Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01 Exécuté par Christophe (administrateur) sur DESKTOP-0T4F4T3 (ASUSTeK COMPUTER INC. UX305FA) (24-01-2021 18:09:33) Exécuté depuis C:\Users\Christophe\Desktop Profils chargés: Christophe Platform: Windows 10 Home Version 1909 18363.1316 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_f4ae16267365b868\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\runonce.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (MS) [Fichier non signé] C:\Program Files\XXX USB Display\WinUsbDisplay.exe (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [604496 2017-11-24] (Conexant Systems LLC -> Conexant Systems, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-03] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\\ASUSWSLoader.exe HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-1347094650-1830905686-4087494706-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> ) HKU\S-1-5-21-1347094650-1830905686-4087494706-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [31387320 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1347094650-1830905686-4087494706-1001\...\Run: [Windows Usb Display] => C:\Program Files\XXX USB Display\WinUsbDisplay.exe [1516544 2019-10-17] (MS) [Fichier non signé] HKU\S-1-5-21-1347094650-1830905686-4087494706-1001\...\MountPoints2: {774104d4-5bd9-11ea-9c00-a4fa5b400f10} - "D:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\Canon MG7500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC7.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7500 series: C:\WINDOWS\system32\CNMLMC7.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {05EE837D-1DF2-4098-90DF-CECC15862B15} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {086728B9-D9AC-4605-956D-46E5DF1C1109} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {0D79327D-C4E8-455A-AE5B-BC8F619A267B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd) Task: {12D19724-FE1D-4A56-A0CE-81D107F69A0D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {1CB80764-9390-40D7-B405-23614E913257} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-18] (ASUSTeK Computer Inc. -> AsusTek) Task: {22CC8BBB-969A-4ABE-959A-15359B27B7E3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {2B2EAB30-657B-4687-A4AE-35C1016F3AF9} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) Task: {4022E48A-F103-4B5D-9909-8155EE057E6B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1161112 2021-01-20] (Microsoft Corporation -> Microsoft Corporation) Task: {57B7ADB2-416A-4923-8937-9231117A1D1D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {5AEF74C4-E14D-447C-812D-72FD436C45D1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {60B958A5-5F67-42D9-B2EF-D47547C01D0B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {664BB520-4D11-4AF2-9E18-63B80E06D5E6} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4136040 2021-01-03] (Microsoft Corporation -> Microsoft Corporation) Task: {753D4F32-3DE2-498B-B6C1-193FC100D251} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Fichier non signé] Task: {79764B57-4ED1-44E4-9462-4A05EE60AA81} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd) Task: {87BA88FD-7135-4387-8EBF-BF690A90400C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {8F0828D2-08F3-4953-8BEE-06F613213970} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-21] (Google Inc -> Google Inc.) Task: {A0EC9A09-21F3-4D1A-8472-1668BBF6329A} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {AD745595-F6F1-42BD-A092-C5273E74ECC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-11] (Microsoft Corporation -> Microsoft Corporation) Task: {BF86F37E-70DF-41FF-91DE-3F6BD9851BA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {C007DE92-13F9-47A4-B011-13FE2CB5AA9D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {C8D8695D-8AD7-4D66-8DAA-A37C327F2439} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [62536 2015-06-09] (ASUSTeK Computer Inc. -> ASUS) Task: {D057342C-CEFF-45FB-9871-6FA1F6415FFF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-10] (Mozilla Corporation -> Mozilla Foundation) Task: {D28874F5-F9FB-4DCD-9D58-F04D4B2DF36D} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé] Task: {F06E0D30-49F1-45DB-948A-9D334534159C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-21] (Google Inc -> Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] Tcpip\..