Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Exécuté par micha (administrateur) sur DESKTOP-76LU7UO (ASUSTeK COMPUTER INC. X705UA) (21-12-2021 21:42:01)
Exécuté depuis C:\Users\micha\Downloads
Profils chargés: micha
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\MSCaches\Apply\FilesInUse\XXRR85FA5F-5AE7-4FB4-952B-7F02457AAB21\Edge.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Edge] => C:\Program Files (x86)\MSCaches\Apply\FilesInUse\XXRR85FA5F-5AE7-4FB4-952B-7F02457AAB21\Edge.exe [190976 2021-11-28] () [Fichier non signé]
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [22941928 2020-06-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> )
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [HP ENVY Photo 6200 (NET) #3] => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [1] wscript.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [3] mshta.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {120f12fe-e302-11eb-bc09-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {736ff926-5af9-11eb-bbf6-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {8ceff9b5-019d-11eb-bbd9-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {981d49f9-db06-11eb-bc07-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {faf8065c-423e-11ec-bc1a-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-402 403 405 406 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIJE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)
IFEO\LogTransport2.exe: [Debugger] 0
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2629BA31-ED7F-49FC-89E2-A797C09DFE34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4294F046-9386-48D3-84A4-745A2C4D9972} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {45096619-1241-4A88-8140-495812DEA7B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {4FFCE04C-5B67-4FBC-8CA8-12270959E2D9} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1895940577-2902757496-4188428450-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {53EA057D-0944-4203-BA32-530205015D1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5555D0D1-46D6-4FD3-8BE5-1B9DD0124CC5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {60BE80AF-EEA2-4A6E-AFBC-FC87188DE21A} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-03-21] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {628EC7DA-21A6-40B6-8CB3-7E6C8EB74C1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {63517732-ABC6-4ED8-A6B8-146C34138CD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {7497A485-FF3F-4AEA-83C2-80C247748A21} - System32\Tasks\HPPrintMonitorService => C:\Program Files (x86)\HP\Diagnostics\PrintMonitorService\HPPrintMonitorService.exe (Pas de fichier)
Task: {8363FF81-7820-4EEF-ADF2-BCE3727A7516} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {873D3090-EABE-4E16-B450-8487D7CF61A2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1895940577-2902757496-4188428450-500 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {8C469115-27C2-4529-B5F7-D29AB701F8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {8DFA2D6B-4C3A-46B1-9490-4337F4AB586C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {94352F67-9256-4025-9515-CEB85457D021} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A55D0109-F53D-45BA-9BEC-7CBA7BF05C3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8724A01-7FEC-4124-9709-3007223552E8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {ADA91082-4073-4806-B25C-32B1418D64D9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B1C1C328-87E0-415A-BAB2-B8789FE7B04A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-03-21] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C6CCFC43-C46B-4AD3-8DDC-45D337C928F0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier)
Task: {CF71FFD5-94E2-4D84-8250-61A32D8ECBF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D339AB36-F38F-4F24-B0A5-2D786472039A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {D5B7F050-BABF-4758-B728-98E6EC38B384} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2480504 2017-04-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {DA3EB942-34D4-4243-ACA3-B0418FDDAE4F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEAF8A43-010A-4F5E-9C66-03EB4F1B1073} - System32\Tasks\CCleanerSkipUAC - micha => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E24BAE61-2989-4A96-B692-B4910DE83F9B} - System32\Tasks\HPCustParticipation HP ENVY Photo 6200 series => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\HPCustPartic.exe /UA 19 (Pas de fichier)
