Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
Exécuté par Lauks (administrateur) sur Lauks (Hewlett-Packard p6-2018frm) (18-01-2021 21:37:28)
Exécuté depuis C:\Users\Lauks\Desktop
Profils chargés: Lauks
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Langue: French (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0429AD32-C3C7-4B49-BBB7-E84A544E355E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2261AD92-23DE-4B03-B774-29E4D4237012} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42BB1E52-1709-4576-8395-54A5A1FD0517} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B642FE72-E538-438A-83E3-AD06374C43DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66fe6ff9-1b4a-492a-9fef-1ead85497aee}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Lauks\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-01-17]

FireFox:
========
FF DefaultProfile: h5ju12a5.default
FF DefaultProfile: 11wiq294.default
FF ProfilePath: C:\Users\Lauks\AppData\Roaming\Waterfox\Profiles\h5ju12a5.default [2021-01-13]
FF ProfilePath: C:\Users\Lauks\AppData\Roaming\Waterfox\Profiles\ybbkp0ki.68-edition-default [2021-01-13]
FF ProfilePath: C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks [2021-01-18]
FF Homepage: Mozilla\Firefox\Profiles\u9iy39hy.Lauks -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\u9iy39hy.Lauks -> hxxps://maranhesduve.club; hxxps://transilien-web-by.accengage.net
FF Extension: (HTTPS Everywhere) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\https-everywhere@eff.org.xpi [2021-01-14]
FF Extension: (English (GB) Language Pack) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2020-12-16]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\marcoagpinto@mail.telepac.pt.xpi [2021-01-01] []
FF Extension: (uBlock Origin) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\uBlock0@raymondhill.net.xpi [2021-01-16]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2020-12-07]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Lauks\AppData\Roaming\Mozilla\Firefox\Profiles\u9iy39hy.Lauks\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF ProfilePath: C:\Users\Lauks\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\11wiq294.default [2021-01-16]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-05-05] [] [non signé]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\Lauks\AppData\Roaming\Opera Software\Opera Stable [2021-01-17]
OPR StartupUrls: Opera Stable -> "hxxp://google.fr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Lauks\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-01-13]

Brave:
=======
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-01-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-01-13]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-01-13]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-12-28]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-01-04]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjpbonbjgpinifgnneajcbigekbpfige [2021-01-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Lauks\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-01-13]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-28] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-28] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-11] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-15] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl1aa4d1a6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1574520C-7769-4FB3-86C9-C9A9ACD4DC1C}\MpKslDrv.sys [91376 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
S2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [101600 2020-12-29] (TEFINCOM S.A. -> )
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-10-23] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [27584 2018-03-24] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [38176 2020-11-24] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-18 21:37 - 2021-01-18 21:39 - 000012423 _____ C:\Users\Lauks\Desktop\FRST.txt
2021-01-18 21:36 - 2021-01-18 21:38 - 000000000 ____D C:\FRST
2021-01-18 21:29 - 2021-01-18 21:29 - 002295296 _____ (Farbar) C:\Users\Lauks\Desktop\FRST64.exe
2021-01-18 04:46 - 2021-01-18 04:46 - 000241484 _____ C:\Users\Lauks\Desktop\ZHPDiag.txt
2021-01-18 04:33 - 2021-01-18 04:33 - 003284104 _____ (Nicolas Coolman) C:\Users\Lauks\Downloads\ZHPDiag3.exe
2021-01-18 04:33 - 2021-01-18 04:33 - 000000865 _____ C:\Users\Lauks\Desktop\ZHPDiag.lnk
