Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2021
Exécuté par Utilisateur (administrateur) sur DESK-ELB0001 (Dell Inc. OptiPlex 790) (14-06-2021 11:22:23)
Exécuté depuis E:\malware
Profils chargés: Utilisateur
Platform: Windows 10 Pro Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\MacroCreator\MacroCreator.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apache Software Foundation) [Fichier non signé] C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe <2>
(Apple Computer, Inc.) [Fichier non signé] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(MariaDB Corporation Ab -> ) C:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <3>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] E:\malware\ZHPSuite.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Private) [Fichier non signé] C:\wamp64\wampmanager.exe
(Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\Vpn.exe <3>
(Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\VpnSvc.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKLM\...\Run: [RtHDVBg] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [Chromium] => "c:\users\utilisateur\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34612864 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\EagleGet.exe [2550784 2020-05-18] (Beijing Pu Technology Limited -> EagleGet.com)
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 2\MailStyler.exe [7710536 2021-02-08] (DELIVERY TECH CORP -> Delivery Tech Corp.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SX535WD Series 64MonitorBE: C:\WINDOWS\system32\E_YLMHTE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HMA VPN.lnk [2021-06-11]
ShortcutTarget: HMA VPN.lnk -> C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {077C5BB7-19BB-4BA7-B4B2-3D3938F57C29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1633D856-CEF8-4724-9D7B-16F8E288CBDD} - System32\Tasks\Privax\HMA VPN Bug Report => C:\Program Files\Privax\HMA VPN\AvBugReport.exe [4868088 2021-06-11] (Privax Limited -> Privax Limited) -> --filter "*.dmp;*.mdmp;icarus.log" --send "dumps|report" --silent --product 78 --programpath "C:\Program Files\Privax\HMA VPN" --configpath "C:\ProgramData\Privax\HMA VPN" --path "C:\ProgramData\Privax\HMA VPN\log" --path "C:\ProgramData\Privax\Icarus\Logs" --guid 085aaffe-c9bf-4645-83d0-bdfd72b6ba73
Task: {1C30E736-15F4-4AA0-9A20-E16B960762DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {1D7C6AFF-54EA-4DEC-9F45-A26243BF8061} - System32\Tasks\Firefox Default Browser Agent 16FC53550C4E3F8C => C:\Users\Utilisateur\AppData\Roaming\whdiasv.exe <==== ATTENTION
Task: {3DBB58D7-D14D-4C62-86E4-9B414B397ABB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6270706C-14DA-4460-A33D-30CCB5AE06AE} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1010800 2021-05-07] (Microleaves LTD -> AW Manager) <==== ATTENTION
Task: {6ED5B456-685A-42A6-B15E-77666EA3F5C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77462E8E-836D-46F6-9B38-EECE2153CA3F} - System32\Tasks\HMA VPN Update => C:\Program Files\Privax\HMA VPN\VpnUpdate.exe [1285624 2021-06-11] (Privax Limited -> Privax Limited)
Task: {7E1447AA-9EE9-4B74-9327-24C8DCEAB9A5} - System32\Tasks\Privax\HMA VPN Update => C:\Program Files\Common Files\Privax\Icarus\privax-vpn\icarus.exe [5902912 2021-06-07] (Privax Limited -> Privax Limited)
Task: {7FE1F93D-B6DB-43B2-9CF2-631C8CB80BFD} - System32\Tasks\csrss => C:\WINDOWS\rss\csrss.exe <==== ATTENTION
Task: {83EF6CC8-C7B7-479B-9D6E-06993FB62C49} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Task: {9EDE7C02-46F3-462B-BC5A-8E5973CD1D7B} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {A11F5861-C9F1-4A81-8685-C95C7C1B17A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {AC60D4B7-069B-4A31-9EBF-4012C7F688BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28985472 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C4B0A8C4-CC51-4C1B-9A06-8ABF33A15A31} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Task: {CB1E5187-1386-4DDC-AD82-94B1AE1FFE1B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Vsvlkrjsbob => C:\WINDOWS\SysWOW64\rundll32 C:\Users\Utilisateur\AppData\Local\EnableClients\CodstQudlxty\polutws_IntuiDPS.dll,iass_syqmeTRTN
Task: {CE00C60D-E600-4AE8-934F-24C7A4F62951} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CFAA63E6-4716-420B-AFEB-86AF0E936433} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D771586B-5DC6-48E9-BAA4-FC3D09555C98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-07] (Piriform Software Ltd -> Piriform)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{079cb52d-5576-4404-adb8-293911806c3c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84802e38-b6d4-467f-9a12-b3fe778255dd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a2f41085-35f1-4e96-96b4-bad2855d6d75}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7f45a4a-d145-4089-8477-c3adba1f257a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c928506e-5b40-4bdf-92a8-0453790ff260}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d084307c-5c2b-4aa8-9f54-8890471c7a18}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f419f04c-7aa4-4422-8b98-e8dba8c6a35f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Utilisateur\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-14]
FireFox:
========
FF DefaultProfile: nkdqx4a0.default
FF DefaultProfile: h1oaxo7d.default
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\OutWit\outwit-hub\Profiles\pr9qhv9e.dev-edition-default [2021-01-28]
FF Extension: (OutWit Kernel) - C:\Users\Utilisateur\AppData\Roaming\OutWit\outwit-hub\Profiles\pr9qhv9e.dev-edition-default\Extensions\kernel@outwit.com [2020-06-25] [] [non signé]
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\nkdqx4a0.default [2021-06-11]
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\wqy9t3nn.default-release-1622453038473 [2021-06-14]
FF Homepage: Mozilla\Firefox\Profiles\wqy9t3nn.default-release-1622453038473 -> hxxps://www.google.com/
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default [2021-03-17]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-cs@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-de@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-fi@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-fr@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-gl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-he@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-hu@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-it@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ja@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ko@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-nl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-pl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ru@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sr@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2020-01-08] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi
FF Extension: (EagleGet Free Downloader) - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi [2018-07-31]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2895805209-499281333-174160971-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2017-12-03] (Beijing Jiupu Technology Co., Ltd. -> EagleGet)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-11]
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-11]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
CHR HKU\S-1-5-21-2895805209-499281333-174160971-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2020-06-13]
CHR HKU\S-1-5-21-2895805209-499281333-174160971-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2020-06-13]
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
Brave:
=======
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-01-05]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-01-08]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-01-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-01-05]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
S2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [340480 2020-05-18] (Beijing Pu Technology Limited -> )
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2020-01-03] (Macrovision Europe Ltd.) [Fichier non signé]
R2 HmaProVpn; C:\Program Files\Privax\HMA VPN\VpnSvc.exe [8616440 2021-06-11] (Privax Limited -> Privax Limited)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2020\RpcAgentSrv.exe [136712 2019-11-25] (SiSoftware SPC -> SiSoftware) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R3 wampapache64; c:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [Fichier non signé]
R3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 luminati_net_updater_win_eagleget_com; "C:/Program Files (x86)/EagleGet/net_updater32.exe" --updater win_eagleget.com [X]
S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 eagleGet; C:\WINDOWS\System32\Drivers\eagleGet.sys [86520 2019-08-03] (Beijing Pu Technology Limited -> eagleGet)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
R3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860088 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2020\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware Ltd -> SiSoftware)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 Winmon; \??\C:\WINDOWS\System32\drivers\Winmon.sys [X]
