Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2020
Exécuté par Edmond (administrateur) sur EDMOND-PC (MEDION MS-7800) (05-12-2020 09:56:27)
Exécuté depuis C:\Users\Edmond\Desktop
Profils chargés: Edmond
Platform: Windows 10 Home Version 2004 19041.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [Google Update] => "C:\Users\Edmond\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe"
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [A230167323DC8D4418D158A2D627D7BBC6CB2873._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
GroupPolicy-x32: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03B4A840-8854-462C-8A0C-338AD846515A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AFBB018-2F65-43DC-9D63-5AA2DBC95A21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {2EA29729-1989-4C7E-A6E7-4C2A9B8E1E83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {32CDB733-F9BA-4081-B1D8-E8D99B3D68D5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {44C4E4FF-002F-48BE-B431-BA287A59485E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-07] (Google Inc -> Google Inc.)
Task: {5F8E356E-B364-4A1A-8FAC-9F8C79567A38} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1963938955-2357898480-639427056-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-15] (Microsoft Windows -> )
Task: {60A856CB-A301-49BB-A944-E9CF97321A63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {67F1388B-6D35-4343-B9C6-E8C878FC030D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {739E74E6-8DAD-4F48-97A3-53D032A24A66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {795B1AB4-3F9A-4A4C-B68D-CC5576B61652} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {8BAE0A6C-64AE-47DF-AE21-B5929D4AD593} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-07] (Google Inc -> Google Inc.)
Task: {ABAFF4CD-A8E1-43A4-8F92-E10D85DB5D34} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001Core => C:\Users\Edmond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {B0D2E4EA-2646-45D9-9EEC-A280733A4207} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C5B9D643-16CF-4D11-88DF-9EA68BD6E1D7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C62B0D7B-241C-4718-B9FB-E6043262DBCB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {CA2D7513-AC8B-458C-9296-491289D5C28D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2299296-CD5A-419E-91A2-60FF583D1ADB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {DA31A439-0523-4794-A309-5B4F910583F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0D1CFF9-9E40-4685-9726-FF7DF5DFD26E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E10618BB-6A94-4CD8-8B13-BA6228F62564} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001UA => C:\Users\Edmond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E7AFE029-4E02-4AD4-A667-B87DEF84CFC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E9C8E2C4-96C2-440B-8765-FCED2C96AC29} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F60CA208-46EF-45C3-BC6C-1C541C8A6DD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1963938955-2357898480-639427056-1001] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5baedbb7-520d-4913-9a8f-ef4d97d3bc26}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ec1e47bd-3de9-4ac9-8ea7-fda6129030dc}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
======
DownloadDir: C:\Users\Edmond\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2020-12-05] <==== ATTENTION
Edge Profile: C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-05]
Edge Extension: (AllInOneDocs) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammedmhjkobkdljgdngfmkkdcgldommf [2020-06-24]
Edge Extension: (One Click Translate) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\anhjddeakbabimdgmonfbnpbainknbfa [2020-06-04]
Edge Extension: (VideoDownloadConverter) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\apicngidjjeegmfbfgpobchlpliidibm [2020-06-24]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-12-04]
Edge Extension: (eID Chrome Extension) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2020-06-04]
Edge Extension: (Option Mailto) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dihjmegegambojpfjfpeimoghmcpdcbf [2020-06-04]
Edge Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2020-12-04]
Edge Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2020-06-04]
Edge Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2020-11-01]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-11-23]
Edge Extension: (Amazon Assistant) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-10-12]
Edge Extension: (AtoZManuals for Chrome) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jnndaplccjeffekcadmimifgiohojden [2020-06-24]
Edge Extension: (Connective signing extension) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2020-06-04]
Edge Extension: (Google Mail Checker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-06-04]
Edge Extension: (Google Hangouts) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-09-17]
FireFox:
========
FF DefaultProfile: rp49pxir.default
FF ProfilePath: C:\Users\Edmond\AppData\Roaming\TomTom\HOME\Profiles\ydqhq89f.default [2018-10-17]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Edmond\AppData\Roaming\Mozilla\Firefox\Profiles\rp49pxir.default [2020-12-04]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default [2020-12-05]
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.google.be/webhp?tab=mw"
CHR Extension: (Slides) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-04]
CHR Extension: (Docs) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-04]
CHR Extension: (Google Drive) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-04]
CHR Extension: (eID Chrome Extension) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2020-12-04]
CHR Extension: (YouTube) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-04]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-04]
CHR Extension: (Option Mailto) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihjmegegambojpfjfpeimoghmcpdcbf [2020-12-04]
CHR Extension: (Tracker Amazon) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\doiekonjdjfmcaogmbiejmdppolfmged [2020-12-04]
CHR Extension: (Sheets) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-04]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2020-12-04]
