 2021-08-31 18:50 - 000014833 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_12.ods
2021-09-01 10:51 - 2021-08-31 11:04 - 000017943 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_0_1.odt
2021-09-01 10:51 - 2021-08-31 11:04 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_11.odt
2021-08-31 12:00 - 2021-08-31 12:15 - 000000000 ___RD C:\Users\lebar\OneDrive\Documents\Scanned Documents
2021-08-31 12:00 - 2021-08-31 12:00 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Fax
2021-08-31 10:46 - 2021-08-30 17:05 - 000017944 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_0.odt
2021-08-31 10:46 - 2021-08-30 17:05 - 000014305 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_11.ods
2021-08-31 10:46 - 2021-08-30 17:05 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_10.odt
2021-08-30 20:21 - 2021-08-30 20:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-08-30 16:49 - 2021-08-28 20:56 - 000026228 _____ C:\Users\lebar\OneDrive\Documents\AUTODESK%20REVIT%202022.doc_1.odt
2021-08-30 16:49 - 2021-08-28 20:40 - 000014316 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_10.ods
2021-08-30 16:49 - 2021-08-28 20:40 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_9.odt
2021-08-30 16:22 - 2021-09-03 17:18 - 014009564 _____ C:\ProgramData\Gskyj.tmp
2021-08-30 16:20 - 2021-08-30 16:20 - 000000000 ____D C:\ProgramData\Posse
2021-08-30 16:19 - 2021-08-31 08:35 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Smart Clock
2021-08-30 16:19 - 2021-08-30 16:19 - 000003090 _____ C:\WINDOWS\system32\Tasks\Smart Clock
2021-08-30 16:19 - 2021-08-30 16:19 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Seraph
2021-08-30 16:19 - 2021-08-30 16:19 - 000000000 ____D C:\Program Files (x86)\foler
2021-08-30 10:56 - 2021-08-30 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2021-08-30 10:56 - 2021-08-30 10:56 - 000000000 ____D C:\Program Files (x86)\Free PDF to Word Doc Converter
2021-08-28 20:21 - 2021-08-27 09:35 - 000014174 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_9.ods
2021-08-27 09:20 - 2021-08-26 17:12 - 000014682 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_4.ods
2021-08-27 09:20 - 2021-08-26 11:11 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_8.odt
2021-08-26 10:50 - 2021-08-25 21:34 - 000014287 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_8.ods
2021-08-26 10:50 - 2021-08-25 10:03 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_7.odt
2021-08-25 17:23 - 2021-08-25 17:23 - 004359626 _____ C:\Users\lebar\OneDrive\Documents\REPAM P14.tif
2021-08-25 09:05 - 2021-08-24 09:24 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_6.odt
2021-08-24 09:08 - 2021-08-22 10:33 - 000014447 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_1.odt
2021-08-22 08:48 - 2021-08-20 21:20 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_5.odt
2021-08-20 21:05 - 2021-08-20 17:23 - 000014452 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_7.ods
2021-08-20 21:05 - 2021-08-20 16:33 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_4.odt
2021-08-20 16:14 - 2021-08-19 10:24 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_3.odt
2021-08-19 21:32 - 2021-09-04 12:00 - 000003270 _____ C:\WINDOWS\system32\Tasks\csrss
2021-08-19 21:32 - 2021-08-19 21:32 - 001987072 ____H C:\WINDOWS\windefender.exe
2021-08-19 21:32 - 2021-08-19 21:32 - 000000000 ___HD C:\WINDOWS\rss
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\ProgramData\SketchUp
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2020
2021-08-19 17:17 - 2021-08-19 17:17 - 000000000 ____D C:\Program Files\SketchUp
2021-08-19 17:09 - 2021-08-19 17:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-08-19 10:02 - 2021-08-18 10:55 - 000014258 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_6.ods
2021-08-19 10:02 - 2021-08-18 10:55 - 000010891 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_2.odt
