Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Exécuté par Khawz69 (administrateur) sur KHAWZ (Dell Inc. XPS 8500) (24-07-2021 10:42:53)
Exécuté depuis C:\Users\Khawz69\Desktop
Profils chargés: Khawz69
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Atheros) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Khawz69\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OLYMPUS CORPORATION -> Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] () [Fichier non signé]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2017-07-26] (OLYMPUS CORPORATION -> Olympus Corporation)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé]
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2017-07-26] (OLYMPUS CORPORATION -> Olympus Corporation)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {3a80cfb3-d1c3-11eb-83d0-b8ca3a783471} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {8d7cf84c-f77c-11ea-83b4-b8ca3a783471} - "D:\AutoRun.exe"
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {b8d4487b-1482-11eb-83b8-b8ca3a783471} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-07-02] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-07-02] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-08-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Fichier non signé]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07BC4143-9A97-4879-A61D-7C725D9551C5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36559273-61F4-4DCB-8748-DF7D0DC207CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {466B1A0B-2810-4850-B973-7E746273DED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
Task: {49A6BA54-FEDE-44B8-ACCF-3E6A96AA109D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
Task: {4CAF4C99-25B6-47E0-888A-48316DEB59EE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {4CB1EE58-5C44-4EEB-93D5-41BC943A7BB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5676C4AA-A6CC-4898-86D0-99526074CC6E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {64B0B6B9-8969-420C-AD47-7B2820D021BF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000 2012-12-03] (CyberLink Corp. -> CyberLink Corp.)
Task: {66BF4472-B060-418D-9D66-4000236F7512} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {716006D5-E0FC-41D3-94C0-4ADF10D37EAF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-12-03] (CyberLink Corp. -> CyberLink)
Task: {7BE6E975-DEBD-4392-B3F0-703DF86B522A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F4B285F-3DC8-4971-819E-1BC9E6DACF5F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9AF3A592-5092-4B6A-B9D0-C90EEFE15140} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C41A5EC-F56C-455E-905E-295D7F84B133} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {AB195B0F-664C-4714-AD42-42D887E489AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BAAFFABC-35D8-40B2-9614-6C5118881619} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {CD63DEE5-B5A4-4492-90B4-75A74696618C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {E675B64B-AC1B-4DEF-A2C4-F58D338CC0A9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {EC0B6EFB-23D5-47C0-849D-B0F7182E445C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07693bb6-5afa-4768-9262-c2fe72cf7524}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{32efa2e8-6ccb-400e-89bb-6caec7db096e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d77915f9-f718-4f41-a895-c305fe578f2c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Khawz69\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Khawz69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\Khawz69\AppData\Roaming\Mozilla\Firefox\Profiles\pnev8hbc.default [2021-07-21]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin HKU\S-1-5-21-2674136099-1465707868-1948928903-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default [2021-07-24]
CHR StartupUrls: Default -> "hxxps://www.instagram.com/explore/tags/goin/","hxxps://www.instagram.com/explore/tags/goinart/","hxxp://www.jeuxvideo.com/ps4-playstation-4.htm"
CHR Extension: (Slides) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (YouTube) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-21]
CHR Extension: (Sheets) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-08]
CHR Extension: (Save to Facebook) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (VPN Avast SecureLine) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2020-10-16]
CHR Extension: (Gmail) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-21]
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-21]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> )
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Techporch Incorporated -> Dell Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-07] (Huawei Technologies Co., Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] (CyberLink -> )
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-24 10:42 - 2021-07-24 10:44 - 000023322 _____ C:\Users\Khawz69\Desktop\FRST.txt
2021-07-24 10:42 - 2021-07-24 10:43 - 000000000 ____D C:\FRST
2021-07-24 10:41 - 2021-07-24 10:41 - 002300416 _____ (Farbar) C:\Users\Khawz69\Desktop\FRST64.exe
2021-07-24 10:16 - 2021-07-24 10:16 - 000337552 _____ C:\Users\Khawz69\Desktop\ZHPDiag.txt
2021-07-24 10:10 - 2021-07-24 10:10 - 000000906 _____ C:\Users\Khawz69\Desktop\ZHPSuite.lnk
2021-07-24 10:10 - 2021-07-24 10:10 - 000000000 ____D C:\Users\Khawz69\AppData\Local\ZHP
2021-07-24 10:07 - 2021-07-24 10:07 - 003473048 _____ (Nicolas Coolman) C:\Users\Khawz69\Desktop\ZHPSuite.exe
2021-07-23 18:14 - 2021-07-24 10:21 - 000000000 ____D C:\Users\Khawz69\AppData\LocalLow\IGDump
2021-07-22 17:12 - 2021-07-22 17:12 - 000000000 _____ C:\WINDOWS\invcol.tmp
