Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2021
Exécuté par Philippe (administrateur) sur DESKTOP-TKU7009 (HP HP Laptop 15-bs0xx) (11-09-2021 15:53:35)
Exécuté depuis C:\Users\Philippe\Downloads
Profils chargés: Philippe
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\50.0.11.0\crashpad_handler.exe <4>
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.9.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google) C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\SwReporter\93.269.200\software_reporter_tool.exe <4>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe <6>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_155f43dc154e0149\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3052f80b4096eed\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f2250737b8ab5a6\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Philippe\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-01-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1705142343-845631360-3465436581-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.9.0\GoogleDriveFS.exe [54091608 2021-08-26] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetupRST_ModeSwitch.lnk [2021-03-21]
ShortcutTarget: SetupRST_ModeSwitch.lnk -> C:\Users\Philippe\Downloads\SetupRST.exe (Intel(R) pGFX -> Intel Corporation) [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {489A0E4B-DFED-44E3-97D8-3858F1CF7807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49CD3DAF-4E88-4C30-8DC6-F3D363997F04} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-27] (Piriform Software Ltd -> Piriform)
Task: {5C1E0F8E-A1CC-478A-999A-0F913091517A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C38E2E7-E59A-488B-AEA3-2964BCC0119C} - System32\Tasks\CCleanerSkipUAC - Philippe => C:\Program Files\CCleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76C6C1DF-32E1-49DC-8CDE-E02C852598A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {81BCEAEE-0F23-436B-A6D9-90B33563A8A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-26] (Google Inc -> Google Inc.)
Task: {8FC8C72A-FDAD-42E2-AE28-789CB630201D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B87B4518-8880-496F-938C-E05CC44047B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-26] (Google Inc -> Google Inc.)
Task: {BA3E0475-C465-48A4-BA10-78A6B080F3E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF995D1D-D120-44FB-B4EF-F08AA0DF5238} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {C38212C7-C334-4A7A-9E1F-40AB9B233766} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAA8D0B2-DD87-481E-B094-571312911391} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E09199D1-7440-42BB-B8B7-358895DE1031} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Philippe\AppData\Roaming\HP Photo Creations\Communicator.exe [186080 2011-11-15] (RocketLife -> )
Task: {E0F96383-13FE-49A6-9648-85895FDA9A6F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {E139BDF9-0312-4E19-9262-5B003FDAFF0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1855425-0B01-4839-99F9-F4406A84B260} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC82A0F6-A87B-4CA8-8B8D-AB50D55A91FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE0ED465-F71B-4BF8-BA79-EF78D9FF1798} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\Philippe\AppData\Roaming\HP Photo Creations\Communicator.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{385f1d7c-ab40-4bb0-b5c2-ce8329e61c7c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4252f5bd-eff0-4562-aaff-462bae54e56e}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{7cb9e9fc-90a9-4c6d-807f-b88e72167eac}: [DhcpNameServer] 192.168.119.2
Tcpip\..\Interfaces\{7cdc020c-e05c-44ef-85c5-d452f3cc01ba}: [DhcpNameServer] 192.168.8.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Philippe\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-10]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1705142343-845631360-3465436581-1002: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Philippe\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default [2021-09-11]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://colab.research.google.com; hxxps://fr.tradingview.com; hxxps://mail.google.com; hxxps://mail.protonmail.com; hxxps://meet.google.com; hxxps://openclassrooms.workplace.com; hxxps://web.telegram.org; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Extension: (Google Drive) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-21]
CHR Extension: (ColorZilla) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-03-21]
CHR Extension: (DuckDuckGo) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-09-08]
CHR Extension: (uBlock Origin) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-14]
CHR Extension: (Éditeur Office pour Docs, Sheets et Slides) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2021-08-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-21]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-11]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-09]
CHR Extension: (Slides) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-08]
CHR Extension: (Docs) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-08]
CHR Extension: (Google Drive) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-08]
CHR Extension: (YouTube) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-08]
CHR Extension: (Sheets) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-08]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-09-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]
CHR Extension: (Gmail) - C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-08]
CHR Profile: C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-11]
CHR HKU\S-1-5-21-1705142343-845631360-3465436581-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2020-09-27] (Microsoft Corporation) [Fichier non signé]
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.)