2021-01-18 04:33 - 2021-01-18 04:33 - 000000000 ____D C:\Users\Lauks\AppData\Local\ZHP
2021-01-18 00:43 - 2021-01-18 00:43 - 000000000 ____D C:\KPRM
2021-01-17 21:53 - 2021-01-17 23:25 - 000000000 ____D C:\Users\Lauks\Desktop\Revo
2021-01-17 05:00 - 2021-01-18 04:46 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\ZHP
2021-01-16 23:45 - 2021-01-16 23:45 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-16 23:45 - 2021-01-16 23:45 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-16 23:45 - 2021-01-16 23:45 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-16 23:45 - 2021-01-16 23:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-16 23:44 - 2021-01-16 23:44 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-16 23:44 - 2021-01-16 23:44 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-16 23:44 - 2021-01-16 23:44 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-16 23:44 - 2021-01-16 23:44 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-16 23:44 - 2021-01-16 23:44 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-16 23:44 - 2021-01-16 23:44 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-16 23:44 - 2021-01-16 23:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-16 23:44 - 2021-01-16 23:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-16 23:44 - 2021-01-16 23:44 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-16 23:43 - 2021-01-16 23:43 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-16 23:43 - 2021-01-16 23:43 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-16 23:43 - 2021-01-16 23:43 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-16 23:43 - 2021-01-16 23:43 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-16 23:43 - 2021-01-16 23:43 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-16 23:42 - 2021-01-16 23:42 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-16 23:42 - 2021-01-16 23:42 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-16 23:42 - 2021-01-16 23:42 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-16 23:42 - 2021-01-16 23:42 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-16 23:41 - 2021-01-16 23:41 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-16 23:41 - 2021-01-16 23:41 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-16 23:41 - 2021-01-16 23:41 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-16 23:40 - 2021-01-16 23:40 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-16 23:40 - 2021-01-16 23:40 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-16 23:40 - 2021-01-16 23:40 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-16 23:40 - 2021-01-16 23:40 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-16 23:39 - 2021-01-16 23:39 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-16 23:39 - 2021-01-16 23:39 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-16 23:38 - 2021-01-16 23:38 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-16 23:38 - 2021-01-16 23:38 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-16 23:38 - 2021-01-16 23:38 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-16 23:37 - 2021-01-16 23:37 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-16 23:37 - 2021-01-16 23:37 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-16 02:50 - 2021-01-16 02:50 - 000000778 _____ C:\Users\Lauks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-15 23:51 - 2021-01-15 23:51 - 000002960 _____ C:\Users\Lauks\Documents\scan malwayrebite.txt
2021-01-15 15:23 - 2021-01-15 15:23 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-15 15:23 - 2021-01-15 15:23 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-15 15:23 - 2021-01-15 15:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-15 15:23 - 2021-01-15 15:23 - 000000000 ____D C:\Users\Lauks\AppData\Local\mbam
2021-01-15 15:23 - 2021-01-15 15:22 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-15 15:22 - 2021-01-15 15:22 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-15 15:22 - 2021-01-15 15:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-15 15:22 - 2021-01-15 15:22 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-15 01:54 - 2021-01-17 02:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-15 01:54 - 2021-01-15 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-15 00:42 - 2020-02-25 12:19 - 000000000 ____D C:\Users\Lauks\Documents\32_0_r0_344_debug
2021-01-15 00:42 - 2020-02-25 12:19 - 000000000 ____D C:\Users\Lauks\Documents\32_0_r0_344