Task: {E38BC878-D7C2-435B-92E6-75F2838F01C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F107A889-F52F-4597-875D-01A295799A5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{127da345-ed78-416e-95f5-46ffdc47d5b0}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a9d31371-f27c-4314-80cc-3524aa753f77}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{bedc5e63-5404-4242-bc7b-95fba7bce8d1}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6e34bf6-38b9-46a5-b433-7d98df5f5106}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1mgnh4t7.default-1589265604888
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\1mgnh4t7.default-1589265604888 [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\i2po7aya.default-release-1612162323861 [2021-12-21]
FF Extension: (uBlock Origin) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\i2po7aya.default-release-1612162323861\Extensions\uBlock0@raymondhill.net.xpi [2021-12-03]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2021-12-19]
CHR HomePage: Default -> hxxp://www.laregion.fr
CHR StartupUrls: Default -> "hxxp://www.laregion.fr"
CHR Extension: (Slides) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-12]
CHR Extension: (Adobe Acrobat) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-04]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-04]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-24]
CHR Extension: (Video Adblocker - Block Pre Roll Ad) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pedpfddehkfmobhbnccdcbhidojinimh [2020-12-06]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\micha\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2020-07-17]
CHR HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S4 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-11] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-10-30] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S4 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S4 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [113496 2021-01-14] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-04-23] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
U3 AdobeUpdateService; pas de ImagePath
S3 MpKsl79779b38; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15D9148A-0D3D-4E2F-9181-BB81006159DD}\MpKslDrv.sys [X]
U3 SwitchBoard; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 21:42 - 2021-12-21 21:44 - 000025948 _____ C:\Users\micha\Downloads\FRST.txt
2021-12-21 21:39 - 2021-12-21 21:39 - 002311168 _____ (Farbar) C:\Users\micha\Downloads\FRST64.exe
2021-12-19 21:14 - 2021-12-19 21:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-19 19:32 - 2021-12-19 19:32 - 000000000 ___HD C:\$WinREAgent
2021-12-19 15:58 - 2021-12-19 15:58 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-19 15:57 - 2021-12-19 15:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-19 15:55 - 2021-12-19 15:55 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-19 15:55 - 2021-12-19 15:55 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-17 08:53 - 2021-12-17 08:53 - 000334056 _____ C:\Users\micha\Downloads\DossierCGOS(1).pdf
2021-12-15 20:33 - 2021-12-15 20:33 - 000305338 _____ C:\Users\micha\Downloads\Questionnaire profil de risque.pdf
2021-12-14 20:44 - 2021-12-14 20:44 - 000384968 _____ C:\Users\micha\Downloads\Facture.pdf
2021-12-14 17:48 - 2021-12-14 17:48 - 000087402 _____ C:\Users\micha\Downloads\attestation caf.pdf
2021-12-14 10:21 - 2021-12-19 17:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-14 10:12 - 2021-12-14 10:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-12-14 10:11 - 2021-12-14 10:11 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-12-14 09:43 - 2021-11-28 19:25 - 000000000 ____D C:\Program Files (x86)\MSCaches
2021-12-13 08:14 - 2021-12-13 08:14 - 000068539 _____ C:\Users\micha\Downloads\Document_vignette.pdf
2021-12-12 22:08 - 2021-12-12 22:08 - 000092714 _____ C:\Users\micha\Documents\MICHEL Gilles.pdf
2021-12-12 21:55 - 2021-12-12 21:55 - 000000802 _____ C:\Users\micha\Documents\Bureau - Raccourci.lnk
2021-12-12 21:54 - 2021-12-12 22:09 - 000126445 _____ C:\Users\micha\Documents\resiliation gmo GM.pdf
2021-12-10 17:16 - 2021-12-10 17:23 - 000000000 ____D C:\Program Files\Wondershare
2021-12-10 17:06 - 2021-12-12 21:46 - 000195370 _____ C:\Users\micha\Documents\resiliation gmo.pdf
2021-12-10 11:19 - 2021-12-19 21:12 - 000000000 ____D C:\Users\micha\Documents\stellium financement
2021-12-10 10:58 - 2021-12-10 11:02 - 000142038 _____ C:\Users\micha\Documents\CLOTURE PELCM.pdf
2021-12-10 10:52 - 2021-12-10 10:53 - 000044351 _____ C:\Users\micha\Documents\CLOTURE PELGM.pdf
2021-12-09 08:21 - 2021-12-09 08:21 - 000010714 _____ C:\Users\micha\Downloads\facture delonghi.pdf
2021-12-07 19:28 - 2021-12-07 19:28 - 000056711 _____ C:\Users\micha\Documents\Tarif Noël Mangini 2021 (1).pdf