R3 MpKsl5390159f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6231816A-9CDF-49B7-98E6-32ED457DFF8F}\MpKslDrv.sys [130296 2021-09-11] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-11 15:53 - 2021-09-11 15:54 - 000020623 _____ C:\Users\Philippe\Downloads\FRST.txt
2021-09-11 15:52 - 2021-09-11 15:54 - 000000000 ____D C:\FRST
2021-09-11 15:48 - 2021-09-11 15:48 - 002302976 _____ (Farbar) C:\Users\Philippe\Downloads\FRST64 (1).exe
2021-09-11 15:47 - 2021-09-11 15:47 - 002302976 _____ (Farbar) C:\Users\Philippe\Downloads\FRST64.exe
2021-09-10 10:29 - 2021-09-10 17:34 - 000000000 ____D C:\Users\Philippe\Desktop\Formation PBI TUTO.COM
2021-09-10 10:28 - 2021-09-10 10:26 - 098313576 _____ C:\Users\Philippe\Desktop\99211-586.zip
2021-09-10 10:26 - 2021-09-10 10:26 - 098313576 _____ C:\Users\Philippe\Downloads\99211-586.zip
2021-09-09 16:28 - 2021-09-09 16:28 - 000000000 ____D C:\Users\Philippe\AppData\Local\Power BI Desktop
2021-09-09 16:27 - 2021-09-09 16:27 - 000002160 _____ C:\Users\Public\Desktop\Power BI Desktop.lnk
2021-09-09 16:27 - 2021-09-09 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Power BI Desktop
2021-09-09 16:27 - 2021-09-09 16:27 - 000000000 ____D C:\Program Files\Microsoft Power BI Desktop
2021-09-09 11:04 - 2021-09-09 11:04 - 000000000 ____D C:\Users\Philippe\Desktop\STAGE SAVLOG
2021-09-09 10:32 - 2021-09-09 15:46 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-09 10:32 - 2021-09-09 15:46 - 000001899 _____ C:\Users\Philippe\Desktop\Google Slides.lnk
2021-09-09 10:32 - 2021-09-09 15:46 - 000001899 _____ C:\Users\Philippe\Desktop\Google Sheets.lnk
2021-09-09 10:32 - 2021-09-09 15:46 - 000001887 _____ C:\Users\Philippe\Desktop\Google Docs.lnk
2021-09-09 10:32 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys
2021-09-09 10:31 - 2021-09-09 10:32 - 260521304 _____ (Google, Inc.) C:\Users\Philippe\Downloads\GoogleDriveSetup.exe
2021-09-08 16:21 - 2021-09-08 16:21 - 002120496 _____ (Malwarebytes) C:\Users\Philippe\Downloads\MBSetup.exe
2021-09-08 16:03 - 2021-09-08 16:03 - 000002394 _____ C:\Users\Philippe\Desktop\Philippe - Chrome.lnk
2021-09-08 14:59 - 2021-09-08 15:03 - 000000000 ____D C:\Users\Philippe\Desktop\CrystalDiskInfo8_12_7
2021-09-08 14:14 - 2021-09-08 14:14 - 000000000 ____D C:\Users\Philippe\Sublime Text 3
2021-09-07 15:56 - 2021-09-07 15:56 - 734306437 _____ C:\Users\Philippe\Downloads\Introduction to MariaDB and HeidiSQL For Beginners.zip
2021-09-07 15:48 - 2021-09-07 15:48 - 000435805 _____ C:\Users\Philippe\Downloads\visualisez-une-consultation-nationale-avec-tableau_exemple-2019-04-08T133756+(3).zip
2021-09-06 19:46 - 2021-09-06 19:46 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-02 15:53 - 2021-09-02 15:53 - 000417000 _____ C:\Users\Philippe\Downloads\creez_un_dashboard-master.zip
2021-09-02 11:34 - 2021-09-02 16:20 - 000000000 ____D C:\Users\Philippe\AppData\Local\Tableau
2021-09-02 11:34 - 2021-09-02 11:35 - 000000000 ____D C:\ProgramData\FLEXnet
2021-09-02 11:34 - 2021-09-02 11:34 - 000001287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableau 2021.2.lnk
2021-09-02 11:34 - 2021-09-02 11:34 - 000001275 _____ C:\Users\Public\Desktop\Tableau 2021.2.lnk
2021-09-02 11:34 - 2021-09-02 11:34 - 000000000 ____D C:\Users\Philippe\Documents\Mon dossier Tableau
2021-09-02 11:34 - 2021-09-02 11:34 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2021-09-02 11:22 - 2021-09-02 11:34 - 000000000 ____D C:\Program Files\Tableau
2021-09-02 11:14 - 2021-09-02 11:21 - 501696976 _____ (Tableau Software) C:\Users\Philippe\Downloads\TableauDesktop-64bit-2021-2-1.exe
2021-09-01 10:22 - 2021-09-01 10:34 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000853 _____ C:\Users\Philippe\Desktop\HeidiSQL.lnk