\Interfaces\{64f542c1-5fc8-4487-a21c-b8dd0ebf6a1e}: [DhcpNameServer] Edge: ======= Edge Profile: C:\Users\Christophe\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-24] FireFox: ======== FF DefaultProfile: w72a43m0.default FF ProfilePath: C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default [2021-01-24] FF Homepage: Mozilla\Firefox\Profiles\w72a43m0.default -> hxxps://duckduckgo.com/ FF Session Restore: Mozilla\Firefox\Profiles\w72a43m0.default -> est activé. FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\firefox@ghostery.com.xpi [2020-12-07] FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2021-01-01] [] FF Extension: (Secure Login) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\secureLogin@blueimp.net.xpi [2017-11-21] [] FF Extension: (Google Translator for Firefox) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\translator@zoli.bod.xpi [2018-12-15] FF Extension: (Stylish – Thèmes personnalisés pour sites Web) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2018-12-15] FF Extension: (NoScript) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-01-20] FF Extension: (Controle de Scripts) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{75e19832-90c0-4553-91a0-e5d0ac5d99fd}.xpi [2017-11-21] [] FF Extension: (Stylus) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2020-10-04] FF Extension: (Web of Trust) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-01-15] FF Extension: (Google Redesigned) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}.xpi [2017-12-07] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-20] FF Extension: (Redirect Remover) - C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\w72a43m0.default\Extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi [2017-11-21] [] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> ) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-24] Chrome: ======= CHR Profile: C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default [2021-01-23] CHR Session Restore: Default -> est activé. CHR Extension: (Slides) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07] CHR Extension: (Docs) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07] CHR Extension: (Google Drive) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25] CHR Extension: (YouTube) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07] CHR Extension: (Sheets) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07] CHR Extension: (Google Docs hors connexion) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-25] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02] CHR Extension: (Gmail) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25] CHR Extension: (Chrome Media Router) - C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-25] CHR HKU\S-1-5-21-1347094650-1830905686-4087494706-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-12] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2021-01-03] (Microsoft Corporation -> Microsoft Corporation) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-03] (ESET, spol. s r.o. -> ESET) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\\wtoolex\wpsupdatesvr.exe [133480 2015-07-21] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-29] (Malwarebytes Inc -> Malwarebytes) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-21] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MsMpEng.exe [103168 2020-03-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Christophe\AppData\Roaming\Zoom" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101872 2020-12-27] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101872 2020-12-27] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-11-02] (Microsoft Corporation) [Fichier non signé] S3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44832 2020-12-27] (CPUID S.A.R.L.U. -> CPUID) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-11-03] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-11-03] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-11-03] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-11-03] (ESET, spol. s r.o. -> ESET) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS) S3 IndirectDisplayBus; C:\WINDOWS\System32\drivers\IndirectDisplayBus.sys [25592 