2021-12-07 19:25 - 2021-12-09 17:09 - 000328789 _____ C:\Users\micha\Documents\Tarif Mangini 09-2021.pdf
2021-11-30 09:30 - 2021-11-30 09:37 - 000000000 ____D C:\Users\micha\AppData\Roaming\TuneFab Spotify Music Converter
2021-11-30 09:30 - 2021-11-30 09:30 - 000000000 ____D C:\Users\micha\TuneFab
2021-11-30 09:30 - 2021-11-30 09:27 - 002917376 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 002917376 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\libcrypto-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 000481280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 000481280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\libssl-1_1-x64.dll
2021-11-30 09:27 - 2021-11-30 09:27 - 002548328 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-11-30 09:27 - 2021-11-30 09:27 - 000000000 ____D C:\Users\micha\AppData\Local\tunefab-spotify-music-converter-updater
2021-11-30 08:34 - 2021-11-30 08:34 - 000502601 _____ C:\Users\micha\Downloads\CV-Ophélie-Michel.pdf
2021-11-29 09:32 - 2021-11-29 09:32 - 000078045 _____ C:\Users\micha\Downloads\document.pdf
2021-11-26 13:29 - 2021-11-26 13:29 - 004213408 _____ C:\Users\micha\Downloads\5082714_NOTCOMP.pdf
2021-11-22 21:33 - 2021-11-22 21:33 - 000062291 _____ C:\Users\micha\Downloads\facture_10206850.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 21:43 - 2020-05-12 07:45 - 000000000 ____D C:\FRST
2021-12-21 21:37 - 2018-01-20 09:03 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2021-12-21 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-21 21:35 - 2019-06-05 12:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-21 21:35 - 2019-01-29 16:44 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-21 21:35 - 2018-01-21 13:42 - 000000000 ____D C:\Program Files\CCleaner
2021-12-21 21:32 - 2018-01-19 19:03 - 000000000 __SHD C:\Users\micha\IntelGraphicsProfiles
2021-12-20 23:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-20 22:37 - 2021-10-10 14:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-20 22:37 - 2020-05-12 14:57 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-20 22:37 - 2020-05-12 14:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-20 22:37 - 2018-01-20 09:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-20 22:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-20 22:18 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-19 21:26 - 2020-11-06 21:41 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-19 21:26 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-19 21:26 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-19 21:18 - 2021-11-10 10:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-19 21:17 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-19 21:17 - 2020-09-27 06:51 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 21:17 - 2017-11-09 23:01 - 000000000 ___HD C:\Intel
2021-12-19 21:16 - 2020-09-27 06:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-19 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-19 21:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-19 21:01 - 2020-10-10 07:11 - 000000000 ____D C:\Users\micha\AppData\Local\PlaceholderTileLogoFolder
2021-12-19 21:01 - 2018-01-28 19:38 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2021-12-19 20:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-19 20:28 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-19 20:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-19 19:41 - 2018-07-25 15:28 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2021-12-19 19:14 - 2019-03-04 09:39 - 000000000 ____D C:\Users\micha\Downloads\appli
2021-12-19 19:07 - 2020-11-06 22:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 17:54 - 2021-05-05 05:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-19 17:10 - 2020-11-06 20:56 - 000000000 ____D C:\Users\micha
2021-12-19 14:54 - 2018-01-20 15:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-19 14:34 - 2018-01-20 15:39 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-17 08:48 - 2019-07-26 07:00 - 000000000 ____D C:\Users\micha\Documents\UGO
2021-12-16 22:00 - 2021-11-20 18:05 - 000000000 ____D C:\Users\micha\Documents\Dossier investissement
2021-12-14 13:17 - 2018-01-19 19:03 - 000000000 ____D C:\Users\micha\AppData\Roaming\Adobe
2021-12-14 10:13 - 2018-02-10 10:02 - 000000000 ____D C:\Users\micha\AppData\Local\Adobe
2021-12-14 09:35 - 2019-05-11 21:41 - 000001073 _____ C:\Users\micha\Documents\compte net.txt
2021-12-13 07:45 - 2021-09-03 06:22 - 000000000 ____D C:\Users\micha\Documents\lOCATION uGO