S3 WinmonFS; \??\C:\WINDOWS\System32\drivers\WinmonFS.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-14 11:24 - 2021-06-14 11:24 - 000400023 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.txt
2021-06-14 09:14 - 2021-06-14 09:14 - 000003946 _____ C:\WINDOWS\system32\Tasks\HMA VPN Update
2021-06-14 00:09 - 2021-06-14 00:09 - 000012095 _____ C:\Users\Utilisateur\Desktop\ZHPCleaner (R).html
2021-06-14 00:06 - 2021-06-14 00:06 - 000011873 _____ C:\Users\Utilisateur\Desktop\ZHPCleaner (S).html
2021-06-13 15:55 - 2021-06-13 15:55 - 000492374 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.html
2021-06-13 14:57 - 2021-06-13 14:57 - 000000913 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.lnk
2021-06-12 23:20 - 2021-06-13 13:02 - 000000000 ____D C:\ProgramData\AVG
2021-06-12 22:56 - 2021-06-12 22:56 - 000003282 _____ C:\WINDOWS\system32\Tasks\csrss
2021-06-12 19:21 - 2021-06-12 19:20 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-12 19:20 - 2021-06-12 19:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-12 18:39 - 2021-06-12 18:39 - 000000725 _____ C:\Users\Utilisateur\Desktop\malware - Raccourci.lnk
2021-06-12 18:38 - 2021-06-12 18:38 - 000036096 _____ C:\WINDOWS\system32\Drivers\trzDBD5.tmp
2021-06-12 16:17 - 2021-06-12 16:17 - 000000000 ____D C:\AdwCleaner
2021-06-12 15:50 - 2021-06-12 15:50 - 000000913 _____ C:\Users\Utilisateur\Desktop\ZHPSuite.lnk
2021-06-12 15:34 - 2021-06-14 11:22 - 000000000 ____D C:\FRST
2021-06-12 15:31 - 2021-06-12 15:31 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-12 15:22 - 2021-06-12 19:19 - 002300416 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRSTEnglish.exe
2021-06-12 14:42 - 2021-06-12 14:42 - 000000000 ____D C:\Users\Utilisateur\Documents\TotalAV
2021-06-12 14:41 - 2021-06-12 14:41 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\GUI
2021-06-11 23:25 - 2021-06-11 23:25 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-06-11 23:25 - 2021-06-11 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-06-11 23:25 - 2021-06-11 23:25 - 000000000 ____D C:\Program Files\VS Revo Group
2021-06-11 19:45 - 2021-06-11 19:45 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-11 17:25 - 2021-06-13 17:50 - 000000000 ___HD C:\ProgramData\Bpfcmdw
2021-06-11 16:13 - 2021-06-11 16:13 - 000003770 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 16FC53550C4E3F8C
2021-06-11 15:56 - 2021-06-11 15:56 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\NirSoft
2021-06-11 15:50 - 2021-06-11 15:50 - 001564823 _____ C:\ProgramData\5562
2021-06-11 15:50 - 2021-06-11 15:50 - 000105945 _____ C:\ProgramData\73246.73246
2021-06-11 15:50 - 2021-06-11 15:50 - 000000000 ____D C:\ProgramData\55
2021-06-11 15:47 - 2021-06-11 15:58 - 000000014 _____ C:\ProgramData\kaosdma.txt
2021-06-11 15:47 - 2021-06-11 15:47 - 000003932 _____ C:\WINDOWS\system32\Tasks\AdvancedUpdater
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\nailedp
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Gomari
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Yandex
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\ProgramData\ZNMRN0LGOA9B676FAKV77T4XS
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\ProgramData\BQ8NV36909QK55M8FDQQJEXC0
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Program Files (x86)\AW Manager
2021-06-11 15:46 - 2021-06-11 18:39 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-06-11 15:46 - 2021-06-11 17:28 - 000000000 ___HD C:\Users\Utilisateur\AppData\Roaming\WinHost
2021-06-11 15:46 - 2021-06-11 15:46 - 001564823 _____ C:\ProgramData\5055
2021-06-11 15:46 - 2021-06-11 15:46 - 000104915 _____ C:\ProgramData\81593.81593
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Browzar
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\AW Manager
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\ProgramData\50
2021-06-11 11:54 - 2021-06-11 11:54 - 000000128 _____ C:\Users\Utilisateur\Desktop\exemple 2 cassandra.url
2021-06-11 11:40 - 2021-06-11 11:41 - 000000169 _____ C:\Users\Utilisateur\Desktop\exemple cassandra.url
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2021-06-09 17:07 - 2021-06-09 17:07 - 000056422 _____ C:\Program9.html
2021-06-09 16:38 - 2021-06-09 16:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-09 16:38 - 2021-06-09 16:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-09 16:38 - 2021-06-09 16:38 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-09 16:38 - 2021-06-09 16:38 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-09 16:38 - 2021-06-09 16:38 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-09 16:38 - 2021-06-09 16:38 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-09 16:38 - 2021-06-09 16:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-09 16:38 - 2021-06-09 16:38 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-09 16:38 - 2021-06-09 16:38 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-09 16:38 - 2021-06-09 16:38 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-09 09:22 - 2021-06-09 09:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-06-08 15:55 - 2021-06-08 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Contact
2021-06-08 15:55 - 2021-06-08 15:55 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Robert Zamberlan
2021-06-08 15:55 - 2021-06-08 15:55 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\WDSetup
2021-06-08 14:05 - 2021-06-08 14:04 - 000157831 _____ C:\Users\Utilisateur\Documents\epargnelauraDGVO0621078.pdf
2021-06-05 20:39 - 2021-06-05 20:40 - 639250721 _____ C:\Users\Utilisateur\Documents\basetotaleemail.sql
2021-06-01 22:32 - 2021-06-01 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-01 18:30 - 2021-06-02 08:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-01 18:24 - 2021-06-01 18:24 - 011802145 _____ C:\Users\Utilisateur\Downloads\lienfr3_10318_windows64.zip
2021-06-01 09:39 - 2021-06-01 09:39 - 011799484 _____ C:\Users\Utilisateur\Downloads\lienlilo_10318_windows64(1).zip
2021-06-01 09:38 - 2021-06-01 09:38 - 011799484 _____ C:\Users\Utilisateur\Downloads\lienlilo_10318_windows64.zip
2021-05-31 15:57 - 2021-05-31 15:57 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2895805209-499281333-174160971-1001
2021-05-31 15:57 - 2021-05-31 15:57 - 000002461 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-19 12:19 - 2021-05-19 12:20 - 000005529 _____ C:\Users\Utilisateur\Documents\recu.csv
2021-05-17 23:09 - 2021-05-17 23:09 - 000935830 _____ C:\Users\Utilisateur\Downloads\agendaculturel.xlsx
2021-05-13 16:47 - 2021-05-13 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlySpeed SQL Query
2021-05-13 16:47 - 2021-05-13 16:47 - 000000000 ____D C:\Program Files (x86)\ActiveDBSoft
2021-05-13 14:19 - 2021-05-13 14:19 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-05-13 14:17 - 2021-05-13 14:17 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Neos Eureka S.r.l
2021-05-13 14:17 - 2021-05-13 14:17 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ActiveDBSoft
2021-05-13 00:32 - 2021-05-13 00:32 - 000056688 _____ C:\Program8.html
2021-05-13 00:30 - 2021-05-13 00:35 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Notepad
2021-05-12 23:28 - 2021-05-12 23:46 - 000397312 _____ C:\Users\Utilisateur\Documents\chahge12052021bis.mdb
2021-05-12 23:27 - 2021-05-12 23:27 - 000009334 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft Access 97-2003.EML
2021-05-12 21:13 - 2021-05-12 21:13 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 21:13 - 2021-05-12 21:13 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 21:13 - 2021-05-12 21:13 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 21:13 - 2021-05-12 21:13 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 11:57 - 2021-05-12 12:15 - 000389120 _____ C:\Users\Utilisateur\Documents\chahge12052021.mdb
2021-05-12 11:53 - 2021-05-12 11:53 - 001513800 _____ C:\Users\Utilisateur\Documents\change.pdf
2021-05-11 10:11 - 2021-05-11 11:44 - 000696320 _____ C:\Users\Utilisateur\Documents\changemai2021.mdb
2021-04-30 20:00 - 2021-04-30 20:00 - 000000137 _____ C:\Users\Utilisateur\Desktop\tv.url
2021-04-30 18:11 - 2021-06-11 15:46 - 000000000 ____D C:\Program Files (x86)\Sky Email Verifier
2021-04-30 18:11 - 2021-04-30 18:11 - 000001216 _____ C:\Users\Utilisateur\Desktop\Sky Email Verifier.lnk
2021-04-30 18:11 - 2021-04-30 18:11 - 000000000 ____D C:\Users\Utilisateur\Documents\Sky Email Verifier
2021-04-30 18:11 - 2021-04-30 18:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky Email Verifier
2021-04-27 07:52 - 2021-04-27 07:57 - 000000000 ____D C:\CUBRID
2021-04-25 18:31 - 2021-04-25 18:34 - 381155201 _____ C:\Users\Utilisateur\Documents\basetotaleemail.txt
2021-04-19 22:50 - 2021-04-19 22:50 - 000000595 _____ C:\Users\Utilisateur\Desktop\base2021.accdb - Raccourci.lnk
2021-04-19 17:32 - 2021-04-20 10:18 - 000006679 _____ C:\Users\Utilisateur\Documents\requetemailbis.txt
2021-04-19 16:32 - 2021-04-24 23:32 - 092673862 _____ C:\Users\Utilisateur\Documents\requetemailmailing.txt
2021-04-19 16:20 - 2021-04-24 23:31 - 002214294 _____ C:\Users\Utilisateur\Documents\requetemail.txt
2021-04-16 15:27 - 2021-04-20 13:29 - 000450560 _____ C:\Users\Utilisateur\Documents\changeavril16.mdb
2021-04-16 14:50 - 2021-04-16 14:50 - 000168790 _____ C:\Users\Utilisateur\Downloads\collissimo_1618326377_1758_5928994d16.pdf
2021-04-14 23:50 - 2021-04-14 23:50 - 000056932 _____ C:\Program7.html