CHR Extension: (Éditeur Office pour Docs, Sheets et Slides) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2020-12-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Google Photos) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2020-12-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-04]
CHR Extension: (Dropbox) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-12-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-12-04]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-12-04]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-12-04]
CHR Extension: (Google Hangouts) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-04]
CHR Extension: (Gmail) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-04]
CHR Profile: C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-21]
CHR HKU\S-1-5-21-1963938955-2357898480-639427056-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-04] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [113888 2018-05-02] (CyberLink Corp. -> CyberLink)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-04] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl338d99b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B04A1D8-C660-49F1-AE1D-751067E19B04}\MpKslDrv.sys [47336 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-05 09:56 - 2020-12-05 09:56 - 000000000 ____D C:\Users\Edmond\Desktop\FRST-OlderVersion
2020-12-05 09:46 - 2020-12-05 09:46 - 000378505 _____ C:\Users\Edmond\Desktop\ZHPDiag.html
2020-12-04 23:06 - 2020-12-04 23:06 - 000002484 _____ C:\Users\Edmond\Desktop\MBAM.txt
2020-12-04 22:49 - 2020-12-04 22:49 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-04 22:48 - 2020-12-04 22:48 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-04 22:47 - 2020-12-04 22:47 - 002077136 _____ (Malwarebytes) C:\Users\Edmond\Desktop\MBSetup (1).exe
2020-12-04 22:45 - 2020-12-04 22:49 - 000002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:49 - 000002062 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:49 - 000002062 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:48 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-04 22:45 - 2020-12-04 22:45 - 000000000 ____D C:\Users\Edmond\AppData\Local\mbam
2020-12-04 22:44 - 2020-12-04 22:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-04 22:44 - 2020-12-04 22:44 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-04 22:42 - 2020-12-04 22:42 - 002077136 _____ (Malwarebytes) C:\Users\Edmond\Desktop\MBSetup.exe
2020-12-04 22:07 - 2020-12-04 22:07 - 008447152 _____ (Malwarebytes) C:\Users\Edmond\Desktop\adwcleaner_8.0.8.exe
2020-12-04 22:03 - 2020-12-04 22:03 - 000035850 _____ C:\Users\Edmond\Desktop\ZHPCleaner (R).txt
2020-12-04 21:54 - 2020-12-04 21:54 - 000035279 _____ C:\Users\Edmond\Desktop\ZHPCleaner (S).txt
2020-12-04 21:34 - 2020-12-04 21:34 - 000000919 _____ C:\Users\Edmond\Desktop\ZHPCleaner.lnk
2020-12-04 21:33 - 2020-12-04 21:33 - 003339136 _____ (Nicolas Coolman) C:\Users\Edmond\Desktop\ZHPCleaner.exe
2020-12-04 19:16 - 2020-12-04 19:16 - 001632559 _____ C:\Users\Edmond\Desktop\Les déménageurs.mp4
2020-12-04 12:31 - 2020-12-04 12:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-04 12:23 - 2020-12-04 12:32 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-04 12:07 - 2020-12-04 12:07 - 000000000 ____D C:\Users\Edmond\Desktop\Wub
2020-12-04 12:03 - 2020-12-04 12:03 - 001002295 _____ C:\Users\Edmond\Desktop\Wub.zip
2020-12-03 18:01 - 2020-12-03 18:01 - 007344724 _____ C:\Users\Edmond\Desktop\VID-20201119-WA0016.mp4
2020-12-03 17:54 - 2020-12-03 17:54 - 005386290 _____ C:\Users\Edmond\Desktop\VID-20200818-WA000011 (1).mp4
2020-12-03 17:46 - 2020-12-03 17:46 - 005386290 _____ C:\Users\Edmond\Desktop\VID-20200818-WA000011.mp4
2020-12-03 17:41 - 2020-12-03 17:41 - 011521698 _____ C:\Users\Edmond\Desktop\Les bons et les pas bons1.mp4
2020-12-03 17:06 - 2020-12-03 17:06 - 000065008 _____ C:\Users\Edmond\Desktop\Shortcut.txt
2020-12-03 17:03 - 2020-12-03 17:06 - 000039936 _____ C:\Users\Edmond\Desktop\Addition.txt
2020-12-03 16:58 - 2020-12-05 09:57 - 000024161 _____ C:\Users\Edmond\Desktop\FRST.txt
2020-12-03 16:57 - 2020-12-05 09:56 - 000000000 ____D C:\FRST
2020-12-03 16:55 - 2020-12-05 09:56 - 002288640 _____ (Farbar) C:\Users\Edmond\Desktop\FRST64.exe
2020-12-03 16:43 - 2020-12-05 09:53 - 000305863 _____ C:\Users\Edmond\Desktop\ZHPDiag.txt
2020-12-03 16:32 - 2020-12-05 09:46 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\ZHP
2020-12-03 16:32 - 2020-12-04 21:34 - 000000000 ____D C:\Users\Edmond\AppData\Local\ZHP
2020-12-03 16:32 - 2020-12-03 16:32 - 000000909 _____ C:\Users\Edmond\Desktop\ZHPSuite.lnk
2020-12-03 16:29 - 2020-12-03 16:29 - 003443584 _____ (Nicolas Coolman) C:\Users\Edmond\Downloads\ZHPSuite.exe
2020-11-28 19:15 - 2020-11-28 19:15 - 005088369 _____ C:\Users\Edmond\Downloads\22593db9-cd58-404e-ba24-9c34e92a02921 (1).MP4
2020-11-26 21:50 - 2020-11-26 21:50 - 012215110 _____ C:\Users\Edmond\Downloads\VID-20190216-WA0004 ARTE1.mp4
2020-11-26 09:53 - 2020-12-04 22:16 - 107741184 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-21 20:02 - 2020-11-21 20:02 - 000011012 _____ C:\Users\Edmond\Documents\cc_20201121_200241.reg
2020-11-17 23:51 - 2020-11-17 23:51 - 009122077 _____ C:\Users\Edmond\Downloads\Magnifique_spectacle_des_jets_d_eau_en_musique._.1-1.mp4
2020-11-16 16:57 - 2020-11-16 16:57 - 009625659 _____ C:\Users\Edmond\Downloads\TV SAMSUNG NIKDVBEUT-3.0.0_EM_NIKE_EU_FRA_200604.0.pdf
2020-11-16 11:19 - 2020-11-14 10:47 - 196654386 _____ C:\Users\Edmond\Desktop\FILE201114-104513.MP4
2020-11-16 11:13 - 2020-11-14 10:45 - 192690679 _____ C:\Users\Edmond\Desktop\FILE201114-104213.MP4
2020-11-15 19:58 - 2020-11-15 19:58 - 007097208 _____ C:\Users\Edmond\Downloads\IMG_0900.mp4
2020-11-10 22:17 - 2020-11-10 22:17 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-10 22:17 - 2020-11-10 22:17 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-09 23:12 - 2020-11-09 23:12 - 000437638 _____ C:\Users\Edmond\AppData\Local\census.cache
2020-11-09 23:11 - 2020-11-09 23:11 - 000139108 _____ C:\Users\Edmond\AppData\Local\ars.cache
2020-11-09 22:37 - 2020-11-09 22:37 - 000000036 _____ C:\Users\Edmond\AppData\Local\housecall.guid.cache
2020-11-08 19:44 - 2020-11-08 19:44 - 003450929 _____ C:\Users\Edmond\Downloads\VID-20200630-WA0004.mp4