2021-12-10 17:32 - 2020-11-07 15:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-12-10 17:17 - 2021-01-07 11:58 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-12-10 17:17 - 2019-10-14 17:27 - 000000000 ____D C:\Users\micha\AppData\Roaming\Wondershare
2021-12-10 17:16 - 2019-10-14 17:28 - 000000000 ____D C:\ProgramData\Wondershare
2021-12-08 10:54 - 2018-02-23 21:00 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2021-12-08 10:29 - 2018-12-25 21:17 - 000000000 ____D C:\Users\micha\AppData\Roaming\audacity
2021-12-07 15:28 - 2020-09-27 08:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-12-07 08:32 - 2020-06-11 07:54 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2021-12-07 08:31 - 2020-06-11 07:52 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2021-12-01 16:34 - 2019-06-13 14:28 - 000000000 ____D C:\Users\micha\Documents\OPHELIE
2021-12-01 16:17 - 2019-03-14 13:04 - 000000000 ____D C:\Users\micha\Documents\PLANNING
2021-11-30 17:26 - 2018-10-09 16:08 - 000000000 ____D C:\Users\micha\Documents\Dentaire
2021-11-30 10:12 - 2021-09-15 15:36 - 000000000 ____D C:\Program Files\Audacity
2021-11-30 10:12 - 2018-12-25 21:17 - 000000827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-11-30 09:29 - 2017-11-09 22:56 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-30 09:27 - 2013-10-05 03:38 - 000963240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120.dll
2021-11-30 09:27 - 2013-10-05 00:58 - 000963240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120.dll
2021-11-25 08:37 - 2019-06-13 14:29 - 000000000 ____D C:\Users\micha\Documents\MDR
2021-11-21 09:03 - 2020-11-23 08:27 - 000000000 ____D C:\Users\micha\Documents\Impots
==================== Fichiers à la racine de certains dossiers ========
2019-06-05 12:16 - 2019-06-05 12:16 - 007649280 _____ () C:\Program Files (x86)\GUT9BDE.tmp
2019-03-04 09:02 - 2019-03-04 09:11 - 000003017 _____ () C:\Users\micha\AppData\Roaming\downloads.json
2018-02-26 22:07 - 2019-10-14 16:26 - 000000200 _____ () C:\Users\micha\AppData\Roaming\sp_data.sys
2020-11-04 22:40 - 2021-04-26 14:30 - 000000820 _____ () C:\Users\micha\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par micha (administrateur) sur DESKTOP-76LU7UO (ASUSTeK COMPUTER INC. X705UA) (21-12-2021 21:42:01)
Exécuté depuis C:\Users\micha\Downloads
Profils chargés: micha
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\MSCaches\Apply\FilesInUse\XXRR85FA5F-5AE7-4FB4-952B-7F02457AAB21\Edge.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Edge] => C:\Program Files (x86)\MSCaches\Apply\FilesInUse\XXRR85FA5F-5AE7-4FB4-952B-7F02457AAB21\Edge.exe [190976 2021-11-28] () [Fichier non signé]
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Discord] => C:\Users\micha\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [22941928 2020-06-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> )
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [HP ENVY Photo 6200 (NET) #3] => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [1] wscript.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\Policies\Explorer\DisallowRun: [3] mshta.exe
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {120f12fe-e302-11eb-bc09-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {736ff926-5af9-11eb-bbf6-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {8ceff9b5-019d-11eb-bbd9-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {981d49f9-db06-11eb-bc07-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\...\MountPoints2: {faf8065c-423e-11ec-bc1a-409f38be7232} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-402 403 405 406 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIJE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)
IFEO\LogTransport2.exe: [Debugger] 0
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2629BA31-ED7F-49FC-89E2-A797C09DFE34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4294F046-9386-48D3-84A4-745A2C4D9972} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {45096619-1241-4A88-8140-495812DEA7B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {4FFCE04C-5B67-4FBC-8CA8-12270959E2D9} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1895940577-2902757496-4188428450-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {53EA057D-0944-4203-BA32-530205015D1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5555D0D1-46D6-4FD3-8BE5-1B9DD0124CC5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {60BE80AF-EEA2-4A6E-AFBC-FC87188DE21A} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-03-21] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {628EC7DA-21A6-40B6-8CB3-7E6C8EB74C1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {63517732-ABC6-4ED8-A6B8-146C34138CD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {7497A485-FF3F-4AEA-83C2-80C247748A21} - System32\Tasks\HPPrintMonitorService => C:\Program Files (x86)\HP\Diagnostics\PrintMonitorService\HPPrintMonitorService.exe (Pas de fichier)