2021-01-15 00:21 - 2021-01-15 00:21 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Macromedia
2021-01-13 08:27 - 2021-01-13 08:28 - 000000000 ____D C:\Users\Lauks\AppData\LocalLow\Waterfox
2021-01-13 08:27 - 2021-01-13 08:27 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Waterfox
2021-01-13 08:27 - 2021-01-13 08:27 - 000000000 ____D C:\Users\Lauks\AppData\Local\Waterfox
2021-01-13 08:27 - 2021-01-13 08:27 - 000000000 ____D C:\ProgramData\Waterfox
2021-01-13 08:22 - 2021-01-16 00:23 - 000000000 ____D C:\Users\Lauks\AppData\Local\CrashDumps
2021-01-13 08:22 - 2021-01-13 08:22 - 000000000 ____D C:\Users\Lauks\AppData\Local\NVIDIA
2021-01-13 08:21 - 2021-01-13 08:21 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Moonchild Productions
2021-01-13 08:21 - 2021-01-13 08:21 - 000000000 ____D C:\Users\Lauks\AppData\Local\Moonchild Productions
2021-01-13 07:11 - 2021-01-13 07:25 - 000000000 ____D C:\Users\Lauks\Documents\Camtasia
2021-01-13 07:07 - 2021-01-13 07:11 - 000000000 ____D C:\Users\Lauks\AppData\Local\TechSmith
2021-01-13 07:07 - 2021-01-13 07:07 - 000000000 ____D C:\Users\Public\TechSmith
2021-01-13 07:07 - 2021-01-13 07:07 - 000000000 ____D C:\ProgramData\TechSmith
2021-01-13 07:07 - 2021-01-13 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2021-01-13 07:07 - 2021-01-13 07:07 - 000000000 ____D C:\Program Files\TechSmith
2021-01-13 07:07 - 2021-01-13 07:07 - 000000000 ____D C:\Program Files\Common Files\TechSmith Shared
2021-01-13 06:44 - 2021-01-13 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-01-13 02:13 - 2021-01-16 00:09 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-13 01:25 - 2021-01-13 01:25 - 000001403 _____ C:\Users\Lauks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-01-12 00:21 - 2021-01-18 00:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-12 00:21 - 2021-01-12 00:21 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-11 17:32 - 2021-01-15 01:26 - 000000000 ____D C:\Users\Lauks\AppData\Local\Facebook
2021-01-08 19:48 - 2021-01-17 04:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-08 19:47 - 2021-01-09 21:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-04 12:54 - 2020-12-29 17:02 - 000101600 _____ C:\WINDOWS\system32\Drivers\NDivert.sys
2021-01-01 01:51 - 2021-01-13 05:40 - 000000000 ____D C:\Users\Lauks\Documents\Bandicam
2021-01-01 01:51 - 2021-01-01 01:51 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Bandicam Company
2021-01-01 01:50 - 2021-01-01 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2021-01-01 01:49 - 2021-01-01 01:50 - 000000000 ____D C:\Program Files (x86)\Bandicam
2021-01-01 01:49 - 2021-01-01 01:49 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2020-12-28 19:50 - 2021-01-09 08:00 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-12-28 19:49 - 2020-12-28 19:50 - 000000000 ____D C:\Users\Lauks\AppData\Local\BraveSoftware
2020-12-28 19:49 - 2020-12-28 19:49 - 000000000 ____D C:\Program Files\BraveSoftware
2020-12-28 19:49 - 2020-12-28 19:49 - 000000000 ____D C:\Program Files (x86)\BraveSoftware

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-18 21:17 - 2020-04-14 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-18 18:13 - 2020-04-14 19:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-18 18:12 - 2020-04-14 19:20 - 000000000 ____D C:\Users\Lauks\AppData\LocalLow\Mozilla
2021-01-18 05:13 - 2020-04-14 19:00 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 01:08 - 2020-10-04 02:20 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\TeamViewer
2021-01-18 00:43 - 2020-05-01 15:31 - 000000000 ____D C:\Users\Lauks\AppData\Local\ESET
2021-01-18 00:36 - 2020-04-14 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-18 00:35 - 2020-04-14 15:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-17 22:01 - 2020-04-14 19:13 - 000000000 ____D C:\Users\Lauks\AppData\Local\Packages
2021-01-17 22:01 - 2020-04-14 15:51 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-17 22:01 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-17 05:18 - 2020-04-16 23:29 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2021-01-17 04:51 - 2020-05-18 10:10 - 000000000 ____D C:\Users\Lauks\AppData\LocalLow\Temp
2021-01-17 04:07 - 2020-04-14 15:51 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-17 04:07 - 2020-04-14 15:49 - 000000000 ____D C:\WINDOWS\INF
2021-01-17 02:42 - 2020-04-14 19:11 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-17 02:42 - 2020-04-14 15:56 - 000791936 _____ C:\WINDOWS\system32\perfh00C.dat