2020-11-06 14:05 - 2020-11-06 14:05 - 002857387 _____ C:\Users\Edmond\Downloads\2210875c-678a-46d4-a9a3-b5efc673436f.MP4
2020-11-05 21:17 - 2020-11-05 21:18 - 000016217 _____ C:\Users\Edmond\Documents\Google Passwords donnees.csv
2020-11-05 21:04 - 2020-11-05 21:04 - 000016572 _____ C:\Users\Edmond\Downloads\Google Passwords.xlsx
2020-11-05 21:03 - 2020-11-05 21:12 - 000016184 _____ C:\Users\Edmond\Downloads\Google Passwords.csv
2020-11-05 17:29 - 2020-11-05 17:29 - 007911513 _____ C:\Users\Edmond\Downloads\cest-lhistoire-de-la-femme-sourde-cest-lhistoire-dune-blague.13.mp4
2020-11-03 18:00 - 2020-11-03 18:00 - 000643321 _____ C:\Users\Edmond\Downloads\15 (1).gpx
2020-11-03 17:58 - 2020-11-03 17:58 - 000643321 _____ C:\Users\Edmond\Downloads\15.gpx
2020-10-31 20:36 - 2020-10-31 20:36 - 004190238 _____ C:\Users\Edmond\Documents\Scan22.pdf
2020-10-31 20:33 - 2020-10-31 20:33 - 004577983 _____ C:\Users\Edmond\Documents\Scan11.pdf
2020-10-30 00:23 - 2020-10-30 00:23 - 000003598 _____ C:\Users\Edmond\Documents\cc_20201030_002327.reg
2020-10-15 04:20 - 2020-10-15 04:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-10-15 04:20 - 2020-10-15 04:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-10-15 04:20 - 2020-10-15 04:20 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-15 04:19 - 2020-10-15 04:19 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-15 04:19 - 2020-10-15 04:19 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-15 04:19 - 2020-10-15 04:19 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-10-15 04:19 - 2020-10-15 04:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-10-15 04:19 - 2020-10-15 04:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-10-15 04:19 - 2020-10-15 04:19 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-10-15 04:19 - 2020-10-15 04:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-10-15 04:19 - 2020-10-15 04:19 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-10-15 04:18 - 2020-10-15 04:18 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-10-15 04:18 - 2020-10-15 04:18 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-10-15 04:18 - 2020-10-15 04:18 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-09-28 17:27 - 2020-11-24 10:30 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\IrfanView
2020-09-15 17:05 - 2020-10-06 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 17:05 - 2020-09-15 17:05 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-10 12:27 - 2020-09-10 12:27 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-09-10 12:27 - 2020-09-10 12:27 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-09-10 12:26 - 2020-09-10 12:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-05 10:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-05 09:38 - 2020-01-04 23:46 - 000000000 ___RD C:\Users\Edmond\Google Drive
2020-12-04 23:40 - 2020-06-24 14:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-04 23:26 - 2020-06-24 14:10 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-04 23:26 - 2019-12-07 15:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-04 23:26 - 2019-12-07 15:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-04 23:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-04 23:22 - 2020-06-24 14:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-04 23:22 - 2020-06-24 14:00 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-04 22:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-04 22:15 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-04 22:15 - 2018-05-10 17:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-04 22:03 - 2018-09-07 12:26 - 000000000 ____D C:\Users\Edmond\AppData\Local\Google
2020-12-04 19:20 - 2020-06-04 08:10 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-04 19:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-04 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-04 19:17 - 2018-10-08 18:37 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\vlc
2020-12-04 18:51 - 2020-06-24 14:10 - 000003850 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001UA
2020-12-04 18:51 - 2020-06-24 14:10 - 000003582 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001Core
2020-12-04 12:32 - 2018-12-06 20:07 - 000000000 ____D C:\Users\Edmond\AppData\LocalLow\Mozilla
2020-12-04 12:31 - 2018-12-06 20:07 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-04 12:31 - 2018-12-06 20:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-04 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-12-04 11:38 - 2018-05-05 20:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-03 21:16 - 2020-06-24 14:10 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 21:16 - 2020-06-24 14:10 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-01 00:24 - 2020-06-24 13:25 - 000000000 ____D C:\Users\Edmond
2020-11-30 13:44 - 2020-06-24 14:10 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 13:44 - 2020-06-24 14:10 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-28 19:13 - 2018-11-18 20:33 - 000000000 ____D C:\Users\Edmond\Documents\Modes d'emploi
2020-11-27 21:18 - 2018-05-05 20:15 - 000000000 ____D C:\Users\Edmond\AppData\Local\Packages
2020-11-26 09:53 - 2019-03-14 17:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-11-23 22:53 - 2020-01-10 21:38 - 000000000 ____D C:\Users\Edmond\Documents\DOCUMENTS FAMILIAUX
2020-11-18 22:29 - 2018-05-05 20:18 - 000000000 ____D C:\Users\Edmond\AppData\Local\PlaceholderTileLogoFolder
2020-11-16 22:02 - 2019-12-09 21:19 - 000000000 ____D C:\Users\Edmond\Documents\PC ASTUCES
2020-11-16 21:18 - 2020-06-24 14:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-11-15 15:52 - 2019-09-18 20:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-11-13 23:30 - 2020-01-15 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-11-11 13:35 - 2018-05-10 17:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 13:32 - 2018-05-10 17:17 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-11 11:26 - 2020-06-24 14:00 - 000913824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-11 04:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-10 22:17 - 2020-06-24 14:03 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-10 22:08 - 2020-06-24 11:59 - 000000000 ___HD C:\$WinREAgent