2019-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [43456 2019-03-14] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-24] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-29] (Malwarebytes Inc -> Malwarebytes) R3 vmon_func; C:\WINDOWS\System32\drivers\vmon_func.sys [48016 2019-10-17] (Long Yan Xin Luo Bai Fen Bai Xin Xi Ji Shu You Xian Gong Si -> Windows (R) Win 7 DDK provider) R3 vmon_func1; C:\WINDOWS\System32\drivers\vmon_func1.sys [48016 2019-10-17] (Long Yan Xin Luo Bai Fen Bai Xin Xi Ji Shu You Xian Gong Si -> Windows (R) Win 7 DDK provider) R3 vmon_func2; C:\WINDOWS\System32\drivers\vmon_func2.sys [48016 2019-10-17] (Long Yan Xin Luo Bai Fen Bai Xin Xi Ji Shu You Xian Gong Si -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-21] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-24 18:09 - 2021-01-24 18:10 - 000025704 _____ C:\Users\Christophe\Desktop\FRST.txt 2021-01-24 18:09 - 2021-01-24 18:09 - 000000000 ____D C:\FRST 2021-01-24 18:08 - 2021-01-24 18:08 - 002297344 _____ (Farbar) C:\Users\Christophe\Desktop\FRST64.exe 2021-01-24 18:08 - 2021-01-24 18:08 - 001388432 _____ C:\Users\Public\VOIP.dat 2021-01-24 18:05 - 2021-01-24 18:05 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-01-24 18:04 - 2021-01-24 18:04 - 000031476 _____ C:\Users\Christophe\Desktop\ZHPFix.txt 2021-01-24 17:41 - 2021-01-24 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XXX USB Display 2021-01-24 17:41 - 2021-01-24 17:41 - 000000000 ____D C:\Program Files\XXX USB Display 2021-01-24 17:41 - 2019-10-17 13:56 - 000048016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmon_func2.sys 2021-01-24 17:41 - 2019-10-17 13:56 - 000048016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmon_func1.sys 2021-01-24 17:41 - 2019-10-17 13:56 - 000048016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmon_func.sys 2021-01-24 12:05 - 2019-07-17 03:56 - 001474320 _____ (深圳市恒亿昌科技有限公司 ) C:\Users\Christophe\Desktop\Windows_xp_1.0.8.exe 2021-01-24 11:22 - 2021-01-24 12:20 - 000388600 _____ C:\Users\Christophe\Desktop\ZHPDiag.html 2021-01-24 11:22 - 2021-01-24 12:20 - 000316497 _____ C:\Users\Christophe\Desktop\ZHPDiag.txt 2021-01-24 11:15 - 2021-01-24 18:04 - 000000000 ____D C:\Users\Christophe\AppData\Roaming\ZHP 2021-01-24 11:15 - 2021-01-24 18:01 - 000000922 _____ C:\Users\Christophe\Desktop\ZHPSuite.lnk 2021-01-24 11:15 - 2021-01-24 11:15 - 003480712 _____ (Nicolas Coolman) C:\Users\Christophe\Downloads\ZHPSuite(1).exe 2021-01-24 11:15 - 2021-01-24 11:15 - 000000000 ____D C:\Users\Christophe\AppData\Local\ZHP 2021-01-23 20:30 - 2019-09-18 08:29 - 000025592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\IndirectDisplayBus.sys 2021-01-23 20:30 - 2019-09-12 09:41 - 000067008 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll 2021-01-23 20:30 - 2019-03-14 14:46 - 000075200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll 2021-01-23 20:30 - 2019-03-14 14:46 - 000043456 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusb0.sys 2021-01-23 20:22 - 2021-01-23 20:22 - 004841128 _____ (XXX ) C:\Users\Christophe\Downloads\Windows7-Windows10_2.0.2.exe 2021-01-23 20:21 - 2019-10-17 10:24 - 004841128 _____ (XXX ) C:\Users\Christophe\Desktop\Windows7-Windows10_2.0.2.exe 2021-01-23 20:04 - 2021-01-23 20:04 - 000000000 ____D C:\WINDOWS\Panther 2021-01-23 18:44 - 2021-01-23 18:44 - 000251308 _____ C:\Users\Christophe\Desktop\EU Challenges and opportunities - Syllabus Spring 2021.pdf 2021-01-16 18:33 - 2021-01-16 18:33 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-16 18:33 - 2021-01-16 18:33 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-16 18:33 - 2021-01-16 18:33 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-16 18:33 - 2021-01-16 18:33 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-16 18:33 - 2021-01-16 18:33 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-16 18:33 - 2021-01-16 18:33 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-16 18:33 - 2021-01-16 18:33 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-16 18:33 - 2021-01-16 18:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-16 18:33 - 2021-01-16 18:33 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-16 18:33 - 2021-01-16 18:33 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-16 18:33 - 2021-01-16 18:33 