2021-07-21 11:18 - 2021-07-21 11:20 - 871296867 _____ C:\Users\Khawz69\Downloads\wetransfer-1ab4f0.zip
2021-07-17 21:01 - 2021-07-17 21:01 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-15 19:06 - 2021-07-15 19:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-15 19:06 - 2021-07-15 19:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 19:05 - 2021-07-15 19:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-13 11:06 - 2021-07-17 21:02 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-10 01:33 - 2021-07-10 01:33 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-10 01:33 - 2021-07-10 01:33 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-10 01:33 - 2021-07-10 01:33 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-10 01:32 - 2021-07-10 01:32 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-10 01:32 - 2021-07-10 01:32 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-10 01:32 - 2021-07-10 01:32 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-10 01:32 - 2021-07-10 01:32 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-09 20:28 - 2021-07-08 21:19 - 000123564 _____ C:\Users\Khawz69\Desktop\nitroppresnitroploin_716739931765517.pdf
2021-07-09 20:09 - 2021-07-09 20:23 - 3938554707 _____ C:\Users\Khawz69\Downloads\facebook-DarwinThomas69 (1).zip
2021-07-09 19:30 - 2021-07-09 19:38 - 2896452805 _____ C:\Users\Khawz69\Downloads\facebook-DarwinThomas69.zip
2021-07-08 20:24 - 2021-07-08 20:24 - 000840387 _____ C:\Users\Khawz69\Downloads\téléchargement.htm
2021-07-08 19:30 - 2021-07-08 19:33 - 430613870 _____ C:\Users\Khawz69\Downloads\wetransfer-a30f2a.zip
2021-07-08 19:30 - 2021-07-08 19:33 - 421856368 _____ C:\Users\Khawz69\Downloads\wetransfer-56be00.zip
2021-07-07 10:27 - 2021-07-07 10:27 - 000050341 _____ C:\Users\Khawz69\Downloads\Thomas-Bouchex-Bellomie.pdf
2021-06-26 03:37 - 2021-06-26 03:37 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-17 21:01 - 2021-06-17 21:01 - 003612913 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t WLC User Manual_ANC_FR_French_RevA.pdf
2021-06-17 20:59 - 2021-06-17 20:59 - 001143545 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t standard DS A4 010920 FR.pdf
2021-06-17 20:59 - 2021-06-17 20:59 - 000328490 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t standard Techspec A4 010920 FR.pdf
2021-06-16 10:00 - 2021-06-16 10:00 - 000234419 _____ C:\Users\Khawz69\Downloads\Démission Roseau.pdf
2021-06-11 20:53 - 2021-06-11 20:53 - 000167650 _____ C:\Users\Khawz69\Downloads\billets-23464921.pdf
2021-06-10 20:38 - 2021-06-10 20:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 20:38 - 2021-06-10 20:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 20:37 - 2021-06-10 20:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 20:37 - 2021-06-10 20:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 20:37 - 2021-06-10 20:37 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 20:37 - 2021-06-10 20:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-10 20:36 - 2021-06-10 20:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 20:36 - 2021-06-10 20:36 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 19:51 - 2021-06-08 19:51 - 000167680 _____ C:\Users\Khawz69\Downloads\billet 23464921 - thomas bouchex.pdf
2021-05-25 21:09 - 2021-05-25 21:16 - 497453231 _____ C:\Users\Khawz69\Downloads\wetransfer-f593a0.zip
2021-05-25 21:09 - 2021-05-25 21:16 - 431099579 _____ C:\Users\Khawz69\Downloads\wetransfer-84a372.zip
2021-05-25 21:09 - 2021-05-25 21:15 - 487039577 _____ C:\Users\Khawz69\Downloads\wetransfer-17146d.zip
2021-05-13 20:59 - 2021-05-13 20:59 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 20:59 - 2021-05-13 20:59 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 20:36 - 2021-05-13 20:36 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 20:35 - 2021-05-13 20:35 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 20:35 - 2021-05-13 20:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-05 19:30 - 2021-07-22 17:56 - 000000000 ____D C:\Users\Khawz69\Desktop\Spots
2021-04-30 19:53 - 2021-04-30 19:53 - 000172578 _____ C:\Users\Khawz69\Downloads\THOMAS BOUCHEX-BELLOMIE_Bulletin de paie du 2021-03-31.pdf
2021-04-30 19:50 - 2021-04-30 19:50 - 000174709 _____ C:\Users\Khawz69\Downloads\Bulletin de paie du 2020-12-31.pdf
2021-04-30 19:24 - 2021-04-30 19:24 - 000005643 _____ C:\Users\Khawz69\Downloads\bulletin-de-paie-decembre-2019.pdf
2021-04-30 18:46 - 2021-04-30 18:46 - 000149334 _____ C:\Users\Khawz69\Downloads\3cd090b0-a017-44af-8ea5-5281c06f3b7b.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-24 10:40 - 2020-07-26 23:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-24 10:38 - 2013-05-21 18:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-24 10:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-24 10:16 - 2015-03-05 20:49 - 000000000 ____D C:\Users\Khawz69\AppData\Roaming\ZHP
2021-07-24 10:02 - 2014-09-11 19:28 - 000000000 ____D C:\Program Files\CCleaner
2021-07-24 00:33 - 2020-07-26 20:54 - 000000000 ____D C:\Users\Khawz69
2021-07-24 00:33 - 2017-07-14 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-23 18:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-23 18:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-23 18:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-23 18:12 - 2020-07-26 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-23 18:12 - 2020-07-26 23:24 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-22 17:14 - 2020-06-19 10:54 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-21 12:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-21 11:34 - 2020-07-18 10:29 - 000000000 ____D C:\Users\Khawz69\Desktop\Graffs Street Art Publiés