2021-04-14 21:21 - 2021-04-14 21:21 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-11 13:10 - 2021-04-11 15:30 - 000819200 _____ C:\Users\Utilisateur\Documents\changeavril.mdb
2021-04-11 12:32 - 2021-04-11 12:33 - 000079202 _____ C:\Users\Utilisateur\Documents\npai.csv
2021-04-07 17:37 - 2021-05-11 10:12 - 000729088 _____ C:\Users\Utilisateur\Documents\change07042021.mdb
2021-04-06 08:41 - 2021-04-06 08:41 - 000124780 _____ C:\Users\Utilisateur\Desktop\courrier JPD 04 21070.pdf
2021-04-06 08:37 - 2021-04-06 08:37 - 000054892 _____ C:\Users\Utilisateur\Desktop\courrier situation JPD .pdf
2021-04-02 14:30 - 2021-04-02 14:30 - 000344511 _____ C:\Users\Utilisateur\Downloads\Blacklist.csv
2021-03-30 14:52 - 2021-04-07 17:34 - 000729088 _____ C:\Users\Utilisateur\Documents\change30032021.mdb
2021-03-29 22:57 - 2021-03-31 11:20 - 000001050 _____ C:\Users\Utilisateur\Desktop\totalturbo.xlsx - Raccourci.lnk
2021-03-29 19:21 - 2021-03-29 19:21 - 000001359 _____ C:\Users\Utilisateur\Desktop\VSO Downloader 5.lnk
2021-03-29 19:19 - 2021-03-29 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2021-03-29 19:19 - 2021-03-29 19:19 - 000000000 ____D C:\Program Files\WinPcap
2021-03-29 15:13 - 2021-03-29 15:13 - 000002070 _____ C:\Users\Public\Desktop\SendBlaster 4.lnk
2021-03-29 15:13 - 2021-03-29 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SendBlaster 4
2021-03-29 15:13 - 2021-03-29 15:13 - 000000000 ____D C:\Program Files (x86)\SendBlaster4
2021-03-29 09:26 - 2021-03-30 14:53 - 000532480 _____ C:\Users\Utilisateur\Documents\change28032021.mdb
2021-03-28 14:09 - 2021-05-12 12:27 - 005218304 _____ C:\Users\Utilisateur\Documents\changetravail.mdb
2021-03-28 13:34 - 2021-05-11 10:12 - 000593920 _____ C:\Users\Utilisateur\Documents\change.mdb
2021-03-28 13:31 - 2021-03-28 13:31 - 000008830 _____ C:\Users\Utilisateur\Documents\change.xlsx
2021-03-28 13:30 - 2021-03-28 13:30 - 000017592 _____ C:\Users\Utilisateur\Documents\change28032021.TXT
2021-03-28 13:30 - 2021-03-28 13:30 - 000009352 _____ C:\Users\Utilisateur\AppData\Roaming\Valeurs séparées par une tabulation (Windows).EML
2021-03-28 00:48 - 2021-03-28 00:48 - 000160256 _____ C:\Users\Utilisateur\Documents\change.xls
2021-03-28 00:48 - 2021-03-28 00:48 - 000009322 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft Excel 97-2003.EML
2021-03-28 00:37 - 2021-03-28 00:37 - 000102003 _____ C:\Users\Utilisateur\Documents\355.csv
2021-03-27 19:11 - 2021-03-27 19:11 - 000011528 _____ C:\Users\Utilisateur\Documents\essaiinterne.csv
2021-03-27 19:10 - 2021-03-28 00:39 - 000114542 _____ C:\Users\Utilisateur\Documents\essai.csv
2021-03-27 18:53 - 2021-03-27 18:53 - 000000744 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Brief -27-mars-21 05.52.40 .txt
2021-03-27 18:52 - 2021-03-27 18:53 - 000347633 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Full -27-mars-21 05.52.40 .txt
2021-03-27 18:51 - 2021-03-27 18:51 - 000000654 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Brief -27-mars-21 05.49.59 .txt
2021-03-27 18:49 - 2021-03-27 18:51 - 000431388 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Full -27-mars-21 05.49.59 .txt
2021-03-27 18:00 - 2021-03-27 19:07 - 000019948 _____ C:\Users\Utilisateur\Documents\change.txt
2021-03-27 17:40 - 2021-03-27 17:40 - 000002655 _____ C:\Users\Public\Desktop\E-Mail ID Farmer.lnk
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\KNR-iDigital
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Mail ID Farmer
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\Program Files (x86)\E-Mail ID Farmer
2021-03-24 16:31 - 2021-03-24 16:41 - 000000000 ____D C:\Users\Utilisateur\validateuremailokaveccoock_16212_windows64
2021-03-24 16:05 - 2021-03-24 16:05 - 000000000 ____D C:\Users\Utilisateur\validateuremailok_16212_windows64
2021-03-24 15:40 - 2021-03-24 15:41 - 000000000 ____D C:\Users\Utilisateur\validateuremailokcsv_16212_windows64
2021-03-23 18:34 - 2021-03-23 18:35 - 000000118 _____ C:\Users\Utilisateur\Desktop\mailtesterantispam.url
2021-03-20 19:43 - 2021-03-20 19:43 - 000000113 _____ C:\Users\Utilisateur\Desktop\validateuryaml.url
2021-03-20 15:02 - 2021-03-20 15:03 - 000000123 _____ C:\Users\Utilisateur\Desktop\validateuremail.url
2021-03-18 18:13 - 2021-03-18 18:13 - 003135478 _____ C:\Users\Utilisateur\Documents\Copie de annuaire-mairie (2).xlsx
2021-03-17 19:05 - 2021-03-17 19:05 - 000000000 ____D C:\Users\Utilisateur\Documents\SendBlaster4
2021-03-17 14:15 - 2021-03-17 14:15 - 000000792 _____ C:\Users\Utilisateur\Desktop\totalsendblaster.xlsx - Raccourci.lnk
2021-03-17 11:22 - 2021-03-17 11:22 - 000000606 _____ C:\Users\Utilisateur\Desktop\sendblaster.accd.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-14 11:25 - 2020-01-05 12:51 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2021-06-14 11:24 - 2020-02-21 10:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\ZHP
2021-06-14 11:14 - 2020-01-03 18:26 - 000000000 ____D C:\outlook
2021-06-14 10:59 - 2019-08-20 09:15 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-14 10:58 - 2019-08-20 09:37 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Mozilla
2021-06-14 09:23 - 2020-01-06 00:47 - 000000000 ____D C:\Program Files\CCleaner
2021-06-14 09:22 - 2020-11-01 13:26 - 001791548 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-14 09:22 - 2019-12-07 16:50 - 000794556 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-14 09:22 - 2019-12-07 16:50 - 000150844 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-14 09:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-14 09:19 - 2020-11-25 01:30 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\MacroCreator
2021-06-14 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-14 09:14 - 2020-11-01 13:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-14 09:14 - 2020-11-01 13:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-14 09:14 - 2020-01-26 14:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-14 09:14 - 2020-01-06 23:52 - 000000000 ____D C:\ProgramData\Privax
2021-06-14 09:14 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-06-13 23:33 - 2020-11-01 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-13 14:57 - 2020-02-21 10:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ZHP
2021-06-13 09:14 - 2020-06-26 12:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-13 09:14 - 2020-06-26 12:26 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-13 09:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-13 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-12 23:43 - 2020-01-06 10:14 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-12 23:42 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-12 10:14 - 2019-08-19 09:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 15:48 - 2020-01-04 00:36 - 000000000 ____D C:\Program Files (x86)\WebDataExtractorPro
2021-06-11 15:47 - 2020-06-13 14:38 - 000000000 ____D C:\Program Files (x86)\EagleGet
2021-06-11 15:47 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-11 15:46 - 2020-01-05 12:29 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-06-11 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-06-10 23:02 - 2020-01-05 12:08 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\FileZilla
2021-06-09 23:37 - 2020-01-03 10:10 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\D3DSCache
2021-06-09 17:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-09 17:06 - 2020-11-01 13:18 - 002630672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-09 16:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-09 16:32 - 2019-08-20 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-09 16:28 - 2019-08-20 09:31 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-07 18:01 - 2020-10-05 22:07 - 000081688 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-06-05 18:34 - 2019-09-11 11:58 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc
2021-06-04 15:53 - 2020-11-05 13:58 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Octoparse8
2021-06-02 08:06 - 2020-01-06 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-01 22:32 - 2020-02-21 10:48 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-31 15:57 - 2019-08-20 09:12 - 000000000 ___RD C:\Users\Utilisateur\OneDrive
2021-05-31 11:24 - 2020-02-11 19:11 - 000000000 ____D C:\Users\Utilisateur\Desktop\Anciennes données de Firefox
2021-05-28 22:53 - 2020-04-24 15:10 - 000000140 _____ C:\Users\Utilisateur\Desktop\cassandra.url
2021-05-26 11:11 - 2020-01-04 10:48 - 000000059 _____ C:\Users\Utilisateur\AppData\Roaming\.clst
2021-05-26 11:11 - 2020-01-04 10:47 - 000000122 ____H C:\Users\Utilisateur\AppData\Roaming\net.api.cp
2021-05-25 17:40 - 2020-01-05 12:32 - 000000000 ____D C:\Users\Utilisateur\Documents\VSO Downloader
2021-05-24 20:08 - 2020-01-19 13:05 - 000000681 _____ C:\Users\Utilisateur\Desktop\base2019.accdb - Raccourci.lnk
2021-05-20 12:01 - 2020-10-30 22:42 - 000000000 ____D C:\Users\Utilisateur
2021-05-17 19:19 - 2020-11-12 00:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\RDDZ_Scraper
==================== Fichiers à la racine de certains dossiers ========
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2020-03-02 01:14 - 2020-03-02 01:14 - 003333504 _____ (Nicolas Coolman) C:\Users\Utilisateur\ZHPCleaner.exe
2021-03-08 15:42 - 2021-03-08 15:42 - 000000000 _____ () C:\Program Files (x86)\Gammadyne