Task: {8363FF81-7820-4EEF-ADF2-BCE3727A7516} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {873D3090-EABE-4E16-B450-8487D7CF61A2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1895940577-2902757496-4188428450-500 => C:\Users\micha\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {8C469115-27C2-4529-B5F7-D29AB701F8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {8DFA2D6B-4C3A-46B1-9490-4337F4AB586C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {94352F67-9256-4025-9515-CEB85457D021} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A55D0109-F53D-45BA-9BEC-7CBA7BF05C3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A8724A01-7FEC-4124-9709-3007223552E8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {ADA91082-4073-4806-B25C-32B1418D64D9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B1C1C328-87E0-415A-BAB2-B8789FE7B04A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124280 2017-03-21] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C6CCFC43-C46B-4AD3-8DDC-45D337C928F0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier)
Task: {CF71FFD5-94E2-4D84-8250-61A32D8ECBF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D339AB36-F38F-4F24-B0A5-2D786472039A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {D5B7F050-BABF-4758-B728-98E6EC38B384} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2480504 2017-04-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {DA3EB942-34D4-4243-ACA3-B0418FDDAE4F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEAF8A43-010A-4F5E-9C66-03EB4F1B1073} - System32\Tasks\CCleanerSkipUAC - micha => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E24BAE61-2989-4A96-B692-B4910DE83F9B} - System32\Tasks\HPCustParticipation HP ENVY Photo 6200 series => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\HPCustPartic.exe /UA 19 (Pas de fichier)
Task: {E38BC878-D7C2-435B-92E6-75F2838F01C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F107A889-F52F-4597-875D-01A295799A5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{127da345-ed78-416e-95f5-46ffdc47d5b0}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a9d31371-f27c-4314-80cc-3524aa753f77}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{bedc5e63-5404-4242-bc7b-95fba7bce8d1}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6e34bf6-38b9-46a5-b433-7d98df5f5106}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1mgnh4t7.default-1589265604888
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\1mgnh4t7.default-1589265604888 [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\i2po7aya.default-release-1612162323861 [2021-12-21]
FF Extension: (uBlock Origin) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\i2po7aya.default-release-1612162323861\Extensions\uBlock0@raymondhill.net.xpi [2021-12-03]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2021-12-19]
CHR HomePage: Default -> hxxp://www.laregion.fr
CHR StartupUrls: Default -> "hxxp://www.laregion.fr"
CHR Extension: (Slides) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-12]
CHR Extension: (Adobe Acrobat) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-04]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-11-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-04]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-24]
CHR Extension: (Video Adblocker - Block Pre Roll Ad) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pedpfddehkfmobhbnccdcbhidojinimh [2020-12-06]
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\micha\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2020-07-17]
CHR HKU\S-1-5-21-1895940577-2902757496-4188428450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S4 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-11] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-10-30] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-12-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S4 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S4 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [113496 2021-01-14] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-04-23] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [48424 2018-01-19] (Wondershare Technology Co.,Ltd -> Wondershare)
U3 AdobeUpdateService; pas de ImagePath
S3 MpKsl79779b38; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15D9148A-0D3D-4E2F-9181-BB81006159DD}\MpKslDrv.sys [X]