2020-11-10 20:56 - 2020-06-06 13:20 - 000073376 _____ C:\Users\Edmond\Documents\Duplicate Cleaner log.txt
==================== Fichiers à la racine de certains dossiers ========
2018-11-20 18:30 - 2016-07-11 21:41 - 025342240 ____R (Microsoft Corporation) C:\Program Files\Money2005-FR-QFE3.exe (2016_12_19 12_18_22 UTC).exe
2019-12-06 22:12 - 2017-04-10 12:43 - 013677800 ____R (Google) C:\Program Files\picasa39-setup (2017_05_04 08_15_12 UTC).exe
2018-09-08 13:02 - 2018-09-08 13:02 - 001130840 _____ (Google Inc.) C:\Program Files (x86)\installbackupandsync.exe
2020-11-09 23:11 - 2020-11-09 23:11 - 000139108 _____ () C:\Users\Edmond\AppData\Local\ars.cache
2020-11-09 23:12 - 2020-11-09 23:12 - 000437638 _____ () C:\Users\Edmond\AppData\Local\census.cache
2018-09-16 17:54 - 2020-08-08 13:14 - 000019968 _____ () C:\Users\Edmond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-09 22:37 - 2020-11-09 22:37 - 000000036 _____ () C:\Users\Edmond\AppData\Local\housecall.guid.cache
2018-10-13 20:26 - 2018-10-13 20:28 - 000007602 _____ () C:\Users\Edmond\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2019-08-19 23:17 - 1996-07-22 07:04 - 000227328 _____ (MicroHelp, Inc.) C:\WINDOWS\SysWOW64\comppl32.dll
2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
2019-08-19 23:17 - 2000-09-06 12:14 - 000024576 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFAVI12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFBMP12N.DLL
2019-08-19 23:17 - 2000-09-06 11:15 - 000310784 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFEPS12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000078336 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFFAX12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000042496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFGIF12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFIMG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000035840 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMA12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000032256 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMB12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000121856 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMPG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMSP12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCD12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCX12N.DLL
2019-08-19 23:17 - 2000-09-06 12:15 - 000170496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPNG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPSD12N.DLL
2019-08-19 23:17 - 2000-09-06 11:15 - 000153600 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFTIF12N.DLL
2019-08-19 23:17 - 2000-09-06 12:15 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFWPG12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000751104 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTANN12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000265728 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000227328 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTEFX12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000118272 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTFIL12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000163840 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTIMG12N.DLL
2019-08-19 23:17 - 2000-09-06 11:12 - 000395776 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTKRN12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000039936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTTWN12N.DLL
2019-08-19 23:17 - 1999-05-28 13:53 - 000122880 _____ (Crescent Division of Progress Software Corporation) C:\WINDOWS\SysWOW64\qpro32.dll
2020-12-03 16:55 - 2020-12-05 09:56 - 002288640 _____ (Farbar) C:\Users\Edmond\Desktop\FRST64.exe
2020-12-04 21:33 - 2020-12-04 21:33 - 003339136 _____ (Nicolas Coolman) C:\Users\Edmond\Desktop\ZHPCleaner.exe
2020-12-03 16:29 - 2020-12-03 16:29 - 003443584 _____ (Nicolas Coolman) C:\Users\Edmond\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=F:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
nx OptIn
bootmenupolicy Standard
Chargeur de d�marrage Windows
-----------------------------
identificateur {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{7324eb92-b61a-11ea-89c7-94dbc9aa6876}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{7324eb92-b61a-11ea-89c7-94dbc9aa6876}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c}
device ramdisk=[C:]\Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\Winre.wim,{d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\Winre.wim,{d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
systemroot \windows
nx OptIn
winpe Yes
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=F:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Param�tres EMS
--------------
identificateur {emssettings}
bootems No
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {7324eb92-b61a-11ea-89c7-94dbc9aa6876}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p�riph�rique
-----------------------
identificateur {d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Edmond (administrateur) sur EDMOND-PC (MEDION MS-7800) (05-12-2020 09:56:27)
Exécuté depuis C:\Users\Edmond\Desktop
Profils chargés: Edmond
Platform: Windows 10 Home Version 2004 19041.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> )
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [Google Update] => "C:\Users\Edmond\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe"
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Run: [A230167323DC8D4418D158A2D627D7BBC6CB2873._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-1963938955-2357898480-639427056-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
GroupPolicy-x32: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03B4A840-8854-462C-8A0C-338AD846515A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AFBB018-2F65-43DC-9D63-5AA2DBC95A21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {2EA29729-1989-4C7E-A6E7-4C2A9B8E1E83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {32CDB733-F9BA-4081-B1D8-E8D99B3D68D5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {44C4E4FF-002F-48BE-B431-BA287A59485E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-07] (Google Inc -> Google Inc.)