2021-07-21 10:00 - 2019-07-13 11:41 - 000000000 ____D C:\Users\Khawz69\Desktop\CCleaner
2021-07-21 09:45 - 2020-07-26 23:45 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 18:48 - 2020-07-26 23:45 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2674136099-1465707868-1948928903-1002
2021-07-20 18:48 - 2020-07-26 20:54 - 000002466 _____ C:\Users\Khawz69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-20 18:48 - 2016-01-25 20:50 - 000000000 ___RD C:\Users\Khawz69\OneDrive
2021-07-18 21:16 - 2020-07-26 23:35 - 001772790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-18 21:16 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-18 21:16 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-18 21:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-18 21:14 - 2014-04-11 00:06 - 000000000 ____D C:\Users\Khawz69\AppData\Local\ElevatedDiagnostics
2021-07-17 21:02 - 2020-08-12 00:39 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-16 08:33 - 2020-07-26 23:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 08:33 - 2020-07-26 23:45 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 23:32 - 2020-07-26 23:25 - 000360864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-15 23:31 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-15 19:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-15 15:09 - 2013-08-14 22:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-15 15:04 - 2013-05-22 19:02 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-09 20:39 - 2020-02-24 21:42 - 000000000 ___RD C:\Users\Khawz69\Desktop\Musique
2021-07-04 17:42 - 2018-03-01 20:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-30 09:25 - 2020-07-26 23:45 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 09:25 - 2020-07-26 23:45 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-24 20:03 - 2015-09-20 16:29 - 000000000 ____D C:\Users\Khawz69\AppData\LocalLow\Temp
==================== Fichiers à la racine de certains dossiers ========
2015-07-12 18:03 - 2015-12-02 21:01 - 001904640 _____ () C:\Users\Khawz69\ZHPCleaner.exe
2015-07-12 19:40 - 2015-07-12 19:40 - 001827840 _____ () C:\Users\Khawz69\ZHPDiag3.exe
2014-04-25 20:39 - 2015-06-30 14:54 - 000000190 _____ () C:\Users\Khawz69\AppData\Roaming\WB.CFG
2020-04-19 13:40 - 2020-04-19 13:40 - 000001041 _____ () C:\Users\Khawz69\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2005-09-23 01:39 - 2005-09-23 01:39 - 000894976 _____ (Microsoft Corporation) C:\msdia80.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-08-22 13:45 - 2013-08-22 13:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 13:43 - 2013-08-22 13:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
2012-07-02 19:28 - 2012-07-02 19:28 - 000361088 _____ (Qualcomm Atheros Commnucations) C:\WINDOWS\system32\AthCredentialProvider.dll
2016-07-13 15:33 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-11 21:02 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2015-03-11 21:42 - 2014-10-29 03:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2015-03-11 21:46 - 2014-10-29 03:54 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2017-05-10 20:31 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2014-10-31 16:15 - 2014-07-10 06:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-01-31 19:31 - 2013-01-23 11:31 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsX64.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2015-06-10 19:29 - 2015-05-25 15:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-04-15 11:05 - 2015-03-14 03:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2013-08-22 06:17 - 2013-08-22 06:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll
2018-02-22 18:38 - 2005-09-23 00:07 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl80.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
1999-02-16 21:38 - 1999-02-16 21:38 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EXSEC32.DLL
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
1999-01-12 20:54 - 1999-01-12 20:54 - 001109264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
1999-03-29 13:11 - 1999-03-29 13:11 - 000029456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL
1998-09-22 18:26 - 1998-09-22 18:26 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMESHARE.DLL
2017-03-15 22:07 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2012-04-20 13:59 - 2012-04-20 13:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
1999-04-06 13:45 - 1999-04-06 13:45 - 000523840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL
1999-04-06 13:43 - 1999-04-06 13:43 - 000041232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE
1999-03-03 20:05 - 1999-03-03 20:05 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MDT2FW95.DLL
1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42FRA.DLL
2018-02-22 18:38 - 2005-09-23 02:16 - 001079808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc80u.dll
2015-10-30 09:19 - 2016-09-14 09:31 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 09:31 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
1997-07-11 09:00 - 1997-07-11 09:00 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000010544 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT16.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000022016 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT32.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000120320 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMUSIC.DLL
1999-04-06 18:06 - 1999-04-06 18:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPRPFR.DLL
1998-09-17 07:20 - 1998-09-17 07:20 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