2020-01-04 10:48 - 2021-05-26 11:11 - 000000059 _____ () C:\Users\Utilisateur\AppData\Roaming\.clst
2020-01-04 10:43 - 2021-05-04 10:32 - 000000214 ____H () C:\Users\Utilisateur\AppData\Roaming\.cpref2
2021-05-12 23:27 - 2021-05-12 23:27 - 000009334 _____ () C:\Users\Utilisateur\AppData\Roaming\Microsoft Access 97-2003.EML
2021-03-28 00:48 - 2021-03-28 00:48 - 000009322 _____ () C:\Users\Utilisateur\AppData\Roaming\Microsoft Excel 97-2003.EML
2020-01-04 10:47 - 2021-05-26 11:11 - 000000122 ____H () C:\Users\Utilisateur\AppData\Roaming\net.api.cp
2020-01-20 00:31 - 2020-01-20 00:49 - 017895424 _____ () C:\Users\Utilisateur\AppData\Roaming\Sandra.mdb
2021-03-28 13:30 - 2021-03-28 13:30 - 000009352 _____ () C:\Users\Utilisateur\AppData\Roaming\Valeurs séparées par une tabulation (Windows).EML
2020-05-20 16:19 - 2020-05-20 16:19 - 000000099 _____ () C:\Users\Utilisateur\AppData\Local\fusioncache.dat
2020-01-06 22:09 - 2020-01-06 22:09 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2020-01-08 17:15 - 2015-09-21 01:30 - 003557000 _____ C:\WINDOWS\system32\BootMan.exe
2015-07-22 01:42 - 2015-07-22 01:42 - 000103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2020-01-04 15:54 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2020-01-04 15:54 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2020-01-04 15:54 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2020-01-04 15:54 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2020-01-04 15:54 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2020-01-04 15:54 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2020-01-08 17:15 - 2014-11-18 15:46 - 000017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2020-01-08 09:53 - 2013-10-08 10:55 - 001988096 _____ C:\WINDOWS\system32\libmysql_e.dll
2020-01-08 17:15 - 2014-11-18 15:38 - 000101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2020-02-17 13:53 - 2016-09-29 10:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe
2020-01-16 00:01 - 2020-01-16 00:01 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2020-01-16 00:01 - 2020-01-16 00:01 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2020-01-08 17:15 - 2015-09-21 01:19 - 002658952 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2018-08-25 13:36 - 2018-08-25 13:36 - 009501184 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatAx-9.5.0-win32.dll
2006-02-28 13:41 - 2006-02-28 13:41 - 000061440 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dns-sd.exe
2006-02-28 13:41 - 2006-02-28 13:41 - 000053248 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dnssd.dll
2020-01-08 17:15 - 2014-11-18 15:46 - 000021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2009-01-28 03:00 - 2009-01-28 03:00 - 000086016 _____ (Exontrol Inc.) C:\WINDOWS\SysWOW64\ExTransparent.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JETCOMP.exe
2020-01-03 20:56 - 2015-08-03 11:06 - 001816064 _____ C:\WINDOWS\SysWOW64\libmysql_e.dll
2009-12-18 18:04 - 2009-12-18 18:04 - 000677888 _____ (AfterLogic Corporation) C:\WINDOWS\SysWOW64\MailBee.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexch35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000252688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 001050896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet35.dll
2000-04-26 13:35 - 2000-04-26 13:35 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 001238288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjt4jlt.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000168720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspdox35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000044304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrpfs35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000166672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext35.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbse35.dll
2004-11-18 10:16 - 2004-11-18 10:16 - 000069632 _____ () C:\WINDOWS\SysWOW64\nktwab.dll
2014-05-21 10:36 - 2014-05-21 10:36 - 000265797 _____ (Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\SysWOW64\pdvcodec.dll
2014-04-18 06:31 - 2014-04-18 06:31 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2020-01-08 17:15 - 2014-11-18 15:38 - 000088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2020-02-21 01:01 - 2011-12-14 21:21 - 000086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2007-03-21 21:54 - 2007-03-21 21:54 - 000077312 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWAIN_32.DLL
2007-03-21 21:54 - 2007-03-21 21:54 - 000048560 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_16.EXE
2007-03-21 21:54 - 2007-03-21 21:54 - 000069632 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_32.EXE
1998-06-18 00:00 - 1998-06-18 00:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2020-01-03 15:06 - 2006-04-26 22:05 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2000-07-15 01:00 - 2000-07-15 01:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2000-04-26 13:34 - 2000-04-26 13:34 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
2003-10-19 14:51 - 2003-10-19 14:51 - 000299008 _____ (Aivosto Oy) C:\WINDOWS\SysWOW64\vbwFunctionsVB6.dll
2010-03-14 02:09 - 2010-03-14 02:09 - 000028672 _____ (eDisplay srl) C:\WINDOWS\SysWOW64\WabWrapper.dll
2020-01-03 15:06 - 2007-02-21 02:59 - 000053248 _____ C:\WINDOWS\SysWOW64\ZLib.dll
2020-01-03 15:06 - 2005-05-08 17:56 - 000055808 _____ C:\WINDOWS\SysWOW64\zlib1.dll
2019-09-11 11:59 - 2011-01-03 15:50 - 000008192 _____ C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2020-03-02 01:14 - 2020-03-02 01:14 - 003333504 _____ (Nicolas Coolman) C:\Users\Utilisateur\ZHPCleaner.exe
2021-06-12 15:22 - 2021-06-12 19:19 - 002300416 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRSTEnglish.exe
2020-01-04 15:51 - 2005-09-24 03:28 - 001638400 _____ (Microsoft Corporation) C:\Users\Utilisateur\Downloads\gdiplus.dll
2020-11-25 01:26 - 2020-11-25 01:26 - 019034776 _____ (Rodolfo U. Batista ) C:\Users\Utilisateur\Downloads\MacroCreator-setup2357.exe
2020-01-04 16:36 - 2020-01-04 16:36 - 025763945 _____ (The qBittorrent project) C:\Users\Utilisateur\Downloads\qbittorrent_4.2.1_x64_setup.exe
2020-01-03 17:08 - 2020-01-03 17:08 - 006519144 _____ (Igor Pavlov) C:\Users\Utilisateur\Downloads\wde.exe
2020-02-22 00:39 - 2020-02-22 00:39 - 008321966 _____ (Igor Pavlov) C:\Users\Utilisateur\Downloads\wdepro.exe
2021-02-07 21:17 - 2021-02-07 21:17 - 003342472 _____ (Nicolas Coolman) C:\Users\Utilisateur\Downloads\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {f68812c3-1bfd-11ea-b557-806e6f6e6963}
{16482549-016f-11ea-b54a-806e6f6e6963}
{4a37c68b-c257-11e9-8aa9-e122dece355d}
{f68812c2-1bfd-11ea-b557-806e6f6e6963}
{71a838b9-05fa-11ea-b54e-806e6f6e6963}
{e62e0d09-3219-11ea-b574-200db035e249}
{bootmgr}
{1648254d-016f-11ea-b54a-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4a37c696-c257-11e9-8aa9-e122dece355d}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {16482549-016f-11ea-b54a-806e6f6e6963}
description Onboard NIC
Application logicielle (101fffff)
--------------------------------
identificateur {1648254d-016f-11ea-b54a-806e6f6e6963}
device partition=\Device\HarddiskVolume2
path \EFI\Boot\BOOTX64.EFI
description azm
Application logicielle (101fffff)
--------------------------------
identificateur {4a37c68b-c257-11e9-8aa9-e122dece355d}
description P0: PNY CS900 240GB SSD
Application logicielle (101fffff)
--------------------------------
identificateur {71a838b9-05fa-11ea-b54e-806e6f6e6963}
description CD/DVD/CD-RW Drive
Application logicielle (101fffff)
--------------------------------
identificateur {e62e0d09-3219-11ea-b574-200db035e249}
description P1: PNY CS900 960GB SSD
Application logicielle (101fffff)
--------------------------------
identificateur {f68812c2-1bfd-11ea-b557-806e6f6e6963}
description Diskette Drive
Application logicielle (101fffff)
--------------------------------
identificateur {f68812c3-1bfd-11ea-b557-806e6f6e6963}
device partition=\Device\HarddiskVolume2
path \EFI\Boot\BOOTX64.EFI
description USB Storage Device
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {4a37c699-c257-11e9-8aa9-e122dece355d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {4a37c696-c257-11e9-8aa9-e122dece355d}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {4a37c699-c257-11e9-8aa9-e122dece355d}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4a37c69a-c257-11e9-8aa9-e122dece355d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4a37c69a-c257-11e9-8aa9-e122dece355d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {4a37c696-c257-11e9-8aa9-e122dece355d}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {4a37c699-c257-11e9-8aa9-e122dece355d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {4a37c69a-c257-11e9-8aa9-e122dece355d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Utilisateur (administrateur) sur DESK-ELB0001 (Dell Inc. OptiPlex 790) (14-06-2021 11:22:23)
Exécuté depuis E:\malware
Profils chargés: Utilisateur
Platform: Windows 10 Pro Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\MacroCreator\MacroCreator.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apache Software Foundation) [Fichier non signé] C:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe <2>
