Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Exécuté par dthav (administrateur) sur DESKTOP-6FEQG1D (Micro-Star International Co., Ltd. MS-7B45) (31-10-2021 10:55:23)
Exécuté depuis C:\Users\dthav\OneDrive\Bureau
Profils chargés: dthav
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1288 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.6.1\ABService.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000232 2021-10-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-30] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {19D0152B-2873-45C9-B750-90E8CB517370} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {1A82B752-50D5-4C91-9F4B-CD8C30C80B57} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-30] (Google LLC -> Google LLC)
Task: {403305CA-C0B7-4B77-8017-CEE431CED728} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {493AFFE0-75A2-46A8-9257-C8E86FFB1DDE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {511F04E1-250B-4CB1-A92A-B126E11C2713} - System32\Tasks\CCleanerSkipUAC - dthav => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {658895BC-4810-4F3C-8F40-4D2E617E63DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-30] (Google LLC -> Google LLC)
Task: {87D57413-075D-41B3-B275-2815926E51A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {8A3E3739-F98E-4F98-A42D-D57041DF8D54} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20140136 2021-10-30] (Goversoft LLC -> Goversoft LLC)
Task: {B1A79810-22F9-4721-BAEC-C5A2CE95F8BF} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [30230360 2021-10-07] (ADLICE (ASCOET JULIEN) -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e75ff8d0-9f8a-497b-8a35-032d4e607b31}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-31]
Edge Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-26]
Edge HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0hxpkp5n.default
FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\0hxpkp5n.default [2021-10-30]
FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release [2021-10-31]
FF Homepage: Mozilla\Firefox\Profiles\kktwelt6.default-release -> hxxps//www.gurumed.org/
FF Extension: (AdBlocker Ultimate) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-09-15]
FF Extension: (uBlock Origin) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (EPUBReader) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2021-10-13]
FF Extension: (Beach) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2021-07-08]
FF Extension: (Web of Trust) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-07-08]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-08-14] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-08-14] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default [2021-10-30]
CHR Extension: (Slides) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-30]
CHR Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-23]
CHR Extension: (Docs) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-30]
CHR Extension: (Google Drive) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-30]
CHR Extension: (YouTube) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-30]
CHR Extension: (Sheets) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-30]
CHR Extension: (Gmail) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-30]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.6.1\ABService.exe [1092656 2021-09-29] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-09-29] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [368360 2021-09-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7826104 2021-10-30] (Malwarebytes Inc -> Malwarebytes)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NahimicService; "%SystemRoot%\system32\NahimicService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2021-10-09] (AOMEI International Network Limited -> )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-09] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [265176 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [315032 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [113952 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [225648 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-30] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2020-10-13] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Nahimic_Mirroring; \SystemRoot\System32\drivers\Nahimic_Mirroring.sys [X]
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-31 10:54 - 2021-10-31 10:55 - 000000000 ____D C:\FRST
2021-10-30 21:48 - 2021-10-30 21:48 - 023093656 _____ C:\Users\dthav\Downloads\Investigating Defensive Colouration in Nudibranch Molluscs C P Van den Berg.pdf
2021-10-30 21:47 - 2021-10-30 21:47 - 000232242 _____ C:\Users\dthav\Downloads\Coincident Disruptive Coloration I C Cuthill.pdf
2021-10-30 21:45 - 2021-10-30 21:45 - 000899869 _____ C:\Users\dthav\Downloads\Disruptive Coloration and Binocular Disparity W J Adams.pdf
2021-10-30 09:38 - 2021-10-30 09:38 - 000001349 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-30 09:38 - 2021-10-30 09:38 - 000000000 ____D C:\Users\dthav\AppData\Local\PCHealthCheck