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\Users\Philippe\Documents\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2021-09-01 10:22 - 2021-09-01 10:22 - 000000000 ____D C:\Program Files\HeidiSQL
2021-09-01 10:20 - 2021-09-01 10:21 - 046530806 _____ (Ansgar Becker ) C:\Users\Philippe\Downloads\HeidiSQL_11.3.0.6295_Setup.exe
2021-08-27 20:04 - 2021-08-27 20:05 - 019996684 _____ C:\Users\Philippe\Downloads\PC_P7_effectuez-une-prediction-de-revenus_2021-08-27T142433.zip
2021-08-26 19:55 - 2021-08-26 19:55 - 000073192 _____ C:\Users\Philippe\Downloads\ANTIDOTE-VACCIN-COVID-19.pdf
2021-08-26 12:41 - 2021-08-26 12:41 - 001312450 _____ C:\Users\Philippe\Downloads\Manipulation_des_donnees_avec_Pandas.pdf
2021-08-26 12:37 - 2021-08-26 12:37 - 000389422 _____ C:\Users\Philippe\Downloads\data-projet7 (5).csv
2021-08-24 13:30 - 2021-08-24 13:30 - 019738440 _____ C:\Users\Philippe\Downloads\PC_P7_effectuez-une-prediction-de-revenus_2021-08-23T171159.zip
2021-08-20 15:38 - 2021-08-20 15:38 - 003187368 _____ C:\Users\Philippe\Downloads\Jaws-theme-song.zip
2021-08-20 10:30 - 2021-08-20 10:30 - 000154756 _____ C:\Users\Philippe\Downloads\Vous n'avez pas fait de session de mentorat depuis 7 jours.eml
2021-08-19 11:41 - 2021-08-19 11:41 - 000002916 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Philippe
2021-08-12 08:38 - 2021-08-12 08:38 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-12 08:38 - 2021-08-12 08:38 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-12 08:38 - 2021-08-12 08:38 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-12 08:38 - 2021-08-12 08:38 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-12 08:38 - 2021-08-12 08:38 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 08:38 - 2021-08-12 08:38 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-08-12 08:38 - 2021-08-12 08:38 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-12 08:33 - 2021-08-12 08:33 - 000000000 ___HD C:\$WinREAgent

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-11 15:48 - 2021-03-21 10:12 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-11 15:43 - 2020-09-27 07:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-11 15:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-11 13:33 - 2021-03-21 12:45 - 000000000 ____D C:\Program Files\CCleaner
2021-09-11 13:31 - 2020-09-27 09:37 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-11 13:31 - 2020-09-27 09:37 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-11 13:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-11 13:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-10 16:05 - 2021-03-21 10:08 - 000000000 ____D C:\Users\Philippe\AppData\Local\Packages
2021-09-09 16:30 - 2021-03-21 12:03 - 000000000 ____D C:\Users\Philippe\AppData\Local\D3DSCache
2021-09-09 16:26 - 2021-03-21 13:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-09 15:46 - 2021-03-21 12:35 - 000000000 ___RD C:\Users\Philippe\Google Drive
2021-09-09 15:46 - 2021-03-21 11:56 - 000001863 _____ C:\Users\Philippe\Desktop\Google Drive.lnk
2021-09-09 11:50 - 2021-03-24 20:33 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Ledger Live
2021-09-09 11:05 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\Tirages YK neo prog
2021-09-09 11:05 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\OPEN CR
2021-09-09 11:01 - 2021-05-10 16:34 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\vlc
2021-09-09 10:58 - 2021-03-21 13:52 - 000000000 ____D C:\SAVLOG
2021-09-09 10:47 - 2020-09-27 09:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-09-09 10:42 - 2020-10-22 16:02 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-09 10:42 - 2019-12-07 16:49 - 000794488 _____ C:\Windows\system32\perfh00C.dat