1999-01-22 20:46 - 1999-01-22 20:46 - 000065536 _____ () C:\WINDOWS\SysWOW64\MSRTEDIT.DLL
1998-08-09 19:07 - 1998-08-09 19:07 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2013-05-15 19:22 - 2013-05-15 19:22 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2018-02-22 18:38 - 2005-09-23 00:05 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2015-11-20 11:45 - 2015-11-20 11:45 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2013-05-15 19:22 - 2013-05-15 19:22 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2018-02-22 18:38 - 2005-09-23 00:05 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2003-04-18 17:46 - 2003-04-18 17:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 17:29 - 2003-04-18 17:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
1999-02-04 22:09 - 1999-02-04 22:09 - 000057393 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OUTLWAB.DLL
1998-12-09 03:53 - 1998-12-09 03:53 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL
2011-02-11 23:23 - 2015-08-21 12:15 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
1998-09-17 07:20 - 1998-09-17 07:20 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
2016-04-26 10:20 - 2016-04-26 10:20 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
1998-03-25 05:54 - 1998-03-25 05:54 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL
2014-04-25 19:15 - 2010-08-30 08:34 - 000536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
1999-03-03 14:50 - 1999-03-03 14:50 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
1998-12-24 20:23 - 1998-12-24 20:23 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAME.DLL
2015-07-12 18:03 - 2015-12-02 21:01 - 001904640 _____ C:\Users\Khawz69\ZHPCleaner.exe
2015-07-12 19:40 - 2015-07-12 19:40 - 001827840 _____ C:\Users\Khawz69\ZHPDiag3.exe
2021-07-24 10:41 - 2021-07-24 10:41 - 002300416 _____ (Farbar) C:\Users\Khawz69\Desktop\FRST64.exe
2021-07-24 10:07 - 2021-07-24 10:07 - 003473048 _____ (Nicolas Coolman) C:\Users\Khawz69\Desktop\ZHPSuite.exe
2020-06-15 20:49 - 2020-06-15 20:49 - 005202180 _____ C:\Users\Khawz69\Downloads\pf7-setup-fr-7.2.1.exe
2020-06-15 20:49 - 2020-06-15 20:49 - 000408672 _____ C:\Users\Khawz69\Downloads\Photofiltre_inst.exe
2017-01-22 18:59 - 2017-01-22 19:05 - 185904039 _____ (Abandonware-France ) C:\Users\Khawz69\Downloads\Setup-00691-DiscworldCD-PCDOS.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {f10af084-cf85-11ea-83a5-b8ca3a783471}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {34cb23c8-dbe6-11e7-949c-c23aa42d22aa}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{34cb23c9-dbe6-11e7-949c-c23aa42d22aa}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{34cb23c9-dbe6-11e7-949c-c23aa42d22aa}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {f10af087-cf85-11ea-83a5-b8ca3a783471}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {f10af084-cf85-11ea-83a5-b8ca3a783471}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {f10af087-cf85-11ea-83a5-b8ca3a783471}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{f10af088-cf85-11ea-83a5-b8ca3a783471}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{f10af088-cf85-11ea-83a5-b8ca3a783471}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {f10af084-cf85-11ea-83a5-b8ca3a783471}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {f10af087-cf85-11ea-83a5-b8ca3a783471}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {f10af088-cf85-11ea-83a5-b8ca3a783471}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Khawz69 (administrateur) sur KHAWZ (Dell Inc. XPS 8500) (24-07-2021 10:42:53)
Exécuté depuis C:\Users\Khawz69\Desktop
Profils chargés: Khawz69
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Atheros) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Khawz69\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OLYMPUS CORPORATION -> Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] () [Fichier non signé]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2017-07-26] (OLYMPUS CORPORATION -> Olympus Corporation)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc. -> Fitbit, Inc.) [Fichier non signé]
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2017-07-26] (OLYMPUS CORPORATION -> Olympus Corporation)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {3a80cfb3-d1c3-11eb-83d0-b8ca3a783471} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {8d7cf84c-f77c-11ea-83b4-b8ca3a783471} - "D:\AutoRun.exe"
HKU\S-1-5-21-2674136099-1465707868-1948928903-1002\...\MountPoints2: {b8d4487b-1482-11eb-83b8-b8ca3a783471} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-07-02] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-07-02] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-08-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Fichier non signé]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07BC4143-9A97-4879-A61D-7C725D9551C5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36559273-61F4-4DCB-8748-DF7D0DC207CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {466B1A0B-2810-4850-B973-7E746273DED8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
Task: {49A6BA54-FEDE-44B8-ACCF-3E6A96AA109D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
Task: {4CAF4C99-25B6-47E0-888A-48316DEB59EE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {4CB1EE58-5C44-4EEB-93D5-41BC943A7BB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5676C4AA-A6CC-4898-86D0-99526074CC6E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {64B0B6B9-8969-420C-AD47-7B2820D021BF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000 2012-12-03] (CyberLink Corp. -> CyberLink Corp.)