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-16 18:33 - 2021-01-16 18:33 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-16 18:33 - 2021-01-16 18:33 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-16 18:32 - 2021-01-16 18:32 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-16 18:32 - 2021-01-16 18:32 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-16 18:32 - 2021-01-16 18:32 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-16 18:32 - 2021-01-16 18:32 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-16 18:32 - 2021-01-16 18:32 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-16 18:32 - 2021-01-16 18:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-16 18:32 - 2021-01-16 18:32 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-16 18:32 - 2021-01-16 18:32 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-01-16 18:32 - 2021-01-16 18:32 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2021-01-16 18:31 - 2021-01-16 18:31 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-16 18:31 - 2021-01-16 18:31 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-16 18:31 - 2021-01-16 18:31 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-16 18:31 - 2021-01-16 18:31 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-16 18:31 - 2021-01-16 18:31 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-16 18:31 - 2021-01-16 18:31 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-16 18:31 - 2021-01-16 18:31 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-16 18:30 - 2021-01-16 18:30 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-16 18:30 - 2021-01-16 18:30 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-16 18:30 - 2021-01-16 18:30 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-16 18:29 - 2021-01-16 18:29 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-16 18:29 - 2021-01-16 18:29 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-16 18:29 - 2021-01-16 18:29 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-16 18:29 - 2021-01-16 18:29 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-10 01:08 - 2021-01-10 01:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-29 21:57 - 2020-12-29 21:57 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-12-29 21:57 - 2020-12-29 21:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-12-28 15:37 - 2020-12-28 15:37 - 000000000 ____D C:\Users\Christophe\AppData\Roaming\Canon 2020-12-28 15:36 - 2020-12-28 15:36 - 000002100 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk 2020-12-28 15:36 - 2020-12-28 15:36 - 000002100 _____ C:\ProgramData\Desktop\Canon Quick Menu.lnk 2020-12-28 15:36 - 2020-12-28 15:36 - 000000000 ____D C:\WINDOWS\system32\STRING 2020-12-28 15:36 - 2020-12-28 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2020-12-28 15:36 - 2020-12-28 15:36 - 000000000 ____D C:\ProgramData\CanonIJWSpt 2020-12-28 15:36 - 2020-12-28 15:36 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool 2020-12-28 15:36 - 2014-03-18 05:00 - 000406016 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMC7.DLL 2020-12-28 15:36 - 2014-03-17 19:15 - 000380928 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL 2020-12-28 15:36 - 2014-03-17 19:15 - 000375296 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL 2020-12-28 15:36 - 2014-03-17 19:15 - 000039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL 2020-12-28 15:36 - 2014-01-21 13:15 - 000336896 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_C7L.dll 2020-12-28 15:36 - 2013-12-02 09:51 - 000096256 _____ C:\WINDOWS\SysWOW64\CNC177CD.TBL 2020-12-28 15:36 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2020-12-28 15:35 - 2020-12-28 15:36 - 000000000 ___HD C:\Program Files\CanonBJ 2020-12-28 15:33 - 2020-12-29 22:28 - 000000000 ____D C:\Program Files (x86)\Canon 2020-12-27 22:18 - 2020-12-27 22:18 - 000480176 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys 2020-12-27 18:43 - 2020-12-27 18:43 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk 2020-12-27 18:43 - 2020-12-27 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant 2020-12-27 18:42 - 2016-10-27 16:14 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe 2020-12-27 18:42 - 2016-10-27 16:14 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\SASrv.exe 2020-12-27 18:42 - 2015-07-31 17:29 