Task: {5F8E356E-B364-4A1A-8FAC-9F8C79567A38} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1963938955-2357898480-639427056-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-15] (Microsoft Windows -> )
Task: {60A856CB-A301-49BB-A944-E9CF97321A63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {67F1388B-6D35-4343-B9C6-E8C878FC030D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {739E74E6-8DAD-4F48-97A3-53D032A24A66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {795B1AB4-3F9A-4A4C-B68D-CC5576B61652} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {8BAE0A6C-64AE-47DF-AE21-B5929D4AD593} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-07] (Google Inc -> Google Inc.)
Task: {ABAFF4CD-A8E1-43A4-8F92-E10D85DB5D34} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001Core => C:\Users\Edmond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {B0D2E4EA-2646-45D9-9EEC-A280733A4207} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C5B9D643-16CF-4D11-88DF-9EA68BD6E1D7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C62B0D7B-241C-4718-B9FB-E6043262DBCB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {CA2D7513-AC8B-458C-9296-491289D5C28D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2299296-CD5A-419E-91A2-60FF583D1ADB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {DA31A439-0523-4794-A309-5B4F910583F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0D1CFF9-9E40-4685-9726-FF7DF5DFD26E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E10618BB-6A94-4CD8-8B13-BA6228F62564} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001UA => C:\Users\Edmond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E7AFE029-4E02-4AD4-A667-B87DEF84CFC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E9C8E2C4-96C2-440B-8765-FCED2C96AC29} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F60CA208-46EF-45C3-BC6C-1C541C8A6DD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1963938955-2357898480-639427056-1001] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5baedbb7-520d-4913-9a8f-ef4d97d3bc26}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ec1e47bd-3de9-4ac9-8ea7-fda6129030dc}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
======
DownloadDir: C:\Users\Edmond\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2020-12-05] <==== ATTENTION
Edge Profile: C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-05]
Edge Extension: (AllInOneDocs) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammedmhjkobkdljgdngfmkkdcgldommf [2020-06-24]
Edge Extension: (One Click Translate) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\anhjddeakbabimdgmonfbnpbainknbfa [2020-06-04]
Edge Extension: (VideoDownloadConverter) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\apicngidjjeegmfbfgpobchlpliidibm [2020-06-24]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-12-04]
Edge Extension: (eID Chrome Extension) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2020-06-04]
Edge Extension: (Option Mailto) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dihjmegegambojpfjfpeimoghmcpdcbf [2020-06-04]
Edge Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2020-12-04]
Edge Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2020-06-04]
Edge Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2020-11-01]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-11-23]
Edge Extension: (Amazon Assistant) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-10-12]
Edge Extension: (AtoZManuals for Chrome) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jnndaplccjeffekcadmimifgiohojden [2020-06-24]
Edge Extension: (Connective signing extension) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2020-06-04]
Edge Extension: (Google Mail Checker) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-06-04]
Edge Extension: (Google Hangouts) - C:\Users\Edmond\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-09-17]
FireFox:
========
FF DefaultProfile: rp49pxir.default
FF ProfilePath: C:\Users\Edmond\AppData\Roaming\TomTom\HOME\Profiles\ydqhq89f.default [2018-10-17]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Edmond\AppData\Roaming\Mozilla\Firefox\Profiles\rp49pxir.default [2020-12-04]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default [2020-12-05]
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.google.be/webhp?tab=mw"
CHR Extension: (Slides) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-04]
CHR Extension: (Docs) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-04]
CHR Extension: (Google Drive) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-04]
CHR Extension: (eID Chrome Extension) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2020-12-04]
CHR Extension: (YouTube) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-04]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-04]
CHR Extension: (Option Mailto) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihjmegegambojpfjfpeimoghmcpdcbf [2020-12-04]
CHR Extension: (Tracker Amazon) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\doiekonjdjfmcaogmbiejmdppolfmged [2020-12-04]
CHR Extension: (Sheets) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-04]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2020-12-04]
CHR Extension: (Éditeur Office pour Docs, Sheets et Slides) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2020-12-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Google Photos) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2020-12-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-04]
CHR Extension: (Dropbox) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-12-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-12-04]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2020-12-04]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-12-04]
CHR Extension: (Google Hangouts) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-04]
CHR Extension: (Gmail) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-04]