(Apple Computer, Inc.) [Fichier non signé] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(MariaDB Corporation Ab -> ) C:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <3>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] E:\malware\ZHPSuite.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Private) [Fichier non signé] C:\wamp64\wampmanager.exe
(Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\Vpn.exe <3>
(Privax Limited -> Privax Limited) C:\Program Files\Privax\HMA VPN\VpnSvc.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKLM\...\Run: [RtHDVBg] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [Chromium] => "c:\users\utilisateur\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34612864 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [EagleGet] => C:\Program Files (x86)\EagleGet\EagleGet.exe [2550784 2020-05-18] (Beijing Pu Technology Limited -> EagleGet.com)
HKU\S-1-5-21-2895805209-499281333-174160971-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 2\MailStyler.exe [7710536 2021-02-08] (DELIVERY TECH CORP -> Delivery Tech Corp.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SX535WD Series 64MonitorBE: C:\WINDOWS\system32\E_YLMHTE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HMA VPN.lnk [2021-06-11]
ShortcutTarget: HMA VPN.lnk -> C:\Program Files\Privax\HMA VPN\Vpn.exe (Privax Limited -> Privax Limited)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {077C5BB7-19BB-4BA7-B4B2-3D3938F57C29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1633D856-CEF8-4724-9D7B-16F8E288CBDD} - System32\Tasks\Privax\HMA VPN Bug Report => C:\Program Files\Privax\HMA VPN\AvBugReport.exe [4868088 2021-06-11] (Privax Limited -> Privax Limited) -> --filter "*.dmp;*.mdmp;icarus.log" --send "dumps|report" --silent --product 78 --programpath "C:\Program Files\Privax\HMA VPN" --configpath "C:\ProgramData\Privax\HMA VPN" --path "C:\ProgramData\Privax\HMA VPN\log" --path "C:\ProgramData\Privax\Icarus\Logs" --guid 085aaffe-c9bf-4645-83d0-bdfd72b6ba73
Task: {1C30E736-15F4-4AA0-9A20-E16B960762DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {1D7C6AFF-54EA-4DEC-9F45-A26243BF8061} - System32\Tasks\Firefox Default Browser Agent 16FC53550C4E3F8C => C:\Users\Utilisateur\AppData\Roaming\whdiasv.exe <==== ATTENTION
Task: {3DBB58D7-D14D-4C62-86E4-9B414B397ABB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6270706C-14DA-4460-A33D-30CCB5AE06AE} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1010800 2021-05-07] (Microleaves LTD -> AW Manager) <==== ATTENTION
Task: {6ED5B456-685A-42A6-B15E-77666EA3F5C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77462E8E-836D-46F6-9B38-EECE2153CA3F} - System32\Tasks\HMA VPN Update => C:\Program Files\Privax\HMA VPN\VpnUpdate.exe [1285624 2021-06-11] (Privax Limited -> Privax Limited)
Task: {7E1447AA-9EE9-4B74-9327-24C8DCEAB9A5} - System32\Tasks\Privax\HMA VPN Update => C:\Program Files\Common Files\Privax\Icarus\privax-vpn\icarus.exe [5902912 2021-06-07] (Privax Limited -> Privax Limited)
Task: {7FE1F93D-B6DB-43B2-9CF2-631C8CB80BFD} - System32\Tasks\csrss => C:\WINDOWS\rss\csrss.exe <==== ATTENTION
Task: {83EF6CC8-C7B7-479B-9D6E-06993FB62C49} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Task: {9EDE7C02-46F3-462B-BC5A-8E5973CD1D7B} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {A11F5861-C9F1-4A81-8685-C95C7C1B17A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {AC60D4B7-069B-4A31-9EBF-4012C7F688BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28985472 2021-06-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C4B0A8C4-CC51-4C1B-9A06-8ABF33A15A31} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Task: {CB1E5187-1386-4DDC-AD82-94B1AE1FFE1B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Vsvlkrjsbob => C:\WINDOWS\SysWOW64\rundll32 C:\Users\Utilisateur\AppData\Local\EnableClients\CodstQudlxty\polutws_IntuiDPS.dll,iass_syqmeTRTN
Task: {CE00C60D-E600-4AE8-934F-24C7A4F62951} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CFAA63E6-4716-420B-AFEB-86AF0E936433} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D771586B-5DC6-48E9-BAA4-FC3D09555C98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-07] (Piriform Software Ltd -> Piriform)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{079cb52d-5576-4404-adb8-293911806c3c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84802e38-b6d4-467f-9a12-b3fe778255dd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a2f41085-35f1-4e96-96b4-bad2855d6d75}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b7f45a4a-d145-4089-8477-c3adba1f257a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c928506e-5b40-4bdf-92a8-0453790ff260}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d084307c-5c2b-4aa8-9f54-8890471c7a18}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f419f04c-7aa4-4422-8b98-e8dba8c6a35f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Utilisateur\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-14]
FireFox:
========
FF DefaultProfile: nkdqx4a0.default
FF DefaultProfile: h1oaxo7d.default
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\OutWit\outwit-hub\Profiles\pr9qhv9e.dev-edition-default [2021-01-28]
FF Extension: (OutWit Kernel) - C:\Users\Utilisateur\AppData\Roaming\OutWit\outwit-hub\Profiles\pr9qhv9e.dev-edition-default\Extensions\kernel@outwit.com [2020-06-25] [] [non signé]
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\nkdqx4a0.default [2021-06-11]
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\wqy9t3nn.default-release-1622453038473 [2021-06-14]
FF Homepage: Mozilla\Firefox\Profiles\wqy9t3nn.default-release-1622453038473 -> hxxps://www.google.com/
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default [2021-03-17]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-cs@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-de@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-fi@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-fr@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-gl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-he@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-hu@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-it@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ja@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ko@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-nl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-pl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-ru@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sl@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sr@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Utilisateur\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\h1oaxo7d.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2021-03-10] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2020-01-08] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi
FF Extension: (EagleGet Free Downloader) - C:\Program Files (x86)\EagleGet\addon\eagleget_ffext@eagleget.com.xpi [2018-07-31]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2895805209-499281333-174160971-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2017-12-03] (Beijing Jiupu Technology Co., Ltd. -> EagleGet)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-11]
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-11]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
CHR HKU\S-1-5-21-2895805209-499281333-174160971-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2020-06-13]
CHR HKU\S-1-5-21-2895805209-499281333-174160971-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2020-06-13]
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2020-06-13]
Brave:
=======
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-01-05]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-01-08]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-01-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-01-05]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
S2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [340480 2020-05-18] (Beijing Pu Technology Limited -> )
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2020-01-03] (Macrovision Europe Ltd.) [Fichier non signé]
R2 HmaProVpn; C:\Program Files\Privax\HMA VPN\VpnSvc.exe [8616440 2021-06-11] (Privax Limited -> Privax Limited)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2020\RpcAgentSrv.exe [136712 2019-11-25] (SiSoftware SPC -> SiSoftware) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R3 wampapache64; c:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [Fichier non signé]
R3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 luminati_net_updater_win_eagleget_com; "C:/Program Files (x86)/EagleGet/net_updater32.exe" --updater win_eagleget.com [X]
S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 eagleGet; C:\WINDOWS\System32\Drivers\eagleGet.sys [86520 2019-08-03] (Beijing Pu Technology Limited -> eagleGet)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
R3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860088 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2020\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware Ltd -> SiSoftware)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 Winmon; \??\C:\WINDOWS\System32\drivers\Winmon.sys [X]
S3 WinmonFS; \??\C:\WINDOWS\System32\drivers\WinmonFS.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-14 11:24 - 2021-06-14 11:24 - 000400023 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.txt