2021-08-19 09:00 - 2021-08-19 09:00 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Thinstall
2021-08-19 09:00 - 2021-08-19 09:00 - 000000000 ____D C:\Users\lebar\AppData\Local\Thinstall
2021-08-18 19:55 - 2021-08-18 19:55 - 000770583 _____ C:\Users\lebar\OneDrive\Documents\Autocad LT 2022 fr.nds
2021-08-18 10:05 - 2021-08-17 20:03 - 000015904 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0_1.odt
2021-08-18 10:05 - 2021-08-17 20:03 - 000014258 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_5.ods
2021-08-17 19:47 - 2021-08-17 09:11 - 000010749 _____ C:\Users\lebar\OneDrive\Documents\Liens%20cjoint%20pour%20egrzi%20(autodesk%202020).doc_0.odt
2021-08-17 19:47 - 2021-08-17 07:35 - 000014247 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_4.ods
2021-08-17 07:20 - 2021-08-16 21:39 - 000014166 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_3.ods
2021-08-16 16:41 - 2021-08-16 16:41 - 000116785 _____ C:\Users\lebar\OneDrive\Documents\test PCR DU 16-08-2021 (ENGEL_JEAN MARIE_2ddocNeg).pdf
2021-08-16 09:11 - 2021-08-16 09:11 - 000000000 ____D C:\Users\lebar\AppData\Roaming\PDF Architect 8
2021-08-16 09:11 - 2021-08-16 09:11 - 000000000 ____D C:\spellings
2021-08-16 09:08 - 2021-08-30 11:00 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8.lnk
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\Program Files\PDF Architect 8
2021-08-16 09:08 - 2021-08-30 11:00 - 000000000 ____D C:\Program Files (x86)\PDF Architect 8
2021-08-16 09:08 - 2021-08-16 09:08 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\PDF Architect
2021-08-16 09:08 - 2021-08-16 09:08 - 000000000 ____D C:\ProgramData\PDF Architect 8
2021-08-15 20:11 - 2021-08-15 20:11 - 002638140 _____ C:\WINDOWS\Minidump\081521-96562-01.dmp
2021-08-15 20:06 - 2021-08-15 18:11 - 000028226 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_1_1.odt
2021-08-15 18:58 - 2021-08-15 20:11 - 969864106 _____ C:\WINDOWS\MEMORY.DMP
2021-08-15 18:58 - 2021-08-15 20:11 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-15 18:58 - 2021-08-15 18:58 - 002772268 _____ C:\WINDOWS\Minidump\081521-107734-01.dmp
2021-08-15 18:09 - 2021-08-15 18:09 - 000000000 ____D C:\Users\lebar\Autodesk
2021-08-15 18:08 - 2021-08-18 10:42 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2021-08-15 17:15 - 2021-08-15 17:18 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-08-15 10:19 - 2021-08-15 10:19 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Ashampoo Burning Studio 22
2021-08-15 09:32 - 2021-08-15 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2021-08-15 09:32 - 2021-08-15 09:32 - 000000000 ____D C:\Program Files\Cybelsoft
2021-08-15 09:30 - 2021-08-15 09:32 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Cybelsoft
2021-08-15 09:27 - 2021-08-15 09:27 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Ashampoo
2021-08-15 09:13 - 2021-08-15 09:13 - 000000000 ____D C:\ProgramData\Ashampoo
2021-08-14 21:49 - 2021-08-14 21:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-08-14 21:28 - 2021-08-14 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-08-14 21:28 - 2021-08-14 21:28 - 000000000 ____D C:\Program Files (x86)\FinalWire
2021-08-13 18:46 - 2021-08-13 08:56 - 000028440 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_0_1.odt
2021-08-13 16:38 - 2021-08-13 16:38 - 000000000 ____D C:\Program Files\Programmes 2
2021-08-13 08:41 - 2021-08-12 13:04 - 000028442 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_0.odt
2021-08-12 09:04 - 2021-08-15 10:54 - 000000028 _____ C:\WINDOWS\Setup_WIDownload.info
2021-08-12 09:04 - 2021-08-11 18:39 - 000025531 _____ C:\Users\lebar\OneDrive\Documents\Installation%20d'une%20application%20Autodesk%202022.doc_1.odt