CHR Profile: C:\Users\Edmond\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-21]
CHR HKU\S-1-5-21-1963938955-2357898480-639427056-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-04] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [113888 2018-05-02] (CyberLink Corp. -> CyberLink)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-04] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl338d99b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B04A1D8-C660-49F1-AE1D-751067E19B04}\MpKslDrv.sys [47336 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-05 09:56 - 2020-12-05 09:56 - 000000000 ____D C:\Users\Edmond\Desktop\FRST-OlderVersion
2020-12-05 09:46 - 2020-12-05 09:46 - 000378505 _____ C:\Users\Edmond\Desktop\ZHPDiag.html
2020-12-04 23:06 - 2020-12-04 23:06 - 000002484 _____ C:\Users\Edmond\Desktop\MBAM.txt
2020-12-04 22:49 - 2020-12-04 22:49 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-04 22:48 - 2020-12-04 22:48 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-04 22:47 - 2020-12-04 22:47 - 002077136 _____ (Malwarebytes) C:\Users\Edmond\Desktop\MBSetup (1).exe
2020-12-04 22:45 - 2020-12-04 22:49 - 000002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:49 - 000002062 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:49 - 000002062 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-04 22:45 - 2020-12-04 22:48 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-04 22:45 - 2020-12-04 22:45 - 000000000 ____D C:\Users\Edmond\AppData\Local\mbam
2020-12-04 22:44 - 2020-12-04 22:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-04 22:44 - 2020-12-04 22:44 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-04 22:42 - 2020-12-04 22:42 - 002077136 _____ (Malwarebytes) C:\Users\Edmond\Desktop\MBSetup.exe
2020-12-04 22:07 - 2020-12-04 22:07 - 008447152 _____ (Malwarebytes) C:\Users\Edmond\Desktop\adwcleaner_8.0.8.exe
2020-12-04 22:03 - 2020-12-04 22:03 - 000035850 _____ C:\Users\Edmond\Desktop\ZHPCleaner (R).txt
2020-12-04 21:54 - 2020-12-04 21:54 - 000035279 _____ C:\Users\Edmond\Desktop\ZHPCleaner (S).txt
2020-12-04 21:34 - 2020-12-04 21:34 - 000000919 _____ C:\Users\Edmond\Desktop\ZHPCleaner.lnk
2020-12-04 21:33 - 2020-12-04 21:33 - 003339136 _____ (Nicolas Coolman) C:\Users\Edmond\Desktop\ZHPCleaner.exe
2020-12-04 19:16 - 2020-12-04 19:16 - 001632559 _____ C:\Users\Edmond\Desktop\Les déménageurs.mp4
2020-12-04 12:31 - 2020-12-04 12:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-04 12:23 - 2020-12-04 12:32 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-04 12:07 - 2020-12-04 12:07 - 000000000 ____D C:\Users\Edmond\Desktop\Wub
2020-12-04 12:03 - 2020-12-04 12:03 - 001002295 _____ C:\Users\Edmond\Desktop\Wub.zip
2020-12-03 18:01 - 2020-12-03 18:01 - 007344724 _____ C:\Users\Edmond\Desktop\VID-20201119-WA0016.mp4
2020-12-03 17:54 - 2020-12-03 17:54 - 005386290 _____ C:\Users\Edmond\Desktop\VID-20200818-WA000011 (1).mp4
2020-12-03 17:46 - 2020-12-03 17:46 - 005386290 _____ C:\Users\Edmond\Desktop\VID-20200818-WA000011.mp4
2020-12-03 17:41 - 2020-12-03 17:41 - 011521698 _____ C:\Users\Edmond\Desktop\Les bons et les pas bons1.mp4
2020-12-03 17:06 - 2020-12-03 17:06 - 000065008 _____ C:\Users\Edmond\Desktop\Shortcut.txt
2020-12-03 17:03 - 2020-12-03 17:06 - 000039936 _____ C:\Users\Edmond\Desktop\Addition.txt
2020-12-03 16:58 - 2020-12-05 09:57 - 000024161 _____ C:\Users\Edmond\Desktop\FRST.txt
2020-12-03 16:57 - 2020-12-05 09:56 - 000000000 ____D C:\FRST
2020-12-03 16:55 - 2020-12-05 09:56 - 002288640 _____ (Farbar) C:\Users\Edmond\Desktop\FRST64.exe
2020-12-03 16:43 - 2020-12-05 09:53 - 000305863 _____ C:\Users\Edmond\Desktop\ZHPDiag.txt
2020-12-03 16:32 - 2020-12-05 09:46 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\ZHP
2020-12-03 16:32 - 2020-12-04 21:34 - 000000000 ____D C:\Users\Edmond\AppData\Local\ZHP
2020-12-03 16:32 - 2020-12-03 16:32 - 000000909 _____ C:\Users\Edmond\Desktop\ZHPSuite.lnk
2020-12-03 16:29 - 2020-12-03 16:29 - 003443584 _____ (Nicolas Coolman) C:\Users\Edmond\Downloads\ZHPSuite.exe
2020-11-28 19:15 - 2020-11-28 19:15 - 005088369 _____ C:\Users\Edmond\Downloads\22593db9-cd58-404e-ba24-9c34e92a02921 (1).MP4
2020-11-26 21:50 - 2020-11-26 21:50 - 012215110 _____ C:\Users\Edmond\Downloads\VID-20190216-WA0004 ARTE1.mp4
2020-11-26 09:53 - 2020-12-04 22:16 - 107741184 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-21 20:02 - 2020-11-21 20:02 - 000011012 _____ C:\Users\Edmond\Documents\cc_20201121_200241.reg
2020-11-17 23:51 - 2020-11-17 23:51 - 009122077 _____ C:\Users\Edmond\Downloads\Magnifique_spectacle_des_jets_d_eau_en_musique._.1-1.mp4
2020-11-16 16:57 - 2020-11-16 16:57 - 009625659 _____ C:\Users\Edmond\Downloads\TV SAMSUNG NIKDVBEUT-3.0.0_EM_NIKE_EU_FRA_200604.0.pdf
2020-11-16 11:19 - 2020-11-14 10:47 - 196654386 _____ C:\Users\Edmond\Desktop\FILE201114-104513.MP4
2020-11-16 11:13 - 2020-11-14 10:45 - 192690679 _____ C:\Users\Edmond\Desktop\FILE201114-104213.MP4
2020-11-15 19:58 - 2020-11-15 19:58 - 007097208 _____ C:\Users\Edmond\Downloads\IMG_0900.mp4
2020-11-10 22:17 - 2020-11-10 22:17 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-10 22:17 - 2020-11-10 22:17 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-10 22:17 - 2020-11-10 22:17 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-09 23:12 - 2020-11-09 23:12 - 000437638 _____ C:\Users\Edmond\AppData\Local\census.cache
2020-11-09 23:11 - 2020-11-09 23:11 - 000139108 _____ C:\Users\Edmond\AppData\Local\ars.cache
2020-11-09 22:37 - 2020-11-09 22:37 - 000000036 _____ C:\Users\Edmond\AppData\Local\housecall.guid.cache
2020-11-08 19:44 - 2020-11-08 19:44 - 003450929 _____ C:\Users\Edmond\Downloads\VID-20200630-WA0004.mp4
2020-11-06 14:05 - 2020-11-06 14:05 - 002857387 _____ C:\Users\Edmond\Downloads\2210875c-678a-46d4-a9a3-b5efc673436f.MP4
2020-11-05 21:17 - 2020-11-05 21:18 - 000016217 _____ C:\Users\Edmond\Documents\Google Passwords donnees.csv