2021-06-14 09:14 - 2021-06-14 09:14 - 000003946 _____ C:\WINDOWS\system32\Tasks\HMA VPN Update
2021-06-14 00:09 - 2021-06-14 00:09 - 000012095 _____ C:\Users\Utilisateur\Desktop\ZHPCleaner (R).html
2021-06-14 00:06 - 2021-06-14 00:06 - 000011873 _____ C:\Users\Utilisateur\Desktop\ZHPCleaner (S).html
2021-06-13 15:55 - 2021-06-13 15:55 - 000492374 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.html
2021-06-13 14:57 - 2021-06-13 14:57 - 000000913 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.lnk
2021-06-12 23:20 - 2021-06-13 13:02 - 000000000 ____D C:\ProgramData\AVG
2021-06-12 22:56 - 2021-06-12 22:56 - 000003282 _____ C:\WINDOWS\system32\Tasks\csrss
2021-06-12 19:21 - 2021-06-12 19:20 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-12 19:20 - 2021-06-12 19:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-12 18:39 - 2021-06-12 18:39 - 000000725 _____ C:\Users\Utilisateur\Desktop\malware - Raccourci.lnk
2021-06-12 18:38 - 2021-06-12 18:38 - 000036096 _____ C:\WINDOWS\system32\Drivers\trzDBD5.tmp
2021-06-12 16:17 - 2021-06-12 16:17 - 000000000 ____D C:\AdwCleaner
2021-06-12 15:50 - 2021-06-12 15:50 - 000000913 _____ C:\Users\Utilisateur\Desktop\ZHPSuite.lnk
2021-06-12 15:34 - 2021-06-14 11:22 - 000000000 ____D C:\FRST
2021-06-12 15:31 - 2021-06-12 15:31 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-12 15:22 - 2021-06-12 19:19 - 002300416 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRSTEnglish.exe
2021-06-12 14:42 - 2021-06-12 14:42 - 000000000 ____D C:\Users\Utilisateur\Documents\TotalAV
2021-06-12 14:41 - 2021-06-12 14:41 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\GUI
2021-06-11 23:25 - 2021-06-11 23:25 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-06-11 23:25 - 2021-06-11 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-06-11 23:25 - 2021-06-11 23:25 - 000000000 ____D C:\Program Files\VS Revo Group
2021-06-11 19:45 - 2021-06-11 19:45 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-11 17:25 - 2021-06-13 17:50 - 000000000 ___HD C:\ProgramData\Bpfcmdw
2021-06-11 16:13 - 2021-06-11 16:13 - 000003770 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 16FC53550C4E3F8C
2021-06-11 15:56 - 2021-06-11 15:56 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\NirSoft
2021-06-11 15:50 - 2021-06-11 15:50 - 001564823 _____ C:\ProgramData\5562
2021-06-11 15:50 - 2021-06-11 15:50 - 000105945 _____ C:\ProgramData\73246.73246
2021-06-11 15:50 - 2021-06-11 15:50 - 000000000 ____D C:\ProgramData\55
2021-06-11 15:47 - 2021-06-11 15:58 - 000000014 _____ C:\ProgramData\kaosdma.txt
2021-06-11 15:47 - 2021-06-11 15:47 - 000003932 _____ C:\WINDOWS\system32\Tasks\AdvancedUpdater
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\nailedp
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Gomari
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Yandex
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\ProgramData\ZNMRN0LGOA9B676FAKV77T4XS
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\ProgramData\BQ8NV36909QK55M8FDQQJEXC0
2021-06-11 15:47 - 2021-06-11 15:47 - 000000000 ____D C:\Program Files (x86)\AW Manager
2021-06-11 15:46 - 2021-06-11 18:39 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-06-11 15:46 - 2021-06-11 17:28 - 000000000 ___HD C:\Users\Utilisateur\AppData\Roaming\WinHost
2021-06-11 15:46 - 2021-06-11 15:46 - 001564823 _____ C:\ProgramData\5055
2021-06-11 15:46 - 2021-06-11 15:46 - 000104915 _____ C:\ProgramData\81593.81593
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Browzar
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\AW Manager
2021-06-11 15:46 - 2021-06-11 15:46 - 000000000 ____D C:\ProgramData\50
2021-06-11 11:54 - 2021-06-11 11:54 - 000000128 _____ C:\Users\Utilisateur\Desktop\exemple 2 cassandra.url
2021-06-11 11:40 - 2021-06-11 11:41 - 000000169 _____ C:\Users\Utilisateur\Desktop\exemple cassandra.url
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2021-06-09 17:07 - 2021-06-09 17:07 - 000056422 _____ C:\Program9.html
2021-06-09 16:38 - 2021-06-09 16:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-09 16:38 - 2021-06-09 16:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-09 16:38 - 2021-06-09 16:38 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-09 16:38 - 2021-06-09 16:38 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-09 16:38 - 2021-06-09 16:38 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-09 16:38 - 2021-06-09 16:38 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-09 16:38 - 2021-06-09 16:38 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-09 16:38 - 2021-06-09 16:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-09 16:38 - 2021-06-09 16:38 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-09 16:38 - 2021-06-09 16:38 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-09 16:38 - 2021-06-09 16:38 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-09 16:38 - 2021-06-09 16:38 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-09 09:22 - 2021-06-09 09:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-06-08 15:55 - 2021-06-08 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Contact
2021-06-08 15:55 - 2021-06-08 15:55 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Robert Zamberlan
2021-06-08 15:55 - 2021-06-08 15:55 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\WDSetup
2021-06-08 14:05 - 2021-06-08 14:04 - 000157831 _____ C:\Users\Utilisateur\Documents\epargnelauraDGVO0621078.pdf
2021-06-05 20:39 - 2021-06-05 20:40 - 639250721 _____ C:\Users\Utilisateur\Documents\basetotaleemail.sql
2021-06-01 22:32 - 2021-06-01 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-01 18:30 - 2021-06-02 08:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-01 18:24 - 2021-06-01 18:24 - 011802145 _____ C:\Users\Utilisateur\Downloads\lienfr3_10318_windows64.zip
2021-06-01 09:39 - 2021-06-01 09:39 - 011799484 _____ C:\Users\Utilisateur\Downloads\lienlilo_10318_windows64(1).zip
2021-06-01 09:38 - 2021-06-01 09:38 - 011799484 _____ C:\Users\Utilisateur\Downloads\lienlilo_10318_windows64.zip
2021-05-31 15:57 - 2021-05-31 15:57 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2895805209-499281333-174160971-1001
2021-05-31 15:57 - 2021-05-31 15:57 - 000002461 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-19 12:19 - 2021-05-19 12:20 - 000005529 _____ C:\Users\Utilisateur\Documents\recu.csv
2021-05-17 23:09 - 2021-05-17 23:09 - 000935830 _____ C:\Users\Utilisateur\Downloads\agendaculturel.xlsx
2021-05-13 16:47 - 2021-05-13 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlySpeed SQL Query
2021-05-13 16:47 - 2021-05-13 16:47 - 000000000 ____D C:\Program Files (x86)\ActiveDBSoft
2021-05-13 14:19 - 2021-05-13 14:19 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-05-13 14:17 - 2021-05-13 14:17 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Neos Eureka S.r.l
2021-05-13 14:17 - 2021-05-13 14:17 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ActiveDBSoft
2021-05-13 00:32 - 2021-05-13 00:32 - 000056688 _____ C:\Program8.html
2021-05-13 00:30 - 2021-05-13 00:35 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Notepad
2021-05-12 23:28 - 2021-05-12 23:46 - 000397312 _____ C:\Users\Utilisateur\Documents\chahge12052021bis.mdb
2021-05-12 23:27 - 2021-05-12 23:27 - 000009334 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft Access 97-2003.EML
2021-05-12 21:13 - 2021-05-12 21:13 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 21:13 - 2021-05-12 21:13 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 21:13 - 2021-05-12 21:13 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-12 21:13 - 2021-05-12 21:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 21:13 - 2021-05-12 21:13 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 11:57 - 2021-05-12 12:15 - 000389120 _____ C:\Users\Utilisateur\Documents\chahge12052021.mdb
2021-05-12 11:53 - 2021-05-12 11:53 - 001513800 _____ C:\Users\Utilisateur\Documents\change.pdf
2021-05-11 10:11 - 2021-05-11 11:44 - 000696320 _____ C:\Users\Utilisateur\Documents\changemai2021.mdb
2021-04-30 20:00 - 2021-04-30 20:00 - 000000137 _____ C:\Users\Utilisateur\Desktop\tv.url
2021-04-30 18:11 - 2021-06-11 15:46 - 000000000 ____D C:\Program Files (x86)\Sky Email Verifier
2021-04-30 18:11 - 2021-04-30 18:11 - 000001216 _____ C:\Users\Utilisateur\Desktop\Sky Email Verifier.lnk
2021-04-30 18:11 - 2021-04-30 18:11 - 000000000 ____D C:\Users\Utilisateur\Documents\Sky Email Verifier
2021-04-30 18:11 - 2021-04-30 18:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky Email Verifier
2021-04-27 07:52 - 2021-04-27 07:57 - 000000000 ____D C:\CUBRID
2021-04-25 18:31 - 2021-04-25 18:34 - 381155201 _____ C:\Users\Utilisateur\Documents\basetotaleemail.txt
2021-04-19 22:50 - 2021-04-19 22:50 - 000000595 _____ C:\Users\Utilisateur\Desktop\base2021.accdb - Raccourci.lnk
2021-04-19 17:32 - 2021-04-20 10:18 - 000006679 _____ C:\Users\Utilisateur\Documents\requetemailbis.txt
2021-04-19 16:32 - 2021-04-24 23:32 - 092673862 _____ C:\Users\Utilisateur\Documents\requetemailmailing.txt
2021-04-19 16:20 - 2021-04-24 23:31 - 002214294 _____ C:\Users\Utilisateur\Documents\requetemail.txt
2021-04-16 15:27 - 2021-04-20 13:29 - 000450560 _____ C:\Users\Utilisateur\Documents\changeavril16.mdb
