Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Exécuté par georg (administrateur) sur GEORGES (LENOVO 10132) (20-01-2021 22:16:23)
Exécuté depuis C:\Users\georg\Desktop
Profils chargés: georg
Platform: Windows 10 Home Version 20H2 19042.746 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Policies\Explorer: [NoWinkeys] 0
HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1802578464-2306559272-1428237014-1001\...\Policies\Explorer: [NoViewContextMenu] 0
Startup: C:\Users\georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2017-11-22]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Startup: C:\Users\georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RimhillEx.lnk [2020-04-27]
ShortcutTarget: RimhillEx.lnk -> C:\Users\georg\AppData\Local\RimhillEx\RimhillEx.exe (the sz development) [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0096DD46-1F75-4669-8B5E-F6253EA42DC1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0545B27C-C6EA-4805-8D4B-E8AF0E596906} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2D195AC4-DE66-4B52-8C58-962B2CB5870E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49552B6A-5475-4208-8425-C7C34DF4E809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63EDBD40-75F1-45AC-B64D-15B1DB9BF3FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6C009726-D856-4E76-909B-6A97B537C99E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {6F85AC95-DD3A-48F8-95EB-12E1307297F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8666D0FD-5A0C-4500-95BC-859BE77D75DB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {873D3090-EABE-4E16-B450-8487D7CF61A2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1802578464-2306559272-1428237014-500 => C:\Users\georg\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9097AF23-5685-468A-898B-288D6E265A7F} - System32\Tasks\Avira SystrayStartTrigger => C:\Program Files (x86)\Avira\Launcher\\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A7D82A17-26A4-48EF-80EE-18812217AAB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB801EC8-AA65-4B3E-B6BC-7F92C8C904AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E435C0CD-C0DC-4371-A544-FE490B7FC303} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [625120 2021-01-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {F4A19C3A-125D-4EE2-9F01-D1CE43842BF8} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleaner Browser Heartbeat Task (Hourly).job => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\µTorrent® Update_1.job => C:\Users\georg\AppData\Roaming\uTorrent\uTorrent.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{78448c25-f06b-47e4-811a-b6b4f65160b6}: [DhcpNameServer] 212.27.40.240 212.27.40.241
DnsPolicyConfig: [DNS_RESILIENCY_fe3cr.delivery.mp.microsoft.com] => GenericDNSServers=162.159.36.2

Edge:
=======
DownloadDir: C:\Users\georg\Downloads

FireFox:
========
FF DefaultProfile: hju4t8qo.default-1511988771137
FF ProfilePath: C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\xrbuzbwz.default-release [2021-01-18]
FF ProfilePath: C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137 [2021-01-20]
FF Homepage: Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137 -> hxxps://www.google.fr/
FF Extension: (uBlock Origin) - C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137\Extensions\uBlock0@raymondhill.net.xpi [2021-01-17]
FF Extension: (Video DownloadHelper) - C:\Users\georg\AppData\Roaming\Mozilla\Firefox\Profiles\hju4t8qo.default-1511988771137\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-01-18]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\109657531.js [2018-02-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\112418406.js [2018-02-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\109657531.cfg [2018-02-10] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\112418406.cfg [2018-02-10] <==== ATTENTION

