Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2021
Exécuté par Philippe (administrateur) sur DESKTOP-TKU7009 (HP HP Laptop 15-bs0xx) (08-09-2021 14:19:54)
Exécuté depuis C:\Users\Philippe\Desktop
Profils chargés: Philippe
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> ) C:\Program Files\Google\Drive\nativeproxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Philippe\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49927816 2021-08-16] (Google LLC -> )
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [clsgfe] => regsvr32.exe -s "C:\Users\Philippe\AppData\Roaming\Microsoft\Uzwvjur\hyxzlficiynm.dll"
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetupRST_ModeSwitch.lnk [2021-03-21]
ShortcutTarget: SetupRST_ModeSwitch.lnk -> C:\Users\Philippe\Downloads\SetupRST.exe (Intel(R) pGFX -> Intel Corporation) [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {02B1B2EC-E6E1-4AB2-95DD-752F58F02569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F35CB46-E1A0-49A6-A722-C087B72AFA5A} - System32\Tasks\Apple Diagnostics => C:\Users\Philippe\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2021-09-02] <==== ATTENTION (zéro octet Fichier/Dossier)
Task: {3CC4768D-2A72-4FEB-9B22-BA19F5F291D3} - System32\Tasks\AAct => C:\Windows\AAct_Tools\AAct.exe [2700832 2019-03-20] (WZTeam -> ) [Fichier non signé]
Task: {489A0E4B-DFED-44E3-97D8-3858F1CF7807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5C38E2E7-E59A-488B-AEA3-2964BCC0119C} - System32\Tasks\CCleanerSkipUAC - Philippe => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76C6C1DF-32E1-49DC-8CDE-E02C852598A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {81BCEAEE-0F23-436B-A6D9-90B33563A8A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-26] (Google Inc -> Google Inc.)
Task: {891122A9-C4DA-4935-90E3-6A0854C4961B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C3A69C0-182C-4775-B003-70BE41D7F203} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FC8C72A-FDAD-42E2-AE28-789CB630201D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {98CB8C98-86D1-444D-9E6A-16B676E7DE78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B87B4518-8880-496F-938C-E05CC44047B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-26] (Google Inc -> Google Inc.)
Task: {BA3E0475-C465-48A4-BA10-78A6B080F3E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF995D1D-D120-44FB-B4EF-F08AA0DF5238} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {C38212C7-C334-4A7A-9E1F-40AB9B233766} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5B72B02-EF7E-4161-8D7B-F9A9D56AF664} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {CAA8D0B2-DD87-481E-B094-571312911391} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E09199D1-7440-42BB-B8B7-358895DE1031} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Philippe\AppData\Roaming\HP Photo Creations\Communicator.exe [186080 2011-11-15] (RocketLife -> )
Task: {E0F96383-13FE-49A6-9648-85895FDA9A6F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {E139BDF9-0312-4E19-9262-5B003FDAFF0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\Philippe\AppData\Roaming\HP Photo Creations\Communicator.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 8.8.4.4
Tcpip\..\Interfaces\{385f1d7c-ab40-4bb0-b5c2-ce8329e61c7c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4252f5bd-eff0-4562-aaff-462bae54e56e}: [DhcpNameServer] 192.168.100.251
Tcpip\..\Interfaces\{7cb9e9fc-90a9-4c6d-807f-b88e72167eac}: [DhcpNameServer] 192.168.119.2
Tcpip\..\Interfaces\{7cdc020c-e05c-44ef-85c5-d452f3cc01ba}: [DhcpNameServer] 8.8.4.4

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Philippe\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-08]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1705142343-845631360-3465436581-1002: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Philippe\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default [2021-09-08]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://colab.research.google.com; hxxps://fr.tradingview.com; hxxps://mail.google.com; hxxps://mail.protonmail.com; hxxps://meet.google.com; hxxps://openclassrooms.workplace.com; hxxps://web.telegram.org; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://home.sweetim.com/?barid={15B325BD-DC60-11DF-8CD0-0060B3E38AFF}
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Extension: (Google Drive) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-21]
CHR Extension: (ColorZilla) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-03-21]
CHR Extension: (DuckDuckGo) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-09-08]
CHR Extension: (uBlock Origin) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-14]
CHR Extension: (Éditeur Office pour Docs, Sheets et Slides) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2021-08-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-04]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-13]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-14]
CHR HKU\S-1-5-21-1705142343-845631360-3465436581-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [14649632 2021-09-08] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [527136 2021-09-08] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-09-27] (Microsoft Corporation) [Fichier non signé]