2021-04-16 14:50 - 2021-04-16 14:50 - 000168790 _____ C:\Users\Utilisateur\Downloads\collissimo_1618326377_1758_5928994d16.pdf
2021-04-14 23:50 - 2021-04-14 23:50 - 000056932 _____ C:\Program7.html
2021-04-14 21:21 - 2021-04-14 21:21 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-11 13:10 - 2021-04-11 15:30 - 000819200 _____ C:\Users\Utilisateur\Documents\changeavril.mdb
2021-04-11 12:32 - 2021-04-11 12:33 - 000079202 _____ C:\Users\Utilisateur\Documents\npai.csv
2021-04-07 17:37 - 2021-05-11 10:12 - 000729088 _____ C:\Users\Utilisateur\Documents\change07042021.mdb
2021-04-06 08:41 - 2021-04-06 08:41 - 000124780 _____ C:\Users\Utilisateur\Desktop\courrier JPD 04 21070.pdf
2021-04-06 08:37 - 2021-04-06 08:37 - 000054892 _____ C:\Users\Utilisateur\Desktop\courrier situation JPD .pdf
2021-04-02 14:30 - 2021-04-02 14:30 - 000344511 _____ C:\Users\Utilisateur\Downloads\Blacklist.csv
2021-03-30 14:52 - 2021-04-07 17:34 - 000729088 _____ C:\Users\Utilisateur\Documents\change30032021.mdb
2021-03-29 22:57 - 2021-03-31 11:20 - 000001050 _____ C:\Users\Utilisateur\Desktop\totalturbo.xlsx - Raccourci.lnk
2021-03-29 19:21 - 2021-03-29 19:21 - 000001359 _____ C:\Users\Utilisateur\Desktop\VSO Downloader 5.lnk
2021-03-29 19:19 - 2021-03-29 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2021-03-29 19:19 - 2021-03-29 19:19 - 000000000 ____D C:\Program Files\WinPcap
2021-03-29 15:13 - 2021-03-29 15:13 - 000002070 _____ C:\Users\Public\Desktop\SendBlaster 4.lnk
2021-03-29 15:13 - 2021-03-29 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SendBlaster 4
2021-03-29 15:13 - 2021-03-29 15:13 - 000000000 ____D C:\Program Files (x86)\SendBlaster4
2021-03-29 09:26 - 2021-03-30 14:53 - 000532480 _____ C:\Users\Utilisateur\Documents\change28032021.mdb
2021-03-28 14:09 - 2021-05-12 12:27 - 005218304 _____ C:\Users\Utilisateur\Documents\changetravail.mdb
2021-03-28 13:34 - 2021-05-11 10:12 - 000593920 _____ C:\Users\Utilisateur\Documents\change.mdb
2021-03-28 13:31 - 2021-03-28 13:31 - 000008830 _____ C:\Users\Utilisateur\Documents\change.xlsx
2021-03-28 13:30 - 2021-03-28 13:30 - 000017592 _____ C:\Users\Utilisateur\Documents\change28032021.TXT
2021-03-28 13:30 - 2021-03-28 13:30 - 000009352 _____ C:\Users\Utilisateur\AppData\Roaming\Valeurs séparées par une tabulation (Windows).EML
2021-03-28 00:48 - 2021-03-28 00:48 - 000160256 _____ C:\Users\Utilisateur\Documents\change.xls
2021-03-28 00:48 - 2021-03-28 00:48 - 000009322 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft Excel 97-2003.EML
2021-03-28 00:37 - 2021-03-28 00:37 - 000102003 _____ C:\Users\Utilisateur\Documents\355.csv
2021-03-27 19:11 - 2021-03-27 19:11 - 000011528 _____ C:\Users\Utilisateur\Documents\essaiinterne.csv
2021-03-27 19:10 - 2021-03-28 00:39 - 000114542 _____ C:\Users\Utilisateur\Documents\essai.csv
2021-03-27 18:53 - 2021-03-27 18:53 - 000000744 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Brief -27-mars-21 05.52.40 .txt
2021-03-27 18:52 - 2021-03-27 18:53 - 000347633 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Full -27-mars-21 05.52.40 .txt
2021-03-27 18:51 - 2021-03-27 18:51 - 000000654 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Brief -27-mars-21 05.49.59 .txt
2021-03-27 18:49 - 2021-03-27 18:51 - 000431388 _____ C:\Users\Utilisateur\Documents\E-Mail ID Farmer Report Full -27-mars-21 05.49.59 .txt
2021-03-27 18:00 - 2021-03-27 19:07 - 000019948 _____ C:\Users\Utilisateur\Documents\change.txt
2021-03-27 17:40 - 2021-03-27 17:40 - 000002655 _____ C:\Users\Public\Desktop\E-Mail ID Farmer.lnk
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\KNR-iDigital
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Mail ID Farmer
2021-03-27 17:40 - 2021-03-27 17:40 - 000000000 ____D C:\Program Files (x86)\E-Mail ID Farmer
2021-03-24 16:31 - 2021-03-24 16:41 - 000000000 ____D C:\Users\Utilisateur\validateuremailokaveccoock_16212_windows64
2021-03-24 16:05 - 2021-03-24 16:05 - 000000000 ____D C:\Users\Utilisateur\validateuremailok_16212_windows64
2021-03-24 15:40 - 2021-03-24 15:41 - 000000000 ____D C:\Users\Utilisateur\validateuremailokcsv_16212_windows64
2021-03-23 18:34 - 2021-03-23 18:35 - 000000118 _____ C:\Users\Utilisateur\Desktop\mailtesterantispam.url
2021-03-20 19:43 - 2021-03-20 19:43 - 000000113 _____ C:\Users\Utilisateur\Desktop\validateuryaml.url
2021-03-20 15:02 - 2021-03-20 15:03 - 000000123 _____ C:\Users\Utilisateur\Desktop\validateuremail.url
2021-03-18 18:13 - 2021-03-18 18:13 - 003135478 _____ C:\Users\Utilisateur\Documents\Copie de annuaire-mairie (2).xlsx
2021-03-17 19:05 - 2021-03-17 19:05 - 000000000 ____D C:\Users\Utilisateur\Documents\SendBlaster4
2021-03-17 14:15 - 2021-03-17 14:15 - 000000792 _____ C:\Users\Utilisateur\Desktop\totalsendblaster.xlsx - Raccourci.lnk
2021-03-17 11:22 - 2021-03-17 11:22 - 000000606 _____ C:\Users\Utilisateur\Desktop\sendblaster.accd.lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-14 11:25 - 2020-01-05 12:51 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2021-06-14 11:24 - 2020-02-21 10:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\ZHP
2021-06-14 11:14 - 2020-01-03 18:26 - 000000000 ____D C:\outlook
2021-06-14 10:59 - 2019-08-20 09:15 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-14 10:58 - 2019-08-20 09:37 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Mozilla
2021-06-14 09:23 - 2020-01-06 00:47 - 000000000 ____D C:\Program Files\CCleaner
2021-06-14 09:22 - 2020-11-01 13:26 - 001791548 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-14 09:22 - 2019-12-07 16:50 - 000794556 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-14 09:22 - 2019-12-07 16:50 - 000150844 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-14 09:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-14 09:19 - 2020-11-25 01:30 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\MacroCreator
2021-06-14 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-14 09:14 - 2020-11-01 13:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-14 09:14 - 2020-11-01 13:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-14 09:14 - 2020-01-26 14:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-14 09:14 - 2020-01-06 23:52 - 000000000 ____D C:\ProgramData\Privax
2021-06-14 09:14 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-06-13 23:33 - 2020-11-01 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-13 14:57 - 2020-02-21 10:40 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ZHP
2021-06-13 09:14 - 2020-06-26 12:26 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-13 09:14 - 2020-06-26 12:26 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-13 09:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-13 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-12 23:43 - 2020-01-06 10:14 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-12 23:42 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-12 10:14 - 2019-08-19 09:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 15:48 - 2020-01-04 00:36 - 000000000 ____D C:\Program Files (x86)\WebDataExtractorPro
2021-06-11 15:47 - 2020-06-13 14:38 - 000000000 ____D C:\Program Files (x86)\EagleGet
2021-06-11 15:47 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-11 15:46 - 2020-01-05 12:29 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-06-11 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-06-10 23:02 - 2020-01-05 12:08 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\FileZilla
2021-06-09 23:37 - 2020-01-03 10:10 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\D3DSCache
2021-06-09 17:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-09 17:06 - 2020-11-01 13:18 - 002630672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-09 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-09 16:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-09 16:32 - 2019-08-20 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-09 16:28 - 2019-08-20 09:31 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-07 18:01 - 2020-10-05 22:07 - 000081688 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-06-05 18:34 - 2019-09-11 11:58 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc
2021-06-04 15:53 - 2020-11-05 13:58 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Octoparse8
2021-06-02 08:06 - 2020-01-06 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-01 22:32 - 2020-02-21 10:48 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-31 15:57 - 2019-08-20 09:12 - 000000000 ___RD C:\Users\Utilisateur\OneDrive
2021-05-31 11:24 - 2020-02-11 19:11 - 000000000 ____D C:\Users\Utilisateur\Desktop\Anciennes données de Firefox
2021-05-28 22:53 - 2020-04-24 15:10 - 000000140 _____ C:\Users\Utilisateur\Desktop\cassandra.url
2021-05-26 11:11 - 2020-01-04 10:48 - 000000059 _____ C:\Users\Utilisateur\AppData\Roaming\.clst
2021-05-26 11:11 - 2020-01-04 10:47 - 000000122 ____H C:\Users\Utilisateur\AppData\Roaming\net.api.cp
2021-05-25 17:40 - 2020-01-05 12:32 - 000000000 ____D C:\Users\Utilisateur\Documents\VSO Downloader
2021-05-24 20:08 - 2020-01-19 13:05 - 000000681 _____ C:\Users\Utilisateur\Desktop\base2019.accdb - Raccourci.lnk
2021-05-20 12:01 - 2020-10-30 22:42 - 000000000 ____D C:\Users\Utilisateur
2021-05-17 19:19 - 2020-11-12 00:47 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\RDDZ_Scraper
==================== Fichiers à la racine de certains dossiers ========