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 16419798; C:\WINDOWS\System32\drivers\55139438.sys [208216 2021-01-17] () [Fichier non signé]
S3 60513929; C:\WINDOWS\System32\drivers\17139464.sys [208216 2021-01-17] () [Fichier non signé]
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-20 22:16 - 2021-01-20 22:17 - 000017591 _____ C:\Users\georg\Desktop\FRST.txt
2021-01-20 22:15 - 2021-01-20 22:17 - 000000000 ____D C:\FRST
2021-01-20 21:58 - 2021-01-20 21:58 - 002295808 _____ (Farbar) C:\Users\georg\Desktop\FRST64.exe
2021-01-20 01:45 - 2021-01-20 01:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-20 01:44 - 2021-01-20 01:44 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-20 01:44 - 2021-01-20 01:44 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-20 01:44 - 2021-01-20 01:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-20 01:44 - 2021-01-20 01:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-20 01:44 - 2021-01-20 01:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-20 01:44 - 2021-01-20 01:44 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-20 01:44 - 2021-01-20 01:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-20 01:44 - 2021-01-20 01:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-20 01:44 - 2021-01-20 01:44 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-20 01:44 - 2021-01-20 01:44 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-20 01:43 - 2021-01-20 01:43 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-20 01:43 - 2021-01-20 01:43 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-20 01:43 - 2021-01-20 01:43 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-20 01:43 - 2021-01-20 01:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-20 01:43 - 2021-01-20 01:43 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-20 01:42 - 2021-01-20 01:42 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-20 01:42 - 2021-01-20 01:42 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-20 01:42 - 2021-01-20 01:42 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-20 01:42 - 2021-01-20 01:42 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-20 01:41 - 2021-01-20 01:41 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-20 01:41 - 2021-01-20 01:41 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-20 01:41 - 2021-01-20 01:41 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-20 01:40 - 2021-01-20 01:40 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-20 01:40 - 2021-01-20 01:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-20 01:40 - 2021-01-20 01:40 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-20 01:40 - 2021-01-20 01:40 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-20 01:39 - 2021-01-20 01:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-20 01:38 - 2021-01-20 01:38 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-20 01:38 - 2021-01-20 01:38 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-20 01:38 - 2021-01-20 01:38 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-20 01:38 - 2021-01-20 01:38 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-20 01:37 - 2021-01-20 01:37 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-20 01:37 - 2021-01-20 01:37 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-20 01:37 - 2021-01-20 01:37 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-20 01:37 - 2021-01-20 01:37 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-20 01:36 - 2021-01-20 01:36 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-20 01:36 - 2021-01-20 01:36 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-20 01:36 - 2021-01-20 01:36 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-20 01:36 - 2021-01-20 01:36 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-19 14:05 - 2021-01-19 14:10 - 000000000 ____D C:\ESD
2021-01-19 14:02 - 2021-01-19 14:02 - 000000000 ___HD C:\$Windows.~WS
2021-01-19 13:54 - 2021-01-19 13:54 - 000000000 ___HD C:\$WINDOWS.~BT
2021-01-18 16:59 - 2021-01-18 16:59 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2021-01-18 16:59 - 2021-01-18 16:59 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2021-01-18 16:59 - 2021-01-18 16:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-01-18 16:46 - 2021-01-18 16:47 - 000000878 _____ C:\DelFix.txt
2021-01-18 16:34 - 2021-01-18 16:34 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-18 16:34 - 2021-01-18 16:34 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-18 16:34 - 2021-01-18 16:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-18 16:34 - 2021-01-18 16:34 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-18 16:34 - 2021-01-18 16:34 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-18 16:34 - 2021-01-18 16:34 - 000000000 ____D C:\Users\georg\AppData\Local\mbam
2021-01-18 16:29 - 2021-01-18 16:29 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-18 15:20 - 2021-01-18 16:24 - 000000000 ____D C:\Users\georg\AppData\Roaming\ZHP
2021-01-18 15:20 - 2021-01-18 15:20 - 000000000 ____D C:\Users\georg\AppData\Local\ZHP
2021-01-17 21:26 - 2021-01-17 21:26 - 000000000 ____D C:\Users\georg\AppData\Local\Mozilla
2021-01-17 21:23 - 2021-01-17 22:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-17 20:28 - 2021-01-17 20:52 - 000000000 ____D C:\ProgramData\TEMP
2021-01-17 20:15 - 2021-01-17 20:15 - 000000000 ____D C:\Users\georg\Documents\Simply Super Software
2021-01-17 20:12 - 2021-01-17 20:14 - 014225200 _____ (Simply Super Software ) C:\Users\georg\Desktop\trjsetup695.exe
2021-01-17 19:31 - 2021-01-17 19:31 - 000001786 _____ C:\Users\georg\Desktop\Avira.SystrayStartTrigger.exe - Raccourci.lnk
2021-01-17 19:25 - 2021-01-17 19:25 - 000001644 _____ C:\Users\georg\Desktop\avcenter.exe - Raccourci.lnk
2021-01-17 19:18 - 2021-01-17 19:18 - 000208216 _____ C:\WINDOWS\system32\Drivers\55139438.sys
2021-01-17 19:16 - 2021-01-17 19:28 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-17 19:16 - 2021-01-17 19:16 - 000208216 _____ C:\WINDOWS\system32\Drivers\17139464.sys
2021-01-12 22:47 - 2021-01-12 22:47 - 000001692 _____ C:\Users\georg\Desktop\POWERPNT.EXE - Raccourci.lnk
2021-01-12 22:47 - 2021-01-12 22:47 - 000001661 _____ C:\Users\georg\Desktop\EXCEL.EXE - Raccourci.lnk
2021-01-12 22:45 - 2021-01-12 22:45 - 000001681 _____ C:\Users\georg\Desktop\WINWORD.EXE - Raccourci.lnk
2021-01-12 22:11 - 2021-01-17 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-01-12 22:11 - 2021-01-17 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-01-12 22:11 - 2021-01-17 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2021-01-12 22:10 - 2021-01-17 22:39 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-12 22:10 - 2021-01-12 22:10 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-01-12 22:10 - 2021-01-12 22:10 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2021-01-12 22:09 - 2021-01-17 22:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2021-01-12 22:08 - 2021-01-17 22:38 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-01-12 22:08 - 2021-01-12 22:10 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-12 22:08 - 2021-01-12 22:08 - 000000000 ____D C:\Users\georg\AppData\Local\Microsoft Help
2021-01-12 22:08 - 2021-01-12 22:08 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2021-01-12 22:08 - 2021-01-12 22:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-12 22:08 - 2021-01-12 22:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-01-12 22:07 - 2021-01-12 22:07 - 000000000 __RHD C:\MSOCache
2021-01-12 21:59 - 2013-08-22 09:40 - 000040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2021-01-08 18:50 - 2021-01-17 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-23 22:05 - 2021-01-19 12:31 - 000000000 ____D C:\Users\georg\Desktop\administratif
2020-12-23 21:36 - 2021-01-19 12:32 - 000000000 ____D C:\Users\georg\Desktop\Nouveau dossier
2020-12-23 15:15 - 2020-12-29 03:12 - 000000000 ____D C:\Users\georg\AppData\Local\PlaceholderTileLogoFolder
2020-12-22 17:14 - 2020-12-22 17:14 - 000000000 ____D C:\Users\georg\AppData\Local\MicrosoftEdge