Task: {66BF4472-B060-418D-9D66-4000236F7512} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {716006D5-E0FC-41D3-94C0-4ADF10D37EAF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-12-03] (CyberLink Corp. -> CyberLink)
Task: {7BE6E975-DEBD-4392-B3F0-703DF86B522A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F4B285F-3DC8-4971-819E-1BC9E6DACF5F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9AF3A592-5092-4B6A-B9D0-C90EEFE15140} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C41A5EC-F56C-455E-905E-295D7F84B133} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {AB195B0F-664C-4714-AD42-42D887E489AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BAAFFABC-35D8-40B2-9614-6C5118881619} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {CD63DEE5-B5A4-4492-90B4-75A74696618C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {E675B64B-AC1B-4DEF-A2C4-F58D338CC0A9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {EC0B6EFB-23D5-47C0-849D-B0F7182E445C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07693bb6-5afa-4768-9262-c2fe72cf7524}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{32efa2e8-6ccb-400e-89bb-6caec7db096e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d77915f9-f718-4f41-a895-c305fe578f2c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Khawz69\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Khawz69\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\Khawz69\AppData\Roaming\Mozilla\Firefox\Profiles\pnev8hbc.default [2021-07-21]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin HKU\S-1-5-21-2674136099-1465707868-1948928903-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-10-24] (Sony Network Entertainment International LLC) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default [2021-07-24]
CHR StartupUrls: Default -> "hxxps://www.instagram.com/explore/tags/goin/","hxxps://www.instagram.com/explore/tags/goinart/","hxxp://www.jeuxvideo.com/ps4-playstation-4.htm"
CHR Extension: (Slides) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (YouTube) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-21]
CHR Extension: (Sheets) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-08]
CHR Extension: (Save to Facebook) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (VPN Avast SecureLine) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2020-10-16]
CHR Extension: (Gmail) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-21]
CHR Profile: C:\Users\Khawz69\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-21]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> )
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Techporch Incorporated -> Dell Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-07] (Huawei Technologies Co., Ltd. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] (CyberLink -> )
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-26] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-17] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-24 10:42 - 2021-07-24 10:44 - 000023322 _____ C:\Users\Khawz69\Desktop\FRST.txt
2021-07-24 10:42 - 2021-07-24 10:43 - 000000000 ____D C:\FRST
2021-07-24 10:41 - 2021-07-24 10:41 - 002300416 _____ (Farbar) C:\Users\Khawz69\Desktop\FRST64.exe
2021-07-24 10:16 - 2021-07-24 10:16 - 000337552 _____ C:\Users\Khawz69\Desktop\ZHPDiag.txt
2021-07-24 10:10 - 2021-07-24 10:10 - 000000906 _____ C:\Users\Khawz69\Desktop\ZHPSuite.lnk
2021-07-24 10:10 - 2021-07-24 10:10 - 000000000 ____D C:\Users\Khawz69\AppData\Local\ZHP
2021-07-24 10:07 - 2021-07-24 10:07 - 003473048 _____ (Nicolas Coolman) C:\Users\Khawz69\Desktop\ZHPSuite.exe
2021-07-23 18:14 - 2021-07-24 10:21 - 000000000 ____D C:\Users\Khawz69\AppData\LocalLow\IGDump
2021-07-22 17:12 - 2021-07-22 17:12 - 000000000 _____ C:\WINDOWS\invcol.tmp
2021-07-21 11:18 - 2021-07-21 11:20 - 871296867 _____ C:\Users\Khawz69\Downloads\wetransfer-1ab4f0.zip
2021-07-17 21:01 - 2021-07-17 21:01 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-17 21:01 - 2021-07-17 21:01 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-15 19:06 - 2021-07-15 19:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-15 19:06 - 2021-07-15 19:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 19:06 - 2021-07-15 19:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 19:05 - 2021-07-15 19:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-13 11:06 - 2021-07-17 21:02 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-10 01:33 - 2021-07-10 01:33 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-10 01:33 - 2021-07-10 01:33 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-10 01:33 - 2021-07-10 01:33 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-10 01:33 - 2021-07-10 01:33 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-10 01:32 - 2021-07-10 01:32 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-10 01:32 - 2021-07-10 01:32 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-10 01:32 - 2021-07-10 01:32 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-10 01:32 - 2021-07-10 01:32 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-09 20:28 - 2021-07-08 21:19 - 000123564 _____ C:\Users\Khawz69\Desktop\nitroppresnitroploin_716739931765517.pdf