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2020-03-02 01:14 - 2020-03-02 01:14 - 003333504 _____ (Nicolas Coolman) C:\Users\Utilisateur\ZHPCleaner.exe
2021-03-08 15:42 - 2021-03-08 15:42 - 000000000 _____ () C:\Program Files (x86)\Gammadyne
2020-01-04 10:48 - 2021-05-26 11:11 - 000000059 _____ () C:\Users\Utilisateur\AppData\Roaming\.clst
2020-01-04 10:43 - 2021-05-04 10:32 - 000000214 ____H () C:\Users\Utilisateur\AppData\Roaming\.cpref2
2021-05-12 23:27 - 2021-05-12 23:27 - 000009334 _____ () C:\Users\Utilisateur\AppData\Roaming\Microsoft Access 97-2003.EML
2021-03-28 00:48 - 2021-03-28 00:48 - 000009322 _____ () C:\Users\Utilisateur\AppData\Roaming\Microsoft Excel 97-2003.EML
2020-01-04 10:47 - 2021-05-26 11:11 - 000000122 ____H () C:\Users\Utilisateur\AppData\Roaming\net.api.cp
2020-01-20 00:31 - 2020-01-20 00:49 - 017895424 _____ () C:\Users\Utilisateur\AppData\Roaming\Sandra.mdb
2021-03-28 13:30 - 2021-03-28 13:30 - 000009352 _____ () C:\Users\Utilisateur\AppData\Roaming\Valeurs séparées par une tabulation (Windows).EML
2020-05-20 16:19 - 2020-05-20 16:19 - 000000099 _____ () C:\Users\Utilisateur\AppData\Local\fusioncache.dat
2020-01-06 22:09 - 2020-01-06 22:09 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2020-01-08 17:15 - 2015-09-21 01:30 - 003557000 _____ C:\WINDOWS\system32\BootMan.exe
2015-07-22 01:42 - 2015-07-22 01:42 - 000103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2020-01-04 15:54 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2020-01-04 15:54 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2020-01-04 15:54 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2020-01-04 15:54 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2020-01-04 15:54 - 2012-11-12 21:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2020-01-04 15:54 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2020-01-08 17:15 - 2014-11-18 15:46 - 000017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2020-01-08 09:53 - 2013-10-08 10:55 - 001988096 _____ C:\WINDOWS\system32\libmysql_e.dll
2020-01-08 17:15 - 2014-11-18 15:38 - 000101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2020-02-17 13:53 - 2016-09-29 10:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe
2020-01-16 00:01 - 2020-01-16 00:01 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2020-01-16 00:01 - 2020-01-16 00:01 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2020-01-08 17:15 - 2015-09-21 01:19 - 002658952 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2018-08-25 13:36 - 2018-08-25 13:36 - 009501184 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatAx-9.5.0-win32.dll
2006-02-28 13:41 - 2006-02-28 13:41 - 000061440 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dns-sd.exe
2006-02-28 13:41 - 2006-02-28 13:41 - 000053248 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dnssd.dll
2020-01-08 17:15 - 2014-11-18 15:46 - 000021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2009-01-28 03:00 - 2009-01-28 03:00 - 000086016 _____ (Exontrol Inc.) C:\WINDOWS\SysWOW64\ExTransparent.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JETCOMP.exe
2020-01-03 20:56 - 2015-08-03 11:06 - 001816064 _____ C:\WINDOWS\SysWOW64\libmysql_e.dll
2009-12-18 18:04 - 2009-12-18 18:04 - 000677888 _____ (AfterLogic Corporation) C:\WINDOWS\SysWOW64\MailBee.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexch35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000252688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 001050896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet35.dll
2000-04-26 13:35 - 2000-04-26 13:35 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 001238288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjt4jlt.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000168720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000250128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspdox35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000044304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrpfs35.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000166672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext35.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2000-04-26 13:34 - 2000-04-26 13:34 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbse35.dll
2004-11-18 10:16 - 2004-11-18 10:16 - 000069632 _____ () C:\WINDOWS\SysWOW64\nktwab.dll
2014-05-21 10:36 - 2014-05-21 10:36 - 000265797 _____ (Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\SysWOW64\pdvcodec.dll
2014-04-18 06:31 - 2014-04-18 06:31 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2020-01-08 17:15 - 2014-11-18 15:38 - 000088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2020-02-21 01:01 - 2011-12-14 21:21 - 000086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2007-03-21 21:54 - 2007-03-21 21:54 - 000077312 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWAIN_32.DLL
2007-03-21 21:54 - 2007-03-21 21:54 - 000048560 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_16.EXE
2007-03-21 21:54 - 2007-03-21 21:54 - 000069632 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_32.EXE
1998-06-18 00:00 - 1998-06-18 00:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2020-01-03 15:06 - 2006-04-26 22:05 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2000-07-15 01:00 - 2000-07-15 01:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2000-04-26 13:34 - 2000-04-26 13:34 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
2003-10-19 14:51 - 2003-10-19 14:51 - 000299008 _____ (Aivosto Oy) C:\WINDOWS\SysWOW64\vbwFunctionsVB6.dll
2010-03-14 02:09 - 2010-03-14 02:09 - 000028672 _____ (eDisplay srl) C:\WINDOWS\SysWOW64\WabWrapper.dll
2020-01-03 15:06 - 2007-02-21 02:59 - 000053248 _____ C:\WINDOWS\SysWOW64\ZLib.dll
2020-01-03 15:06 - 2005-05-08 17:56 - 000055808 _____ C:\WINDOWS\SysWOW64\zlib1.dll
2019-09-11 11:59 - 2011-01-03 15:50 - 000008192 _____ C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2021-06-10 23:11 - 2021-06-10 23:11 - 000401544 _____ (ICodeCompiler) C:\Users\Public\run.exe
2020-03-02 01:14 - 2020-03-02 01:14 - 003333504 _____ (Nicolas Coolman) C:\Users\Utilisateur\ZHPCleaner.exe
2021-06-12 15:22 - 2021-06-12 19:19 - 002300416 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRSTEnglish.exe
2020-01-04 15:51 - 2005-09-24 03:28 - 001638400 _____ (Microsoft Corporation) C:\Users\Utilisateur\Downloads\gdiplus.dll
2020-11-25 01:26 - 2020-11-25 01:26 - 019034776 _____ (Rodolfo U. Batista ) C:\Users\Utilisateur\Downloads\MacroCreator-setup2357.exe
2020-01-04 16:36 - 2020-01-04 16:36 - 025763945 _____ (The qBittorrent project) C:\Users\Utilisateur\Downloads\qbittorrent_4.2.1_x64_setup.exe
2020-01-03 17:08 - 2020-01-03 17:08 - 006519144 _____ (Igor Pavlov) C:\Users\Utilisateur\Downloads\wde.exe
2020-02-22 00:39 - 2020-02-22 00:39 - 008321966 _____ (Igor Pavlov) C:\Users\Utilisateur\Downloads\wdepro.exe
2021-02-07 21:17 - 2021-02-07 21:17 - 003342472 _____ (Nicolas Coolman) C:\Users\Utilisateur\Downloads\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {f68812c3-1bfd-11ea-b557-806e6f6e6963}
{16482549-016f-11ea-b54a-806e6f6e6963}
{4a37c68b-c257-11e9-8aa9-e122dece355d}
{f68812c2-1bfd-11ea-b557-806e6f6e6963}
{71a838b9-05fa-11ea-b54e-806e6f6e6963}
{e62e0d09-3219-11ea-b574-200db035e249}
{bootmgr}
{1648254d-016f-11ea-b54a-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {4a37c696-c257-11e9-8aa9-e122dece355d}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {16482549-016f-11ea-b54a-806e6f6e6963}
description Onboard NIC
Application logicielle (101fffff)
--------------------------------
identificateur {1648254d-016f-11ea-b54a-806e6f6e6963}
device partition=\Device\HarddiskVolume2
path \EFI\Boot\BOOTX64.EFI
description azm
Application logicielle (101fffff)
--------------------------------
identificateur {4a37c68b-c257-11e9-8aa9-e122dece355d}
description P0: PNY CS900 240GB SSD
Application logicielle (101fffff)
--------------------------------
identificateur {71a838b9-05fa-11ea-b54e-806e6f6e6963}
description CD/DVD/CD-RW Drive
Application logicielle (101fffff)
--------------------------------
identificateur {e62e0d09-3219-11ea-b574-200db035e249}
description P1: PNY CS900 960GB SSD
Application logicielle (101fffff)
--------------------------------
identificateur {f68812c2-1bfd-11ea-b557-806e6f6e6963}
description Diskette Drive
Application logicielle (101fffff)
--------------------------------
identificateur {f68812c3-1bfd-11ea-b557-806e6f6e6963}
device partition=\Device\HarddiskVolume2
path \EFI\Boot\BOOTX64.EFI
description USB Storage Device
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {4a37c699-c257-11e9-8aa9-e122dece355d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {4a37c696-c257-11e9-8aa9-e122dece355d}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {4a37c699-c257-11e9-8aa9-e122dece355d}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4a37c69a-c257-11e9-8aa9-e122dece355d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{4a37c69a-c257-11e9-8aa9-e122dece355d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {4a37c696-c257-11e9-8aa9-e122dece355d}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {4a37c699-c257-11e9-8aa9-e122dece355d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {4a37c69a-c257-11e9-8aa9-e122dece355d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================