2021-01-17 02:42 - 2020-04-14 15:56 - 000150004 _____ C:\WINDOWS\system32\perfc00C.dat
2021-01-17 02:36 - 2020-04-14 19:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-17 02:36 - 2020-04-14 19:13 - 000000000 __RHD C:\Users\Lauks\3D Objects
2021-01-17 02:35 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-17 02:34 - 2020-04-14 18:57 - 000436392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-17 02:30 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-17 02:29 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-17 02:29 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-17 02:29 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-17 02:29 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-17 02:29 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\IME
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-17 02:28 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-16 23:55 - 2020-04-14 15:43 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-16 23:37 - 2020-04-14 19:00 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-16 21:24 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-16 01:40 - 2020-04-17 17:46 - 000000000 ____D C:\Users\Lauks\AppData\Local\D3DSCache
2021-01-16 00:46 - 2020-04-15 16:00 - 000000000 ____D C:\Users\Lauks\AppData\Local\Google
2021-01-16 00:46 - 2020-04-15 16:00 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-16 00:23 - 2020-05-28 14:07 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-16 00:23 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-16 00:23 - 2020-04-14 15:40 - 000000000 ____D C:\WINDOWS\Panther
2021-01-16 00:09 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-15 23:37 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-15 21:12 - 2020-04-14 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 21:08 - 2020-04-14 23:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 20:25 - 2020-04-14 19:38 - 000000000 ____D C:\Users\Lauks\AppData\Local\PlaceholderTileLogoFolder
2021-01-14 20:24 - 2020-05-10 03:56 - 000000000 ____D C:\Program Files\WinRAR
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-01-14 20:05 - 2020-04-14 15:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-01-14 20:05 - 2020-04-14 15:51 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-01-14 20:05 - 2020-04-14 15:51 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-14 20:05 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-14 20:05 - 2020-04-14 15:51 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-14 20:05 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-14 20:05 - 2020-04-14 15:40 - 000000000 ____D C:\WINDOWS\servicing
2021-01-14 20:04 - 2020-04-14 15:51 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-14 19:56 - 2020-04-14 15:57 - 000000000 ____D C:\WINDOWS\OCR
2021-01-14 19:20 - 2020-10-13 18:52 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-14 19:20 - 2020-10-13 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-13 20:50 - 2020-08-14 00:24 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\VLC
2021-01-13 18:24 - 2020-04-14 19:13 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Adobe
2021-01-13 07:05 - 2020-04-26 02:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-13 04:26 - 2020-04-14 19:11 - 000000000 ____D C:\Users\Lauks
2021-01-13 01:25 - 2020-04-16 20:57 - 000000000 ____D C:\Users\Lauks\AppData\Local\Opera Software
2021-01-13 01:24 - 2020-04-16 20:57 - 000000000 ____D C:\Users\Lauks\AppData\Roaming\Opera Software
2021-01-11 17:52 - 2020-04-14 19:31 - 000000000 ____D C:\Users\Lauks\AppData\Local\Adobe
2021-01-10 17:37 - 2020-04-26 02:23 - 000000000 ____D C:\Program Files\Npcap
2021-01-10 17:35 - 2020-06-23 15:15 - 000000000 ____D C:\WINDOWS\twain_64
2021-01-09 21:43 - 2020-04-14 19:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 21:35 - 2020-04-14 19:18 - 000000000 ___RD C:\Users\Lauks\OneDrive
2021-01-09 08:30 - 2020-10-15 13:59 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-01-09 08:30 - 2020-10-15 13:59 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-01-04 12:55 - 2020-04-14 22:04 - 000000000 ____D C:\Users\Lauks\AppData\Local\NordVPN
2021-01-04 12:54 - 2020-10-04 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2021-01-04 12:54 - 2020-08-15 13:56 - 000000000 ____D C:\ProgramData\NordVPN
2021-01-04 12:54 - 2020-08-15 13:56 - 000000000 ____D C:\Program Files\NordVPN

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================