2021-07-09 20:09 - 2021-07-09 20:23 - 3938554707 _____ C:\Users\Khawz69\Downloads\facebook-DarwinThomas69 (1).zip
2021-07-09 19:30 - 2021-07-09 19:38 - 2896452805 _____ C:\Users\Khawz69\Downloads\facebook-DarwinThomas69.zip
2021-07-08 20:24 - 2021-07-08 20:24 - 000840387 _____ C:\Users\Khawz69\Downloads\téléchargement.htm
2021-07-08 19:30 - 2021-07-08 19:33 - 430613870 _____ C:\Users\Khawz69\Downloads\wetransfer-a30f2a.zip
2021-07-08 19:30 - 2021-07-08 19:33 - 421856368 _____ C:\Users\Khawz69\Downloads\wetransfer-56be00.zip
2021-07-07 10:27 - 2021-07-07 10:27 - 000050341 _____ C:\Users\Khawz69\Downloads\Thomas-Bouchex-Bellomie.pdf
2021-06-26 03:37 - 2021-06-26 03:37 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-17 21:01 - 2021-06-17 21:01 - 003612913 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t WLC User Manual_ANC_FR_French_RevA.pdf
2021-06-17 20:59 - 2021-06-17 20:59 - 001143545 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t standard DS A4 010920 FR.pdf
2021-06-17 20:59 - 2021-06-17 20:59 - 000328490 _____ C:\Users\Khawz69\Downloads\Jabra Elite 75t standard Techspec A4 010920 FR.pdf
2021-06-16 10:00 - 2021-06-16 10:00 - 000234419 _____ C:\Users\Khawz69\Downloads\Démission Roseau.pdf
2021-06-11 20:53 - 2021-06-11 20:53 - 000167650 _____ C:\Users\Khawz69\Downloads\billets-23464921.pdf
2021-06-10 20:38 - 2021-06-10 20:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 20:38 - 2021-06-10 20:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 20:37 - 2021-06-10 20:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 20:37 - 2021-06-10 20:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 20:37 - 2021-06-10 20:37 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 20:37 - 2021-06-10 20:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-10 20:36 - 2021-06-10 20:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 20:36 - 2021-06-10 20:36 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 20:36 - 2021-06-10 20:36 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 19:51 - 2021-06-08 19:51 - 000167680 _____ C:\Users\Khawz69\Downloads\billet 23464921 - thomas bouchex.pdf
2021-05-25 21:09 - 2021-05-25 21:16 - 497453231 _____ C:\Users\Khawz69\Downloads\wetransfer-f593a0.zip
2021-05-25 21:09 - 2021-05-25 21:16 - 431099579 _____ C:\Users\Khawz69\Downloads\wetransfer-84a372.zip
2021-05-25 21:09 - 2021-05-25 21:15 - 487039577 _____ C:\Users\Khawz69\Downloads\wetransfer-17146d.zip
2021-05-13 20:59 - 2021-05-13 20:59 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 20:59 - 2021-05-13 20:59 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 20:36 - 2021-05-13 20:36 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 20:35 - 2021-05-13 20:35 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 20:35 - 2021-05-13 20:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-05 19:30 - 2021-07-22 17:56 - 000000000 ____D C:\Users\Khawz69\Desktop\Spots
2021-04-30 19:53 - 2021-04-30 19:53 - 000172578 _____ C:\Users\Khawz69\Downloads\THOMAS BOUCHEX-BELLOMIE_Bulletin de paie du 2021-03-31.pdf
2021-04-30 19:50 - 2021-04-30 19:50 - 000174709 _____ C:\Users\Khawz69\Downloads\Bulletin de paie du 2020-12-31.pdf
2021-04-30 19:24 - 2021-04-30 19:24 - 000005643 _____ C:\Users\Khawz69\Downloads\bulletin-de-paie-decembre-2019.pdf
2021-04-30 18:46 - 2021-04-30 18:46 - 000149334 _____ C:\Users\Khawz69\Downloads\3cd090b0-a017-44af-8ea5-5281c06f3b7b.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-24 10:40 - 2020-07-26 23:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-24 10:38 - 2013-05-21 18:36 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-24 10:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-24 10:16 - 2015-03-05 20:49 - 000000000 ____D C:\Users\Khawz69\AppData\Roaming\ZHP
2021-07-24 10:02 - 2014-09-11 19:28 - 000000000 ____D C:\Program Files\CCleaner
2021-07-24 00:33 - 2020-07-26 20:54 - 000000000 ____D C:\Users\Khawz69
2021-07-24 00:33 - 2017-07-14 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-23 18:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-23 18:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-23 18:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-23 18:12 - 2020-07-26 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-23 18:12 - 2020-07-26 23:24 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-22 17:14 - 2020-06-19 10:54 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-21 12:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-21 11:34 - 2020-07-18 10:29 - 000000000 ____D C:\Users\Khawz69\Desktop\Graffs Street Art Publiés