2021-10-30 09:05 - 2021-10-30 09:05 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-30 09:05 - 2021-10-30 09:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-10-30 09:05 - 2021-10-30 09:05 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-30 08:23 - 2021-10-30 08:23 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-30 08:23 - 2021-10-30 08:23 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-16 07:53 - 2021-10-16 07:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2021-10-14 22:04 - 2021-10-14 22:04 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-14 22:04 - 2021-10-14 22:04 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-14 22:04 - 2021-10-14 22:04 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-14 22:04 - 2021-10-14 22:04 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-14 22:04 - 2021-10-14 22:04 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-14 22:04 - 2021-10-14 22:04 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-14 22:04 - 2021-10-14 22:04 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-14 22:04 - 2021-10-14 22:04 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-14 22:04 - 2021-10-14 22:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-14 22:04 - 2021-10-14 22:04 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-14 22:03 - 2021-10-14 22:03 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-14 22:03 - 2021-10-14 22:03 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-14 22:03 - 2021-10-14 22:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-14 22:00 - 2021-10-14 22:00 - 000000000 ___HD C:\$WinREAgent
2021-10-09 16:02 - 2021-10-09 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2021-10-09 16:01 - 2021-10-09 16:02 - 000032176 _____ C:\Windows\system32\amwrtdrv.sys
2021-10-09 16:01 - 2021-10-09 16:01 - 000000000 ____D C:\Program Files (x86)\AOMEI
2021-10-09 16:01 - 2019-05-14 10:28 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2021-10-09 16:01 - 2016-12-21 21:52 - 000171952 _____ C:\Windows\system32\ammntdrv.sys
2021-10-09 10:26 - 2021-10-09 10:26 - 000000000 ____D C:\ProgramData\Oracle
2021-10-09 10:25 - 2021-10-09 10:25 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime
2021-10-09 10:25 - 2021-10-09 10:25 - 000000000 ____D C:\Users\dthav\AppData\Local\IT-Finance
2021-10-09 07:14 - 2021-10-09 07:14 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2021-10-07 07:02 - 2021-10-08 06:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-06 17:43 - 2021-10-06 17:43 - 000000000 ____D C:\Users\dthav\OneDrive\Documents\Visions of Chaos
2021-10-06 17:42 - 2021-10-30 08:37 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Visions of Chaos
2021-10-06 17:42 - 2021-10-30 08:37 - 000000000 ____D C:\Program Files (x86)\Visions of Chaos
2021-09-29 15:52 - 2021-10-23 07:31 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-09-25 13:48 - 2021-10-09 16:02 - 000001024 ____H C:\SYSTAG.BIN
2021-09-25 13:47 - 2021-10-30 07:51 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat
2021-09-25 13:47 - 2021-10-30 07:51 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2021-09-25 13:47 - 2021-10-09 16:53 - 000000000 ____D C:\ProgramData\AomeiBR
2021-09-25 13:47 - 2021-09-25 13:47 - 000000000 ____D C:\ProgramData\Aomei
2021-09-21 08:30 - 2021-09-21 08:30 - 000315032 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-09-21 08:29 - 2021-09-21 19:54 - 000225648 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-09-21 08:29 - 2021-09-21 08:29 - 000265176 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-09-21 08:29 - 2021-09-21 08:29 - 000113952 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-09-15 07:37 - 2021-09-15 07:37 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-15 07:37 - 2021-09-15 07:37 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 07:37 - 2021-09-15 07:37 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-15 07:37 - 2021-09-15 07:37 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-13 09:38 - 2021-09-13 09:38 - 000000693 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor Browser.lnk
2021-09-11 08:40 - 2021-09-11 08:40 - 000000000 ____D C:\Users\dthav\AppData\Local\mbam
2021-09-09 11:21 - 2021-09-09 11:21 - 000122327 _____ C:\Users\dthav\Downloads\INFORMATION GESTION.PDF
2021-09-08 04:17 - 2021-09-08 04:17 - 000000000 ____D C:\AdwCleaner
2021-09-08 03:44 - 2021-10-23 07:31 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-09-05 17:39 - 2021-09-05 17:39 - 000000000 ____D C:\Users\dthav\AppData\Local\Kaspersky Lab
2021-09-04 18:42 - 2021-09-04 18:49 - 000000000 ____D C:\Users\dthav\AppData\Roaming\AceThinker
2021-09-04 18:42 - 2020-10-13 18:30 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2021-08-30 09:30 - 2021-10-31 10:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-30 09:30 - 2021-10-30 08:11 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-30 09:30 - 2021-10-01 07:35 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-30 09:30 - 2021-10-01 07:35 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-30 09:30 - 2021-08-30 09:35 - 000000000 ____D C:\Users\dthav\AppData\Local\Google