R3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-09-08] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-08 14:19 - 2021-09-08 14:20 - 000019977 _____ C:\Users\Philippe\Desktop\FRST.txt
2021-09-08 14:14 - 2021-09-08 14:14 - 000000000 ____D C:\Users\Philippe\Sublime Text 3
2021-09-08 14:03 - 2021-09-08 14:20 - 000000000 ____D C:\FRST
2021-09-08 13:57 - 2021-09-08 13:58 - 002302976 _____ (Farbar) C:\Users\Philippe\Desktop\FRST64.exe
2021-09-08 13:12 - 2021-09-08 13:12 - 000076744 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2021-09-08 13:12 - 2021-09-08 13:12 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2021-09-08 13:12 - 2021-09-08 13:12 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2021-09-08 13:12 - 2021-09-08 13:12 - 000000000 ____D C:\sh5ldr
2021-09-08 13:12 - 2021-09-08 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2021-09-08 13:12 - 2021-09-08 13:12 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2021-09-08 13:12 - 2021-09-08 13:12 - 000000000 ____D C:\Program Files\EnigmaSoft
2021-09-08 13:11 - 2021-09-08 13:12 - 006673184 _____ (EnigmaSoft Limited) C:\Users\Philippe\Downloads\SpyHunter-Installer.exe
2021-09-07 15:56 - 2021-09-07 15:56 - 734306437 _____ C:\Users\Philippe\Downloads\Introduction to MariaDB and HeidiSQL For Beginners.zip
2021-09-07 15:48 - 2021-09-07 15:48 - 000435805 _____ C:\Users\Philippe\Downloads\visualisez-une-consultation-nationale-avec-tableau_exemple-2019-04-08T133756+(3).zip
2021-09-06 19:46 - 2021-09-06 19:46 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-02 15:53 - 2021-09-02 15:53 - 000417000 _____ C:\Users\Philippe\Downloads\creez_un_dashboard-master.zip
2021-09-02 11:34 - 2021-09-02 16:20 - 000000000 ____D C:\Users\Philippe\AppData\Local\Tableau
2021-09-02 11:34 - 2021-09-02 11:35 - 000000000 ____D C:\ProgramData\FLEXnet
2021-09-02 11:34 - 2021-09-02 11:34 - 000001287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableau 2021.2.lnk
2021-09-02 11:34 - 2021-09-02 11:34 - 000001275 _____ C:\Users\Public\Desktop\Tableau 2021.2.lnk
2021-09-02 11:34 - 2021-09-02 11:34 - 000000000 ____D C:\Users\Philippe\Documents\Mon dossier Tableau
2021-09-02 11:34 - 2021-09-02 11:34 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2021-09-02 11:22 - 2021-09-02 11:34 - 000000000 ____D C:\Program Files\Tableau
2021-09-02 11:14 - 2021-09-02 11:21 - 501696976 _____ (Tableau Software) C:\Users\Philippe\Downloads\TableauDesktop-64bit-2021-2-1.exe
2021-09-01 10:22 - 2021-09-01 10:34 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000853 _____ C:\Users\Philippe\Desktop\HeidiSQL.lnk
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\Users\Philippe\Documents\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\Program Files\HeidiSQL
2021-09-01 10:20 - 2021-09-01 10:21 - 046530806 _____ (Ansgar Becker ) C:\Users\Philippe\Downloads\HeidiSQL_11.3.0.6295_Setup.exe
2021-08-27 20:04 - 2021-08-27 20:05 - 019996684 _____ C:\Users\Philippe\Downloads\PC_P7_effectuez-une-prediction-de-revenus_2021-08-27T142433.zip
2021-08-26 19:55 - 2021-08-26 19:55 - 000073192 _____ C:\Users\Philippe\Downloads\ANTIDOTE-VACCIN-COVID-19.pdf
2021-08-26 19:49 - 2021-08-26 19:51 - 000000000 ____D C:\Users\Philippe\Desktop\Covid vaccin
2021-08-26 12:41 - 2021-08-26 12:41 - 001312450 _____ C:\Users\Philippe\Downloads\Manipulation_des_donnees_avec_Pandas.pdf
2021-08-26 12:37 - 2021-08-26 12:37 - 000389422 _____ C:\Users\Philippe\Downloads\data-projet7 (5).csv
2021-08-24 13:30 - 2021-08-24 13:30 - 019738440 _____ C:\Users\Philippe\Downloads\PC_P7_effectuez-une-prediction-de-revenus_2021-08-23T171159.zip
2021-08-20 15:38 - 2021-08-20 15:38 - 003187368 _____ C:\Users\Philippe\Downloads\Jaws-theme-song.zip
2021-08-20 10:30 - 2021-08-20 10:30 - 000154756 _____ C:\Users\Philippe\Downloads\Vous n'avez pas fait de session de mentorat depuis 7 jours.eml
2021-08-19 11:41 - 2021-08-19 11:41 - 000002916 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Philippe
2021-08-12 08:38 - 2021-08-12 08:38 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-12 08:38 - 2021-08-12 08:38 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-12 08:38 - 2021-08-12 08:38 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-12 08:38 - 2021-08-12 08:38 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-12 08:38 - 2021-08-12 08:38 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 08:38 - 2021-08-12 08:38 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-08-12 08:38 - 2021-08-12 08:38 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-12 08:33 - 2021-08-12 08:33 - 000000000 ___HD C:\$WinREAgent
2021-08-11 10:31 - 2021-08-11 10:31 - 000641627 _____ C:\Users\Philippe\Downloads\160964-bank-template-16x9.pptx
2021-08-11 08:22 - 2021-08-11 08:22 - 002736969 _____ C:\Users\Philippe\Downloads\Transforming_Tibetan_Kingship_The_portra.pdf
2021-08-09 17:34 - 2021-08-09 17:34 - 000585929 _____ C:\Users\Philippe\Downloads\15714_VALSONNE_MUNIER-15714-TOPDIV200.pdf