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-20 22:15 - 2017-05-26 17:43 - 000000000 ____D C:\Users\georg\AppData\LocalLow\Mozilla
2021-01-20 21:37 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-20 20:58 - 2018-04-25 22:56 - 000000000 ____D C:\Users\georg\AppData\Roaming\vlc
2021-01-20 20:05 - 2017-09-19 21:45 - 000000000 ____D C:\Program Files\CCleaner
2021-01-20 16:27 - 2020-03-31 15:22 - 000000000 ____D C:\Users\georg\AppData\Roaming\uTorrent
2021-01-20 16:27 - 2020-03-14 15:23 - 000000000 ____D C:\Users\georg\AppData\LocalLow\uTorrent
2021-01-20 16:27 - 2019-03-23 09:45 - 000000000 ____D C:\Users\georg\AppData\Local\BitTorrentHelper
2021-01-20 09:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-20 04:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-20 04:36 - 2020-12-06 04:57 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-20 04:36 - 2019-12-07 15:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2021-01-20 04:36 - 2019-12-07 15:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2021-01-20 04:32 - 2019-02-05 05:28 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-20 04:30 - 2017-05-26 17:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-20 04:30 - 2017-05-26 17:32 - 000000000 __SHD C:\Users\georg\IntelGraphicsProfiles
2021-01-20 04:29 - 2020-09-27 06:51 - 000456248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-20 04:28 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-20 04:28 - 2020-09-27 06:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-20 04:28 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-20 04:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-20 04:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-20 04:22 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-20 04:22 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-20 04:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-20 02:16 - 2017-05-29 22:22 - 000000000 ____D C:\Users\georg\dwhelper
2021-01-20 01:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-20 01:36 - 2020-09-27 08:53 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-19 14:10 - 2020-12-06 02:59 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-19 13:58 - 2020-12-06 05:04 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2021-01-19 13:58 - 2020-12-06 05:04 - 000001908 _____ C:\WINDOWS\diagerr.xml
2021-01-19 13:58 - 2020-12-05 22:47 - 000000000 ____D C:\Windows10Upgrade
2021-01-19 13:58 - 2020-01-22 00:57 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à jour de Windows 10.lnk
2021-01-18 17:47 - 2020-05-03 14:58 - 000000000 ___RD C:\Users\georg\OneDrive
2021-01-18 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-18 17:15 - 2017-03-18 22:03 - 000000167 _____ C:\WINDOWS\win.ini
2021-01-18 17:08 - 2017-05-26 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-18 17:06 - 2017-05-26 19:40 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-18 16:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-18 13:44 - 2020-12-12 18:27 - 000000000 ____D C:\Users\georg\AppData\LocalLow\Temp
2021-01-17 22:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-17 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-01-17 22:39 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-17 22:39 - 2019-07-19 19:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-17 22:39 - 2017-11-29 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-17 22:38 - 2020-12-06 05:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1802578464-2306559272-1428237014-1001
2021-01-17 22:38 - 2020-09-01 19:01 - 000000000 ____D C:\Users\Public\Security Sessions
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-01-17 22:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-17 22:38 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-01-17 21:26 - 2017-05-26 17:42 - 000000000 ____D C:\Users\georg\AppData\Roaming\Mozilla
2021-01-17 21:23 - 2017-11-29 21:52 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-17 21:23 - 2017-11-29 21:52 - 000001220 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-01-17 20:05 - 2020-12-06 05:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-17 19:34 - 2020-12-06 04:08 - 000000000 ____D C:\Users\georg
2021-01-14 09:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-11 16:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-11 16:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-31 18:46 - 2020-12-16 18:46 - 000003702 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-12-28 21:43 - 2017-12-09 07:31 - 000000000 ____D C:\Users\georg\AppData\Local\Packages
2020-12-24 17:27 - 2020-12-06 05:05 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

==================== Fichiers à la racine de certains dossiers ========

2017-08-22 09:13 - 2017-12-03 23:57 - 000007605 _____ () C:\Users\georg\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================