2020-11-05 21:04 - 2020-11-05 21:04 - 000016572 _____ C:\Users\Edmond\Downloads\Google Passwords.xlsx
2020-11-05 21:03 - 2020-11-05 21:12 - 000016184 _____ C:\Users\Edmond\Downloads\Google Passwords.csv
2020-11-05 17:29 - 2020-11-05 17:29 - 007911513 _____ C:\Users\Edmond\Downloads\cest-lhistoire-de-la-femme-sourde-cest-lhistoire-dune-blague.13.mp4
2020-11-03 18:00 - 2020-11-03 18:00 - 000643321 _____ C:\Users\Edmond\Downloads\15 (1).gpx
2020-11-03 17:58 - 2020-11-03 17:58 - 000643321 _____ C:\Users\Edmond\Downloads\15.gpx
2020-10-31 20:36 - 2020-10-31 20:36 - 004190238 _____ C:\Users\Edmond\Documents\Scan22.pdf
2020-10-31 20:33 - 2020-10-31 20:33 - 004577983 _____ C:\Users\Edmond\Documents\Scan11.pdf
2020-10-30 00:23 - 2020-10-30 00:23 - 000003598 _____ C:\Users\Edmond\Documents\cc_20201030_002327.reg
2020-10-15 04:20 - 2020-10-15 04:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-10-15 04:20 - 2020-10-15 04:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-10-15 04:20 - 2020-10-15 04:20 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-10-15 04:19 - 2020-10-15 04:19 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-10-15 04:19 - 2020-10-15 04:19 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-10-15 04:19 - 2020-10-15 04:19 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-10-15 04:19 - 2020-10-15 04:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-10-15 04:19 - 2020-10-15 04:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-10-15 04:19 - 2020-10-15 04:19 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-10-15 04:19 - 2020-10-15 04:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-10-15 04:19 - 2020-10-15 04:19 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-10-15 04:19 - 2020-10-15 04:19 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-10-15 04:18 - 2020-10-15 04:18 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-10-15 04:18 - 2020-10-15 04:18 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-10-15 04:18 - 2020-10-15 04:18 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-10-15 04:18 - 2020-10-15 04:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-09-28 17:27 - 2020-11-24 10:30 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\IrfanView
2020-09-15 17:05 - 2020-10-06 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-09-15 17:05 - 2020-09-15 17:05 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-09-10 12:27 - 2020-09-10 12:27 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-09-10 12:27 - 2020-09-10 12:27 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-09-10 12:26 - 2020-09-10 12:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-05 10:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-05 09:38 - 2020-01-04 23:46 - 000000000 ___RD C:\Users\Edmond\Google Drive
2020-12-04 23:40 - 2020-06-24 14:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-04 23:26 - 2020-06-24 14:10 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-04 23:26 - 2019-12-07 15:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-04 23:26 - 2019-12-07 15:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-04 23:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-04 23:22 - 2020-06-24 14:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-04 23:22 - 2020-06-24 14:00 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-04 22:48 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-04 22:15 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-12-04 22:15 - 2018-05-10 17:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-04 22:03 - 2018-09-07 12:26 - 000000000 ____D C:\Users\Edmond\AppData\Local\Google
2020-12-04 19:20 - 2020-06-04 08:10 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-04 19:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-04 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-04 19:17 - 2018-10-08 18:37 - 000000000 ____D C:\Users\Edmond\AppData\Roaming\vlc
2020-12-04 18:51 - 2020-06-24 14:10 - 000003850 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001UA
2020-12-04 18:51 - 2020-06-24 14:10 - 000003582 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1963938955-2357898480-639427056-1001Core
2020-12-04 12:32 - 2018-12-06 20:07 - 000000000 ____D C:\Users\Edmond\AppData\LocalLow\Mozilla
2020-12-04 12:31 - 2018-12-06 20:07 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-04 12:31 - 2018-12-06 20:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-04 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-12-04 11:38 - 2018-05-05 20:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-03 21:16 - 2020-06-24 14:10 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 21:16 - 2020-06-24 14:10 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-01 00:24 - 2020-06-24 13:25 - 000000000 ____D C:\Users\Edmond
2020-11-30 13:44 - 2020-06-24 14:10 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 13:44 - 2020-06-24 14:10 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-28 19:13 - 2018-11-18 20:33 - 000000000 ____D C:\Users\Edmond\Documents\Modes d'emploi
2020-11-27 21:18 - 2018-05-05 20:15 - 000000000 ____D C:\Users\Edmond\AppData\Local\Packages
2020-11-26 09:53 - 2019-03-14 17:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-11-23 22:53 - 2020-01-10 21:38 - 000000000 ____D C:\Users\Edmond\Documents\DOCUMENTS FAMILIAUX
2020-11-18 22:29 - 2018-05-05 20:18 - 000000000 ____D C:\Users\Edmond\AppData\Local\PlaceholderTileLogoFolder
2020-11-16 22:02 - 2019-12-09 21:19 - 000000000 ____D C:\Users\Edmond\Documents\PC ASTUCES
2020-11-16 21:18 - 2020-06-24 14:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-11-15 15:52 - 2019-09-18 20:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-11-13 23:30 - 2020-01-15 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-11-11 13:35 - 2018-05-10 17:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 13:32 - 2018-05-10 17:17 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-11 11:26 - 2020-06-24 14:00 - 000913824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-11 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-11 04:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-10 22:17 - 2020-06-24 14:03 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-10 22:08 - 2020-06-24 11:59 - 000000000 ___HD C:\$WinREAgent