2021-08-11 14:22 - 2021-08-11 14:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 14:22 - 2021-08-11 14:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 14:22 - 2021-08-11 14:22 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 14:22 - 2021-08-11 14:22 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 14:22 - 2021-08-11 14:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 14:22 - 2021-08-11 14:22 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 14:22 - 2021-08-11 14:22 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 14:18 - 2021-08-11 14:18 - 000000000 ___HD C:\$WinREAgent
2021-08-11 11:24 - 2021-08-11 11:24 - 000000000 ____D C:\Users\lebar\AppData\Local\CEF
2021-08-11 11:11 - 2021-08-11 11:13 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Autodesk
2021-08-11 11:09 - 2021-08-15 09:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD MEP 2022 - Français (French)
2021-08-11 11:09 - 2021-08-11 11:09 - 000000013 _____ C:\WINDOWS\system32\AecArchXKey.txt
2021-08-11 11:09 - 2021-08-11 11:09 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Inventor Server for AutoCAD
2021-08-11 11:04 - 2021-08-11 11:04 - 000000000 ____D C:\Program Files\dotnet
2021-08-11 11:03 - 2021-08-18 10:42 - 000000000 ____D C:\Program Files\Autodesk
2021-08-10 20:56 - 2021-08-13 10:53 - 000000000 ____D C:\Program Files (x86)\StartIsBack
2021-08-10 20:56 - 2021-08-10 20:56 - 000003428 _____ C:\WINDOWS\system32\Tasks\StartIsBack health check
2021-08-10 20:53 - 2021-08-10 20:53 - 000003656 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-08-10 19:58 - 2021-08-10 19:59 - 000116680 _____ C:\Users\lebar\OneDrive\Documents\ENGEL_JEAN MARIE_2ddocNeg.pdf
2021-08-10 10:29 - 2021-09-04 08:40 - 000000000 ____D C:\Program Files\TeamViewer
2021-08-10 10:29 - 2021-08-10 11:07 - 000000000 ____D C:\Users\lebar\AppData\Roaming\TeamViewer
2021-08-10 10:29 - 2021-08-10 10:29 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-08-10 10:29 - 2021-08-10 10:29 - 000000000 ____D C:\Users\lebar\AppData\Local\TeamViewer
2021-08-09 16:28 - 2021-08-09 16:28 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-08-09 09:21 - 2021-08-08 09:19 - 000013865 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_3.ods
2021-08-08 08:39 - 2021-08-07 18:01 - 000014464 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_2.ods
2021-08-07 20:32 - 2021-08-18 10:43 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Autodesk
2021-08-07 20:32 - 2021-08-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2021-08-07 20:32 - 2021-08-18 10:42 - 000000000 ____D C:\ProgramData\Autodesk
2021-08-07 20:32 - 2021-08-17 08:00 - 000000000 ____D C:\Users\lebar\AppData\Roaming\Autodesk Installer
2021-08-07 20:30 - 2021-08-15 18:10 - 000000000 ____D C:\Users\lebar\AppData\Local\Autodesk
2021-08-07 20:29 - 2021-08-23 21:36 - 000000000 ____D C:\Autodesk
2021-08-07 09:04 - 2021-08-06 10:57 - 000012974 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_2.ods
2021-08-06 09:49 - 2021-08-06 09:49 - 000012929 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_0_1.ods
2021-08-06 09:17 - 2021-07-19 10:30 - 000012689 _____ C:\Users\lebar\OneDrive\Documents\Matos.xls_3_1.ods
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 13:19 - 2021-05-05 17:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-04 12:43 - 2021-05-01 20:12 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-04 12:25 - 2021-05-22 10:10 - 000000000 ____D C:\Users\lebar\AppData\Local\CrashDumps
2021-09-04 12:00 - 2021-04-30 19:40 - 000000000 __SHD C:\Users\lebar\IntelGraphicsProfiles
2021-09-04 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-04 08:44 - 2021-05-05 17:43 - 000002686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-04 08:44 - 2019-12-07 16:50 - 001428558 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-04 08:44 - 2019-12-07 16:50 - 000357314 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-04 08:40 - 2021-05-05 17:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-04 08:40 - 2021-05-05 17:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-04 08:40 - 2021-04-30 19:37 - 000000000 ____D C:\Intel