2021-09-09 10:42 - 2019-12-07 16:49 - 000150602 _____ C:\Windows\system32\perfc00C.dat
2021-09-09 10:42 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-09 10:37 - 2021-03-22 16:20 - 000000000 ___RD C:\Users\Philippe\iCloudDrive
2021-09-09 10:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-09 10:36 - 2021-03-21 11:13 - 000000000 __SHD C:\Users\Philippe\IntelGraphicsProfiles
2021-09-09 10:36 - 2021-03-21 11:13 - 000000000 ____D C:\Intel
2021-09-09 10:36 - 2020-09-27 09:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-09 10:36 - 2020-09-27 07:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-09 10:36 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-09 10:34 - 2021-03-21 10:11 - 000000000 ____D C:\Users\Philippe\AppData\Local\Google
2021-09-09 10:32 - 2021-03-21 12:51 - 000000000 ____D C:\Program Files\Google
2021-09-09 10:19 - 2021-03-26 10:57 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-09-08 16:45 - 2021-03-21 13:17 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-08 16:45 - 2021-03-21 13:17 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-08 16:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-08 16:27 - 2021-03-21 12:03 - 000000000 ____D C:\Users\Philippe\AppData\Local\CrashDumps
2021-09-08 15:27 - 2021-04-03 19:09 - 000000000 ____D C:\Users\Philippe\AppData\LocalLow\Temp
2021-09-08 14:14 - 2021-03-22 15:06 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Sublime Text 3
2021-09-08 14:14 - 2021-03-22 15:06 - 000000000 ____D C:\Users\Philippe\AppData\Local\Sublime Text 3
2021-09-08 14:14 - 2021-03-21 10:07 - 000000000 ____D C:\Users\Philippe
2021-09-06 19:46 - 2021-03-26 14:31 - 000000000 ____D C:\Users\Philippe\AppData\Roaming\Zoom
2021-09-05 16:43 - 2021-03-21 10:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-02 11:28 - 2021-03-21 11:57 - 000000000 ____D C:\Users\Philippe\Desktop\URSSAF RHONE SAINT PRIEST CFE
2021-09-02 11:24 - 2021-03-21 10:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-01 09:08 - 2020-09-27 09:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-31 08:37 - 2020-10-22 15:59 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-31 08:35 - 2021-03-21 11:58 - 000000000 ____D C:\Users\Philippe\Documents\ENGIE
2021-08-23 10:25 - 2021-03-21 10:09 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1705142343-845631360-3465436581-1002
2021-08-23 10:25 - 2021-03-21 10:09 - 000002426 _____ C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-17 01:22 - 2021-03-21 10:34 - 000740168 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2021-08-17 01:22 - 2021-03-21 10:34 - 000486728 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2021-08-13 22:30 - 2020-09-27 07:34 - 000441784 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-13 22:29 - 2019-12-07 16:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-08-13 22:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-08-13 22:29 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-08-13 10:04 - 2020-09-27 09:36 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-13 10:04 - 2020-09-27 09:36 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-12 08:41 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-12 08:33 - 2020-10-22 15:58 - 000000000 ____D C:\Windows\system32\MRT
2021-08-12 08:30 - 2020-10-22 15:58 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Fichiers à la racine de certains dossiers ========

2021-03-21 12:03 - 2018-09-26 17:25 - 000002678 _____ () C:\Users\Philippe\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================