U3 SwitchBoard; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 21:42 - 2021-12-21 21:44 - 000025948 _____ C:\Users\micha\Downloads\FRST.txt
2021-12-21 21:39 - 2021-12-21 21:39 - 002311168 _____ (Farbar) C:\Users\micha\Downloads\FRST64.exe
2021-12-19 21:14 - 2021-12-19 21:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-19 19:32 - 2021-12-19 19:32 - 000000000 ___HD C:\$WinREAgent
2021-12-19 15:58 - 2021-12-19 15:58 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-19 15:57 - 2021-12-19 15:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-19 15:55 - 2021-12-19 15:55 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-19 15:55 - 2021-12-19 15:55 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-17 08:53 - 2021-12-17 08:53 - 000334056 _____ C:\Users\micha\Downloads\DossierCGOS(1).pdf
2021-12-15 20:33 - 2021-12-15 20:33 - 000305338 _____ C:\Users\micha\Downloads\Questionnaire profil de risque.pdf
2021-12-14 20:44 - 2021-12-14 20:44 - 000384968 _____ C:\Users\micha\Downloads\Facture.pdf
2021-12-14 17:48 - 2021-12-14 17:48 - 000087402 _____ C:\Users\micha\Downloads\attestation caf.pdf
2021-12-14 10:21 - 2021-12-19 17:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-14 10:12 - 2021-12-14 10:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-12-14 10:11 - 2021-12-14 10:11 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-12-14 09:43 - 2021-11-28 19:25 - 000000000 ____D C:\Program Files (x86)\MSCaches
2021-12-13 08:14 - 2021-12-13 08:14 - 000068539 _____ C:\Users\micha\Downloads\Document_vignette.pdf
2021-12-12 22:08 - 2021-12-12 22:08 - 000092714 _____ C:\Users\micha\Documents\MICHEL Gilles.pdf
2021-12-12 21:55 - 2021-12-12 21:55 - 000000802 _____ C:\Users\micha\Documents\Bureau - Raccourci.lnk
2021-12-12 21:54 - 2021-12-12 22:09 - 000126445 _____ C:\Users\micha\Documents\resiliation gmo GM.pdf
2021-12-10 17:16 - 2021-12-10 17:23 - 000000000 ____D C:\Program Files\Wondershare
2021-12-10 17:06 - 2021-12-12 21:46 - 000195370 _____ C:\Users\micha\Documents\resiliation gmo.pdf
2021-12-10 11:19 - 2021-12-19 21:12 - 000000000 ____D C:\Users\micha\Documents\stellium financement
2021-12-10 10:58 - 2021-12-10 11:02 - 000142038 _____ C:\Users\micha\Documents\CLOTURE PELCM.pdf
2021-12-10 10:52 - 2021-12-10 10:53 - 000044351 _____ C:\Users\micha\Documents\CLOTURE PELGM.pdf
2021-12-09 08:21 - 2021-12-09 08:21 - 000010714 _____ C:\Users\micha\Downloads\facture delonghi.pdf
2021-12-07 19:28 - 2021-12-07 19:28 - 000056711 _____ C:\Users\micha\Documents\Tarif Noël Mangini 2021 (1).pdf
2021-12-07 19:25 - 2021-12-09 17:09 - 000328789 _____ C:\Users\micha\Documents\Tarif Mangini 09-2021.pdf
2021-11-30 09:30 - 2021-11-30 09:37 - 000000000 ____D C:\Users\micha\AppData\Roaming\TuneFab Spotify Music Converter
2021-11-30 09:30 - 2021-11-30 09:30 - 000000000 ____D C:\Users\micha\TuneFab
2021-11-30 09:30 - 2021-11-30 09:27 - 002917376 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 002917376 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\libcrypto-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 000481280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2021-11-30 09:30 - 2021-11-30 09:27 - 000481280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\libssl-1_1-x64.dll
2021-11-30 09:27 - 2021-11-30 09:27 - 002548328 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-11-30 09:27 - 2021-11-30 09:27 - 000000000 ____D C:\Users\micha\AppData\Local\tunefab-spotify-music-converter-updater
2021-11-30 08:34 - 2021-11-30 08:34 - 000502601 _____ C:\Users\micha\Downloads\CV-Ophélie-Michel.pdf
2021-11-29 09:32 - 2021-11-29 09:32 - 000078045 _____ C:\Users\micha\Downloads\document.pdf
2021-11-26 13:29 - 2021-11-26 13:29 - 004213408 _____ C:\Users\micha\Downloads\5082714_NOTCOMP.pdf
2021-11-22 21:33 - 2021-11-22 21:33 - 000062291 _____ C:\Users\micha\Downloads\facture_10206850.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-21 21:43 - 2020-05-12 07:45 - 000000000 ____D C:\FRST
2021-12-21 21:37 - 2018-01-20 09:03 - 000000000 ____D C:\Users\micha\AppData\LocalLow\Mozilla
2021-12-21 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-21 21:35 - 2019-06-05 12:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-21 21:35 - 2019-01-29 16:44 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-21 21:35 - 2018-01-21 13:42 - 000000000 ____D C:\Program Files\CCleaner
2021-12-21 21:32 - 2018-01-19 19:03 - 000000000 __SHD C:\Users\micha\IntelGraphicsProfiles