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.DAT 2020-12-27 18:42 - 2014-10-20 14:54 - 000207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe 2020-12-27 18:35 - 2020-12-27 18:35 - 000530396 _____ C:\WINDOWS\system32\Drivers\miceq.ini 2020-12-27 18:35 - 2020-12-27 18:35 - 000065520 _____ C:\WINDOWS\system32\Drivers\MicGain.ini 2020-12-27 18:35 - 2020-12-27 18:35 - 000029642 _____ C:\WINDOWS\system32\Drivers\D2Keys.ini 2020-12-27 18:35 - 2020-12-27 18:35 - 000005638 _____ C:\WINDOWS\system32\Drivers\orverbs.ini 2020-12-27 18:35 - 2020-12-27 18:35 - 000005388 _____ C:\WINDOWS\system32\Drivers\fxmisc.ini 2020-12-27 17:58 - 2020-12-27 18:00 - 005878264 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll 2020-12-27 17:58 - 2020-12-27 17:58 - 000906616 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundService64.exe 2020-12-27 17:58 - 2020-12-27 17:58 - 000208710 _____ C:\WINDOWS\system32\ICEsoundService.bin 2020-12-27 17:58 - 2020-12-27 17:58 - 000174248 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll 2020-12-27 17:55 - 2020-12-27 17:58 - 007673072 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll 2020-12-27 17:55 - 2020-12-27 17:55 - 000429568 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\ASpkExt64.dll 2020-12-27 17:55 - 2020-12-27 17:55 - 000103248 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\FMPropPageExt64.dll 2020-12-27 17:55 - 2020-12-27 17:55 - 000051792 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll 2020-12-27 17:55 - 2020-12-27 17:55 - 000033872 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CXHDMI64.dll 2020-12-27 17:54 - 2020-12-27 17:55 - 001506896 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll 2020-12-27 17:54 - 2020-12-27 17:54 - 001593936 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2020-12-27 17:54 - 2020-12-27 17:54 - 000584272 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CX64APO2.dll 2020-12-27 17:53 - 2020-12-27 17:53 - 001548600 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APOMIX.dll 2020-12-27 17:53 - 2020-12-27 17:53 - 001051216 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BPAPO.dll 2020-12-27 17:50 - 2020-12-27 17:52 - 004912464 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A195.dll 2020-12-27 17:33 - 2020-12-27 17:33 - 000000000 ____D C:\ProgramData\Emsisoft 2020-12-27 17:31 - 2020-12-27 17:44 - 000000000 ____D C:\EEK 2020-12-27 17:21 - 2020-12-27 22:45 - 000000000 ____D C:\Users\Christophe\AppData\Roaming\Easeware 2020-12-27 17:20 - 2020-12-27 17:20 - 000001860 _____ C:\Users\Public\Desktop\Zoom.lnk 2020-12-27 17:20 - 2020-12-27 17:20 - 000001860 _____ C:\ProgramData\Desktop\Zoom.lnk 2020-12-27 17:20 - 2020-12-27 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom 2020-12-27 17:20 - 2020-12-27 17:20 - 000000000 ____D C:\Program Files (x86)\Zoom 2020-12-27 17:19 - 2020-12-27 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck 2020-12-27 17:19 - 2020-12-27 17:19 - 000000000 ____D C:\Program Files\UCheck 2020-12-27 17:18 - 2020-12-27 17:19 - 000000000 ____D C:\ProgramData\UCheck 2020-12-26 19:29 - 2020-12-26 19:29 - 000000000 ____D C:\Users\Christophe\Desktop\Local only ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-24 18:12 - 2019-11-02 15:53 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0C9843E1-AC78-4DD5-A463-B5E566B66509} 2021-01-24 18:12 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2021-01-24 18:08 - 2017-11-23 20:54 - 000000000 ___RD C:\Users\Christophe\Google Drive 2021-01-24 18:07 - 2019-02-24 18:18 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-24 18:06 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-24 18:06 - 2017-11-21 13:19 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2021-01-24 18:06 - 2017-11-21 12:52 - 000000000 ____D C:\Users\Christophe\AppData\LocalLow\Mozilla 2021-01-24 18:05 - 2019-11-02 15:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-24 18:05 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-01-24 18:05 - 2017-11-21 12:46 - 000000000 __SHD C:\Users\Christophe\IntelGraphicsProfiles 2021-01-24 18:05 - 2017-11-21 11:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-01-24 17:49 - 2019-11-02 15:52 - 001771474 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-24 17:49 - 2019-03-19 13:00 - 000794662 _____ C:\WINDOWS\system32\perfh00C.dat 