2021-08-30 09:30 - 2021-08-30 09:30 - 000000000 ____D C:\Program Files\Google
2021-08-26 14:39 - 2021-08-26 14:39 - 000000000 ____D C:\Users\dthav\OneDrive\Documents\ma carte identité
2021-08-26 14:17 - 2021-08-26 14:17 - 000359387 _____ C:\Users\dthav\OneDrive\Documents\mon rib.pdf
2021-08-25 04:26 - 2021-10-07 20:39 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-21 07:21 - 2021-10-31 08:57 - 000000000 ____D C:\Program Files\CCleaner
2021-08-21 07:21 - 2021-08-21 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-08-21 07:09 - 2021-10-31 10:30 - 000000000 ____D C:\Users\dthav\AppData\Local\ZHP
2021-08-21 07:03 - 2021-10-23 07:30 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-21 07:03 - 2021-08-21 07:21 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - dthav
2021-08-17 20:18 - 2021-08-17 20:18 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Thunderbird
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 ____D C:\Users\dthav\AppData\Local\Thunderbird
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-08-16 12:06 - 2021-08-16 12:06 - 006976520 _____ (Piriform Software Ltd) C:\CCleanerDU.dll
2021-08-15 16:54 - 2021-10-30 16:50 - 000000000 ____D C:\Users\dthav\Bibliothèque calibre
2021-08-15 15:32 - 2021-08-15 15:32 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\Foxit
2021-08-14 16:43 - 2021-08-14 16:44 - 000000000 ____D C:\KPRM
2021-08-14 10:08 - 2021-08-14 10:10 - 000000000 ____D C:\ProgramData\TEMP
2021-08-14 10:08 - 2021-08-14 10:08 - 000000000 ____D C:\ProgramData\Binarysense
2021-08-12 06:47 - 2021-08-12 06:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-12 06:47 - 2021-08-12 06:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-09 13:17 - 2021-04-09 14:53 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
2021-08-07 07:14 - 2021-08-07 07:14 - 000000072 _____ C:\Windows\system32\AdsInfoCls
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-31 10:33 - 2021-07-09 20:15 - 000000000 ____D C:\Users\dthav\AppData\Roaming\ZHP
2021-10-31 10:17 - 2021-07-08 18:33 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\Mozilla
2021-10-31 10:17 - 2021-07-08 18:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-31 10:02 - 2021-07-08 18:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-31 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-30 16:50 - 2021-07-08 18:14 - 000000000 ____D C:\Users\dthav
2021-10-30 10:41 - 2021-07-12 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-10-30 10:41 - 2021-07-12 12:20 - 000000000 ____D C:\Program Files\HWiNFO64
2021-10-30 09:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-10-30 08:37 - 2021-07-08 20:38 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner
2021-10-30 08:37 - 2021-07-08 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-30 08:24 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-30 08:19 - 2021-07-24 07:35 - 000000000 ____D C:\Users\dthav\AppData\Local\PrivaZer
2021-10-30 08:12 - 2021-07-24 07:35 - 000000000 ____D C:\Program Files (x86)\PrivaZer
2021-10-30 08:12 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-10-30 08:04 - 2021-07-16 19:14 - 000000000 ____D C:\Users\dthav\AppData\Local\CrashDumps
2021-10-30 07:55 - 2021-07-08 18:11 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-30 07:55 - 2019-12-07 15:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2021-10-30 07:55 - 2019-12-07 15:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2021-10-30 07:51 - 2021-07-08 18:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-30 07:51 - 2021-07-08 18:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-29 20:31 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-10-29 10:10 - 2021-07-09 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-10-29 10:10 - 2021-07-09 20:22 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-10-29 08:17 - 2021-07-08 18:18 - 000000000 ____D C:\Users\dthav\AppData\Local\Packages
2021-10-29 08:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-29 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-28 16:15 - 2021-07-09 21:05 - 000000000 ____D C:\Users\dthav\AppData\Roaming\vlc
2021-10-25 14:56 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-10-23 17:30 - 2021-07-08 18:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-21 11:51 - 2021-07-08 18:19 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2318516632-1433698277-3918489527-1002
2021-10-21 11:51 - 2021-07-08 18:14 - 000002421 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-16 08:20 - 2021-07-08 18:59 - 000000000 ____D C:\Users\dthav\Tracing
2021-10-16 07:53 - 2021-07-10 17:50 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Foxit Software
2021-10-16 07:50 - 2021-07-08 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-13 06:26 - 2021-07-09 20:37 - 000000000 ____D C:\Windows\system32\MRT