2021-12-20 23:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-20 22:37 - 2021-10-10 14:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-20 22:37 - 2020-05-12 14:57 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-20 22:37 - 2020-05-12 14:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-20 22:37 - 2018-01-20 09:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-20 22:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-20 22:18 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-19 21:26 - 2020-11-06 21:41 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-19 21:26 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-19 21:26 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-19 21:18 - 2021-11-10 10:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-19 21:17 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-19 21:17 - 2020-09-27 06:51 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 21:17 - 2017-11-09 23:01 - 000000000 ___HD C:\Intel
2021-12-19 21:16 - 2020-09-27 06:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-19 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-19 21:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-19 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-19 21:01 - 2020-10-10 07:11 - 000000000 ____D C:\Users\micha\AppData\Local\PlaceholderTileLogoFolder
2021-12-19 21:01 - 2018-01-28 19:38 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2021-12-19 20:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-19 20:28 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-19 20:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-19 19:41 - 2018-07-25 15:28 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2021-12-19 19:14 - 2019-03-04 09:39 - 000000000 ____D C:\Users\micha\Downloads\appli
2021-12-19 19:07 - 2020-11-06 22:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 17:54 - 2021-05-05 05:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-19 17:10 - 2020-11-06 20:56 - 000000000 ____D C:\Users\micha
2021-12-19 14:54 - 2018-01-20 15:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-19 14:34 - 2018-01-20 15:39 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-17 08:48 - 2019-07-26 07:00 - 000000000 ____D C:\Users\micha\Documents\UGO
2021-12-16 22:00 - 2021-11-20 18:05 - 000000000 ____D C:\Users\micha\Documents\Dossier investissement
2021-12-14 13:17 - 2018-01-19 19:03 - 000000000 ____D C:\Users\micha\AppData\Roaming\Adobe
2021-12-14 10:13 - 2018-02-10 10:02 - 000000000 ____D C:\Users\micha\AppData\Local\Adobe
2021-12-14 09:35 - 2019-05-11 21:41 - 000001073 _____ C:\Users\micha\Documents\compte net.txt
2021-12-13 07:45 - 2021-09-03 06:22 - 000000000 ____D C:\Users\micha\Documents\lOCATION uGO
2021-12-10 17:32 - 2020-11-07 15:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-12-10 17:17 - 2021-01-07 11:58 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-12-10 17:17 - 2019-10-14 17:27 - 000000000 ____D C:\Users\micha\AppData\Roaming\Wondershare
2021-12-10 17:16 - 2019-10-14 17:28 - 000000000 ____D C:\ProgramData\Wondershare
2021-12-08 10:54 - 2018-02-23 21:00 - 000000000 ____D C:\Users\micha\AppData\Roaming\vlc
2021-12-08 10:29 - 2018-12-25 21:17 - 000000000 ____D C:\Users\micha\AppData\Roaming\audacity
2021-12-07 15:28 - 2020-09-27 08:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-12-07 08:32 - 2020-06-11 07:54 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2021-12-07 08:31 - 2020-06-11 07:52 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2021-12-01 16:34 - 2019-06-13 14:28 - 000000000 ____D C:\Users\micha\Documents\OPHELIE
2021-12-01 16:17 - 2019-03-14 13:04 - 000000000 ____D C:\Users\micha\Documents\PLANNING
2021-11-30 17:26 - 2018-10-09 16:08 - 000000000 ____D C:\Users\micha\Documents\Dentaire
2021-11-30 10:12 - 2021-09-15 15:36 - 000000000 ____D C:\Program Files\Audacity
2021-11-30 10:12 - 2018-12-25 21:17 - 000000827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-11-30 09:29 - 2017-11-09 22:56 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-30 09:27 - 2013-10-05 03:38 - 000963240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120.dll
2021-11-30 09:27 - 2013-10-05 00:58 - 000963240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120.dll
2021-11-25 08:37 - 2019-06-13 14:29 - 000000000 ____D C:\Users\micha\Documents\MDR
2021-11-21 09:03 - 2020-11-23 08:27 - 000000000 ____D C:\Users\micha\Documents\Impots
==================== Fichiers à la racine de certains dossiers ========
2019-06-05 12:16 - 2019-06-05 12:16 - 007649280 _____ () C:\Program Files (x86)\GUT9BDE.tmp
2019-03-04 09:02 - 2019-03-04 09:11 - 000003017 _____ () C:\Users\micha\AppData\Roaming\downloads.json
2018-02-26 22:07 - 2019-10-14 16:26 - 000000200 _____ () C:\Users\micha\AppData\Roaming\sp_data.sys
2020-11-04 22:40 - 2021-04-26 14:30 - 000000820 _____ () C:\Users\micha\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================