2021-08-09 10:28 - 2021-08-09 10:28 - 000292549 _____ C:\Users\Philippe\Desktop\ABS0d65f878-f82c-11eb-903a-005056a70f60.pdf
2021-08-09 10:25 - 2021-08-09 10:25 - 000292549 _____ C:\Users\Philippe\Downloads\ABS0d65f878-f82c-11eb-903a-005056a70f60.pdf
2021-08-09 10:25 - 2021-08-09 10:25 - 000292549 _____ C:\Users\Philippe\Downloads\ABS0d65f878-f82c-11eb-903a-005056a70f60 (1).pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-08 14:17 - 2021-03-21 10:12 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-08 14:14 - 2021-03-22 15:06 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Sublime Text 3
2021-09-08 14:14 - 2021-03-22 15:06 - 000000000 ____D C:\Users\Philippe\AppData\Local\Sublime Text 3
2021-09-08 14:14 - 2021-03-21 10:07 - 000000000 ____D C:\Users\Philippe
2021-09-08 13:45 - 2021-03-21 12:45 - 000000000 ____D C:\Program Files\CCleaner
2021-09-08 12:55 - 2020-09-27 07:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-08 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-07 15:59 - 2021-05-10 16:34 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\vlc
2021-09-06 19:46 - 2021-03-26 14:31 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Zoom
2021-09-06 11:30 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-06 11:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-06 09:13 - 2020-09-27 09:37 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-06 09:13 - 2020-09-27 09:37 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-06 09:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-06 09:13 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-05 16:43 - 2021-03-26 10:57 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-09-05 16:43 - 2021-03-21 10:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-03 15:50 - 2021-03-24 20:33 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Ledger Live
2021-09-02 11:34 - 2021-03-21 13:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-02 11:30 - 2020-10-22 16:02 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-02 11:30 - 2019-12-07 16:49 - 000794488 _____ C:\Windows\system32\perfh00C.dat
2021-09-02 11:30 - 2019-12-07 16:49 - 000150602 _____ C:\Windows\system32\perfc00C.dat
2021-09-02 11:28 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\URSSAF RHONE SAINT PRIEST CFE
2021-09-02 11:25 - 2021-03-22 16:20 - 000000000 ___RD C:\Users\Philippe\iCloudDrive
2021-09-02 11:25 - 2021-03-21 12:35 - 000000000 ___RD C:\Users\Philippe\Google Drive
2021-09-02 11:24 - 2021-03-21 11:13 - 000000000 __SHD C:\Users\Philippe\IntelGraphicsProfiles
2021-09-02 11:24 - 2021-03-21 11:13 - 000000000 ____D C:\Intel
2021-09-02 11:24 - 2021-03-21 10:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-02 11:24 - 2020-09-27 09:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-02 11:24 - 2020-09-27 07:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-02 11:23 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-01 09:08 - 2020-09-27 09:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-09-01 09:05 - 2021-03-21 12:03 - 000000000 ____D C:\Users\Philippe\AppData\Local\D3DSCache
2021-08-31 18:20 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\Tirages YK neo prog
2021-08-31 08:37 - 2020-10-22 15:59 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-31 08:35 - 2021-03-21 11:58 - 000000000 ____D C:\Users\Philippe\Documents\ENGIE
2021-08-29 20:32 - 2021-03-21 10:04 - 000000000 ____D C:\Windows\AAct_Tools
2021-08-27 11:27 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\OPEN CR
2021-08-23 10:25 - 2021-03-21 10:09 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1705142343-845631360-3465436581-1002
2021-08-23 10:25 - 2021-03-21 10:09 - 000002426 _____ C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-22 16:48 - 2021-03-21 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-08-20 19:08 - 2021-03-21 10:08 - 000000000 ____D C:\Users\Philippe\AppData\Local\Packages
2021-08-18 10:40 - 2021-03-21 13:17 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-18 10:40 - 2021-03-21 13:17 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-17 01:22 - 2021-03-21 10:34 - 000740168 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2021-08-17 01:22 - 2021-03-21 10:34 - 000486728 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2021-08-13 22:30 - 2020-09-27 07:34 - 000441784 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-13 22:29 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-08-13 22:29 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-08-13 10:04 - 2020-09-27 09:36 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-13 10:04 - 2020-09-27 09:36 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-12 08:41 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-12 08:33 - 2020-10-22 15:58 - 000000000 ____D C:\Windows\system32\MRT
2021-08-12 08:30 - 2020-10-22 15:58 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-09 10:19 - 2021-03-21 10:09 - 000000000 ___RD C:\Users\Philippe\OneDrive

==================== Fichiers à la racine de certains dossiers ========

2021-03-21 12:03 - 2018-09-26 17:25 - 000002678 _____ () C:\Users\Philippe\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================