2021-10-13 06:25 - 2021-07-09 20:37 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-09 07:21 - 2021-07-08 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2021-10-09 07:21 - 2021-07-08 20:33 - 000000000 ____D C:\Program Files\UCheck
2021-10-09 07:14 - 2021-07-08 20:56 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-10-09 07:07 - 2021-07-08 18:07 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 07:07 - 2021-07-08 18:07 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-07 20:39 - 2021-07-08 18:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-01 06:56 - 2021-07-09 20:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{366dd4ab-e016-11eb-9610-8769174e3224}
{366dd4ac-e016-11eb-9610-8769174e3224}
{c8f2bbe8-183f-11ec-8d36-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {366dd4b0-e016-11eb-9610-8769174e3224}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {366dd4ab-e016-11eb-9610-8769174e3224}
description Hard Drive
Application logicielle (101fffff)
--------------------------------
identificateur {366dd4ac-e016-11eb-9610-8769174e3224}
description CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {c8f2bbe8-183f-11ec-8d36-806e6f6e6963}
description USB HDD
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {366dd4b0-e016-11eb-9610-8769174e3224}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {366dd4b2-e016-11eb-9610-8769174e3224}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {366dd4b0-e016-11eb-9610-8769174e3224}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
integrityservices Enable
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {366dd4b3-e016-11eb-9610-8769174e3224}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par dthav (administrateur) sur DESKTOP-6FEQG1D (Micro-Star International Co., Ltd. MS-7B45) (31-10-2021 10:55:23)
Exécuté depuis C:\Users\dthav\OneDrive\Bureau
Profils chargés: dthav
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1288 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.6.1\ABService.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000232 2021-10-11] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-30] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {19D0152B-2873-45C9-B750-90E8CB517370} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {1A82B752-50D5-4C91-9F4B-CD8C30C80B57} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-30] (Google LLC -> Google LLC)
Task: {403305CA-C0B7-4B77-8017-CEE431CED728} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {493AFFE0-75A2-46A8-9257-C8E86FFB1DDE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {511F04E1-250B-4CB1-A92A-B126E11C2713} - System32\Tasks\CCleanerSkipUAC - dthav => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {658895BC-4810-4F3C-8F40-4D2E617E63DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-30] (Google LLC -> Google LLC)
Task: {87D57413-075D-41B3-B275-2815926E51A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {8A3E3739-F98E-4F98-A42D-D57041DF8D54} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20140136 2021-10-30] (Goversoft LLC -> Goversoft LLC)
Task: {B1A79810-22F9-4721-BAEC-C5A2CE95F8BF} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [30230360 2021-10-07] (ADLICE (ASCOET JULIEN) -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e75ff8d0-9f8a-497b-8a35-032d4e607b31}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-31]
Edge Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-26]
Edge HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0hxpkp5n.default
FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\0hxpkp5n.default [2021-10-30]
FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release [2021-10-31]
FF Homepage: Mozilla\Firefox\Profiles\kktwelt6.default-release -> hxxps//www.gurumed.org/
FF Extension: (AdBlocker Ultimate) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-09-15]
FF Extension: (uBlock Origin) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (EPUBReader) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2021-10-13]
FF Extension: (Beach) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2021-07-08]
FF Extension: (Web of Trust) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-07-08]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-08-14] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-08-14] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default [2021-10-30]
CHR Extension: (Slides) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-30]
CHR Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-23]
CHR Extension: (Docs) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-30]
CHR Extension: (Google Drive) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-30]
CHR Extension: (YouTube) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-30]
CHR Extension: (Sheets) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-30]