2020-11-10 20:56 - 2020-06-06 13:20 - 000073376 _____ C:\Users\Edmond\Documents\Duplicate Cleaner log.txt
==================== Fichiers à la racine de certains dossiers ========
2018-11-20 18:30 - 2016-07-11 21:41 - 025342240 ____R (Microsoft Corporation) C:\Program Files\Money2005-FR-QFE3.exe (2016_12_19 12_18_22 UTC).exe
2019-12-06 22:12 - 2017-04-10 12:43 - 013677800 ____R (Google) C:\Program Files\picasa39-setup (2017_05_04 08_15_12 UTC).exe
2018-09-08 13:02 - 2018-09-08 13:02 - 001130840 _____ (Google Inc.) C:\Program Files (x86)\installbackupandsync.exe
2020-11-09 23:11 - 2020-11-09 23:11 - 000139108 _____ () C:\Users\Edmond\AppData\Local\ars.cache
2020-11-09 23:12 - 2020-11-09 23:12 - 000437638 _____ () C:\Users\Edmond\AppData\Local\census.cache
2018-09-16 17:54 - 2020-08-08 13:14 - 000019968 _____ () C:\Users\Edmond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-09 22:37 - 2020-11-09 22:37 - 000000036 _____ () C:\Users\Edmond\AppData\Local\housecall.guid.cache
2018-10-13 20:26 - 2018-10-13 20:28 - 000007602 _____ () C:\Users\Edmond\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2019-08-19 23:17 - 1996-07-22 07:04 - 000227328 _____ (MicroHelp, Inc.) C:\WINDOWS\SysWOW64\comppl32.dll
2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
2019-08-19 23:17 - 2000-09-06 12:14 - 000024576 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFAVI12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFBMP12N.DLL
2019-08-19 23:17 - 2000-09-06 11:15 - 000310784 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFEPS12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000078336 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFFAX12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000042496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFGIF12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFIMG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000035840 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMA12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000032256 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMB12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000121856 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMPG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMSP12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCD12N.DLL
2019-08-19 23:17 - 2000-09-06 11:14 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCX12N.DLL
2019-08-19 23:17 - 2000-09-06 12:15 - 000170496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPNG12N.DLL
2019-08-19 23:17 - 2000-09-06 12:14 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPSD12N.DLL
2019-08-19 23:17 - 2000-09-06 11:15 - 000153600 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFTIF12N.DLL
2019-08-19 23:17 - 2000-09-06 12:15 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFWPG12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000751104 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTANN12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000265728 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000227328 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTEFX12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000118272 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTFIL12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000163840 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTIMG12N.DLL
2019-08-19 23:17 - 2000-09-06 11:12 - 000395776 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTKRN12N.DLL
2019-08-19 23:17 - 2000-09-06 11:13 - 000039936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTTWN12N.DLL
2019-08-19 23:17 - 1999-05-28 13:53 - 000122880 _____ (Crescent Division of Progress Software Corporation) C:\WINDOWS\SysWOW64\qpro32.dll
2020-12-03 16:55 - 2020-12-05 09:56 - 002288640 _____ (Farbar) C:\Users\Edmond\Desktop\FRST64.exe
2020-12-04 21:33 - 2020-12-04 21:33 - 003339136 _____ (Nicolas Coolman) C:\Users\Edmond\Desktop\ZHPCleaner.exe
2020-12-03 16:29 - 2020-12-03 16:29 - 003443584 _____ (Nicolas Coolman) C:\Users\Edmond\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=F:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
nx OptIn
bootmenupolicy Standard
Chargeur de d�marrage Windows
-----------------------------
identificateur {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{7324eb92-b61a-11ea-89c7-94dbc9aa6876}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{7324eb92-b61a-11ea-89c7-94dbc9aa6876}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d�marrage Windows
-----------------------------
identificateur {d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c}
device ramdisk=[C:]\Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\Winre.wim,{d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\Winre.wim,{d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
systemroot \windows
nx OptIn
winpe Yes
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {7324eb8e-b61a-11ea-89c7-94dbc9aa6876}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {7324eb91-b61a-11ea-89c7-94dbc9aa6876}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=F:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Param�tres EMS
--------------
identificateur {emssettings}
bootems No
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {7324eb92-b61a-11ea-89c7-94dbc9aa6876}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p�riph�rique
-----------------------
identificateur {d72bbb2b-dc16-11e7-bba5-9a4a4a5c593c}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\d72bbb2a-dc16-11e7-bba5-9a4a4a5c593c\boot.sdi
==================== Fin de FRST.txt ========================