2021-09-03 22:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-03 22:17 - 2021-05-05 17:36 - 000000000 ____D C:\Users\lebar
2021-09-03 22:17 - 2021-04-30 19:42 - 000000000 ___RD C:\Users\lebar\OneDrive
2021-09-03 19:53 - 2021-05-05 11:25 - 000000000 ____D C:\Program Files\WinZip
2021-09-03 19:51 - 2021-05-14 17:39 - 000000000 ____D C:\Users\lebar\AppData\Roaming\vlc
2021-09-03 19:51 - 2021-05-05 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2021-09-03 19:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-03 19:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-03 19:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-09-03 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-03 09:00 - 2021-05-05 11:25 - 000000000 ____D C:\ProgramData\WinZip
2021-09-02 21:19 - 2021-05-04 18:40 - 000000000 ____D C:\Users\lebar\AppData\Local\D3DSCache
2021-08-30 10:57 - 2021-04-30 19:40 - 000000000 ____D C:\Users\lebar\AppData\Local\VirtualStore
2021-08-29 09:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-28 19:00 - 2021-05-05 17:35 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-25 10:29 - 2021-05-18 17:30 - 000000000 ____D C:\Users\lebar\OneDrive\Documents\Snagit
2021-08-25 09:01 - 2021-05-07 20:00 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-08-21 20:56 - 2021-05-13 10:35 - 000000000 ____D C:\Users\lebar\AppData\Local\PrivaZer
2021-08-19 21:19 - 2021-04-30 19:40 - 000000000 ____D C:\Users\lebar\AppData\Local\Packages
2021-08-19 17:17 - 2021-05-06 11:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-08-19 08:15 - 2021-05-27 09:29 - 000345184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-18 10:01 - 2021-05-01 20:13 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-16 21:58 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-08-16 08:43 - 2021-05-06 08:09 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 08:43 - 2021-05-06 08:09 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d741c512204f65
2021-08-15 14:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-15 09:32 - 2021-05-05 11:38 - 000000000 ____D C:\ProgramData\DriversCloud.com
2021-08-15 09:27 - 2021-05-17 08:54 - 000000000 ____D C:\Users\lebar\AppData\Local\Ashampoo
2021-08-15 09:13 - 2021-05-17 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-08-15 09:12 - 2021-05-17 08:49 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2021-08-13 10:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-11 21:20 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-11 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-11 21:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 14:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 14:18 - 2021-05-01 13:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-11 14:16 - 2021-05-01 13:51 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 11:05 - 2021-05-05 10:58 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-10 20:56 - 2021-05-01 18:51 - 000000000 ____D C:\Users\lebar\AppData\Local\StartIsBack
2021-08-10 09:08 - 2021-04-30 18:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-06 13:11 - 2021-05-01 13:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-06 08:45 - 2021-05-05 10:35 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-06 08:38 - 2021-05-05 17:41 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-06 08:38 - 2021-05-05 17:41 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-05-04 09:18 - 2021-05-04 09:18 - 000000017 _____ () C:\Users\lebar\AppData\Local\resmon.resmoncfg
==================== FLock ==============================
2021-08-19 21:32 C:\WINDOWS\windefender.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================