2021-01-24 17:49 - 2019-03-19 13:00 - 000150678 _____ C:\WINDOWS\system32\perfc00C.dat 2021-01-24 16:23 - 2019-11-02 15:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-24 00:34 - 2020-11-03 12:51 - 000000000 ____D C:\Users\Christophe\AppData\Local\CrashDumps 2021-01-23 20:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState 2021-01-23 20:04 - 2020-03-23 18:42 - 000000000 ____D C:\Users\Christophe\AppData\Local\ElevatedDiagnostics 2021-01-23 18:24 - 2017-12-07 22:30 - 000000000 ____D C:\Users\Christophe\AppData\Local\Packages 2021-01-22 11:25 - 2020-09-04 21:57 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-01-22 11:25 - 2020-09-04 21:57 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-01-22 11:25 - 2020-09-04 21:57 - 000002282 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-01-22 11:24 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-22 11:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-20 19:39 - 2015-07-21 13:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-01-16 19:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration 2021-01-16 18:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2021-01-16 18:46 - 2017-12-07 22:54 - 000000000 ___RD C:\Users\Christophe\3D Objects 2021-01-16 18:46 - 2015-08-27 19:36 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-01-16 18:45 - 2020-12-22 22:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-16 18:45 - 2019-11-02 15:44 - 000522816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-16 18:45 - 2017-11-21 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-16 18:43 - 2019-03-19 13:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-16 18:43 - 2019-03-19 13:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-16 18:43 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-16 18:40 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-01-16 18:40 - 2017-11-21 13:47 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-01-16 18:38 - 2017-11-21 13:47 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-01-16 18:29 - 2019-11-02 15:45 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-01-16 18:22 - 2020-09-04 21:56 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-01-16 18:22 - 2020-09-04 21:56 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-01-11 22:02 - 2020-02-21 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-01-10 01:08 - 2017-11-21 12:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-12-29 21:57 - 2020-11-02 22:11 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-12-29 21:57 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-29 21:56 - 2019-11-02 12:16 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-12-28 15:36 - 2019-03-19 05:52 - 000000000 __RSD C:\WINDOWS\Media 2020-12-27 22:47 - 2020-03-23 19:12 - 000000000 ____D C:\Users\Christophe\AppData\Roaming\Zoom 2020-12-27 22:27 - 2015-07-20 09:16 - 001469952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys 2020-12-27 22:20 - 2015-08-27 19:49 - 000074168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_acpi.sys 2020-12-27 22:14 - 2015-08-27 19:49 - 000069560 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_cpu.sys 2020-12-27 19:09 - 2017-11-21 11:44 - 000000000 ____D C:\Program Files (x86)\Intel 2020-12-27 19:09 - 2015-08-27 19:38 - 000000000 ____D C:\ProgramData\Package Cache 2020-12-27 19:05 - 2015-08-27 19:39 - 000000000 ____D C:\ProgramData\Intel 2020-12-27 18:42 - 2019-11-02 15:57 - 001705080 _____ (TODO: ) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2020-12-27 18:40 - 2019-11-02 15:57 - 000000000 ____D C:\ProgramData\UIU 2020-12-27 18:40 - 2017-11-21 11:45 - 000000000 ____D C:\ProgramData\Conexant 2020-12-27 17:47 - 2019-11-02 15:57 - 003455352 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys 2020-12-27 17:31 - 2017-11-21 20:58 - 000000000 ____D C:\Users\Christophe\AppData\Roaming\Skype 2020-12-27 17:22 - 2015-12-14 14:45 - 000101872 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys ==================== Fichiers à la racine de certains dossiers ======== 2021-01-24 18:08 - 2021-01-24 18:08 - 001388432 _____ () C:\Users\Public\VOIP.dat 2017-11-21 12:46 - 2019-11-02 14:33 - 000000165 _____ () C:\Users\Christophe\AppData\Roaming\sp_data.sys ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================