2021-07-21 10:00 - 2019-07-13 11:41 - 000000000 ____D C:\Users\Khawz69\Desktop\CCleaner
2021-07-21 09:45 - 2020-07-26 23:45 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 18:48 - 2020-07-26 23:45 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2674136099-1465707868-1948928903-1002
2021-07-20 18:48 - 2020-07-26 20:54 - 000002466 _____ C:\Users\Khawz69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-20 18:48 - 2016-01-25 20:50 - 000000000 ___RD C:\Users\Khawz69\OneDrive
2021-07-18 21:16 - 2020-07-26 23:35 - 001772790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-18 21:16 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-18 21:16 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-18 21:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-18 21:14 - 2014-04-11 00:06 - 000000000 ____D C:\Users\Khawz69\AppData\Local\ElevatedDiagnostics
2021-07-17 21:02 - 2020-08-12 00:39 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-16 08:33 - 2020-07-26 23:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 08:33 - 2020-07-26 23:45 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 23:32 - 2020-07-26 23:25 - 000360864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-15 23:31 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-15 23:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-15 19:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-15 15:09 - 2013-08-14 22:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-15 15:04 - 2013-05-22 19:02 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-10 03:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-09 20:39 - 2020-02-24 21:42 - 000000000 ___RD C:\Users\Khawz69\Desktop\Musique
2021-07-04 17:42 - 2018-03-01 20:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-30 09:25 - 2020-07-26 23:45 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 09:25 - 2020-07-26 23:45 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-24 20:03 - 2015-09-20 16:29 - 000000000 ____D C:\Users\Khawz69\AppData\LocalLow\Temp
==================== Fichiers à la racine de certains dossiers ========
2015-07-12 18:03 - 2015-12-02 21:01 - 001904640 _____ () C:\Users\Khawz69\ZHPCleaner.exe
2015-07-12 19:40 - 2015-07-12 19:40 - 001827840 _____ () C:\Users\Khawz69\ZHPDiag3.exe
2014-04-25 20:39 - 2015-06-30 14:54 - 000000190 _____ () C:\Users\Khawz69\AppData\Roaming\WB.CFG
2020-04-19 13:40 - 2020-04-19 13:40 - 000001041 _____ () C:\Users\Khawz69\AppData\Local\recently-used.xbel
==================== SigCheckExt =========================
2005-09-23 01:39 - 2005-09-23 01:39 - 000894976 _____ (Microsoft Corporation) C:\msdia80.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-08-22 13:45 - 2013-08-22 13:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 13:43 - 2013-08-22 13:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
2012-07-02 19:28 - 2012-07-02 19:28 - 000361088 _____ (Qualcomm Atheros Commnucations) C:\WINDOWS\system32\AthCredentialProvider.dll
2016-07-13 15:33 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-11 21:02 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2015-03-11 21:42 - 2014-10-29 03:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2015-03-11 21:46 - 2014-10-29 03:54 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2017-05-10 20:31 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2014-10-31 16:15 - 2014-07-10 06:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-01-31 19:31 - 2013-01-23 11:31 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsX64.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2015-06-10 19:29 - 2015-05-25 15:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-04-15 11:05 - 2015-03-14 03:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2013-08-22 06:17 - 2013-08-22 06:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll
2018-02-22 18:38 - 2005-09-23 00:07 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl80.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
1999-02-16 21:38 - 1999-02-16 21:38 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EXSEC32.DLL
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
1999-01-12 20:54 - 1999-01-12 20:54 - 001109264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
1999-03-29 13:11 - 1999-03-29 13:11 - 000029456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL
1998-09-22 18:26 - 1998-09-22 18:26 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMESHARE.DLL
2017-03-15 22:07 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2012-04-20 13:59 - 2012-04-20 13:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
1999-04-06 13:45 - 1999-04-06 13:45 - 000523840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL
1999-04-06 13:43 - 1999-04-06 13:43 - 000041232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE
1999-03-03 20:05 - 1999-03-03 20:05 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MDT2FW95.DLL
1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42FRA.DLL
2018-02-22 18:38 - 2005-09-23 02:16 - 001079808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc80u.dll
2015-10-30 09:19 - 2016-09-14 09:31 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 09:31 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
1997-07-11 09:00 - 1997-07-11 09:00 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000010544 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT16.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000022016 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT32.DLL
1997-07-11 09:00 - 1997-07-11 09:00 - 000120320 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMUSIC.DLL
1999-04-06 18:06 - 1999-04-06 18:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPRPFR.DLL
1998-09-17 07:20 - 1998-09-17 07:20 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
1999-01-22 20:46 - 1999-01-22 20:46 - 000065536 _____ () C:\WINDOWS\SysWOW64\MSRTEDIT.DLL
1998-08-09 19:07 - 1998-08-09 19:07 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2013-05-15 19:22 - 2013-05-15 19:22 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2018-02-22 18:38 - 2005-09-23 00:05 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2015-11-20 11:45 - 2015-11-20 11:45 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2013-05-15 19:22 - 2013-05-15 19:22 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2018-02-22 18:38 - 2005-09-23 00:05 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2003-04-18 17:46 - 2003-04-18 17:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 17:29 - 2003-04-18 17:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
1999-02-04 22:09 - 1999-02-04 22:09 - 000057393 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OUTLWAB.DLL
1998-12-09 03:53 - 1998-12-09 03:53 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL
2011-02-11 23:23 - 2015-08-21 12:15 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
1998-09-17 07:20 - 1998-09-17 07:20 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
2016-04-26 10:20 - 2016-04-26 10:20 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
1998-03-25 05:54 - 1998-03-25 05:54 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL
2014-04-25 19:15 - 2010-08-30 08:34 - 000536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
1999-03-03 14:50 - 1999-03-03 14:50 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
1998-12-24 20:23 - 1998-12-24 20:23 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAME.DLL
2015-07-12 18:03 - 2015-12-02 21:01 - 001904640 _____ C:\Users\Khawz69\ZHPCleaner.exe
2015-07-12 19:40 - 2015-07-12 19:40 - 001827840 _____ C:\Users\Khawz69\ZHPDiag3.exe
2021-07-24 10:41 - 2021-07-24 10:41 - 002300416 _____ (Farbar) C:\Users\Khawz69\Desktop\FRST64.exe
2021-07-24 10:07 - 2021-07-24 10:07 - 003473048 _____ (Nicolas Coolman) C:\Users\Khawz69\Desktop\ZHPSuite.exe
2020-06-15 20:49 - 2020-06-15 20:49 - 005202180 _____ C:\Users\Khawz69\Downloads\pf7-setup-fr-7.2.1.exe
2020-06-15 20:49 - 2020-06-15 20:49 - 000408672 _____ C:\Users\Khawz69\Downloads\Photofiltre_inst.exe
2017-01-22 18:59 - 2017-01-22 19:05 - 185904039 _____ (Abandonware-France ) C:\Users\Khawz69\Downloads\Setup-00691-DiscworldCD-PCDOS.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {f10af084-cf85-11ea-83a5-b8ca3a783471}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {34cb23c8-dbe6-11e7-949c-c23aa42d22aa}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{34cb23c9-dbe6-11e7-949c-c23aa42d22aa}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{34cb23c9-dbe6-11e7-949c-c23aa42d22aa}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {f10af087-cf85-11ea-83a5-b8ca3a783471}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {f10af084-cf85-11ea-83a5-b8ca3a783471}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {f10af087-cf85-11ea-83a5-b8ca3a783471}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{f10af088-cf85-11ea-83a5-b8ca3a783471}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{f10af088-cf85-11ea-83a5-b8ca3a783471}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {f10af084-cf85-11ea-83a5-b8ca3a783471}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {f10af087-cf85-11ea-83a5-b8ca3a783471}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {f10af088-cf85-11ea-83a5-b8ca3a783471}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================