CHR Extension: (Gmail) - C:\Users\dthav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-30]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.6.1\ABService.exe [1092656 2021-09-29] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-09-29] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [368360 2021-09-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7826104 2021-10-30] (Malwarebytes Inc -> Malwarebytes)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NahimicService; "%SystemRoot%\system32\NahimicService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2021-10-09] (AOMEI International Network Limited -> )
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-09] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [265176 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [315032 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [113952 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [225648 2021-09-21] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-30] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2020-10-13] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Nahimic_Mirroring; \SystemRoot\System32\drivers\Nahimic_Mirroring.sys [X]
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-31 10:54 - 2021-10-31 10:55 - 000000000 ____D C:\FRST
2021-10-30 21:48 - 2021-10-30 21:48 - 023093656 _____ C:\Users\dthav\Downloads\Investigating Defensive Colouration in Nudibranch Molluscs C P Van den Berg.pdf
2021-10-30 21:47 - 2021-10-30 21:47 - 000232242 _____ C:\Users\dthav\Downloads\Coincident Disruptive Coloration I C Cuthill.pdf
2021-10-30 21:45 - 2021-10-30 21:45 - 000899869 _____ C:\Users\dthav\Downloads\Disruptive Coloration and Binocular Disparity W J Adams.pdf
2021-10-30 09:38 - 2021-10-30 09:38 - 000001349 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-30 09:38 - 2021-10-30 09:38 - 000000000 ____D C:\Users\dthav\AppData\Local\PCHealthCheck
2021-10-30 09:05 - 2021-10-30 09:05 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-10-30 09:05 - 2021-10-30 09:05 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-30 09:05 - 2021-10-30 09:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-10-30 09:05 - 2021-10-30 09:05 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-30 08:23 - 2021-10-30 08:23 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-30 08:23 - 2021-10-30 08:23 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-16 07:53 - 2021-10-16 07:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2021-10-14 22:04 - 2021-10-14 22:04 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-14 22:04 - 2021-10-14 22:04 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-14 22:04 - 2021-10-14 22:04 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-14 22:04 - 2021-10-14 22:04 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-14 22:04 - 2021-10-14 22:04 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-14 22:04 - 2021-10-14 22:04 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-14 22:04 - 2021-10-14 22:04 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-14 22:04 - 2021-10-14 22:04 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-14 22:04 - 2021-10-14 22:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-14 22:04 - 2021-10-14 22:04 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-14 22:03 - 2021-10-14 22:03 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-14 22:03 - 2021-10-14 22:03 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-14 22:03 - 2021-10-14 22:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-14 22:00 - 2021-10-14 22:00 - 000000000 ___HD C:\$WinREAgent
2021-10-09 16:02 - 2021-10-09 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2021-10-09 16:01 - 2021-10-09 16:02 - 000032176 _____ C:\Windows\system32\amwrtdrv.sys
2021-10-09 16:01 - 2021-10-09 16:01 - 000000000 ____D C:\Program Files (x86)\AOMEI
2021-10-09 16:01 - 2019-05-14 10:28 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2021-10-09 16:01 - 2016-12-21 21:52 - 000171952 _____ C:\Windows\system32\ammntdrv.sys
2021-10-09 10:26 - 2021-10-09 10:26 - 000000000 ____D C:\ProgramData\Oracle
2021-10-09 10:25 - 2021-10-09 10:25 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTime
2021-10-09 10:25 - 2021-10-09 10:25 - 000000000 ____D C:\Users\dthav\AppData\Local\IT-Finance
2021-10-09 07:14 - 2021-10-09 07:14 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2021-10-07 07:02 - 2021-10-08 06:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-06 17:43 - 2021-10-06 17:43 - 000000000 ____D C:\Users\dthav\OneDrive\Documents\Visions of Chaos
2021-10-06 17:42 - 2021-10-30 08:37 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Visions of Chaos
2021-10-06 17:42 - 2021-10-30 08:37 - 000000000 ____D C:\Program Files (x86)\Visions of Chaos
2021-09-29 15:52 - 2021-10-23 07:31 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-09-25 13:48 - 2021-10-09 16:02 - 000001024 ____H C:\SYSTAG.BIN
2021-09-25 13:47 - 2021-10-30 07:51 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat
2021-09-25 13:47 - 2021-10-30 07:51 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2021-09-25 13:47 - 2021-10-09 16:53 - 000000000 ____D C:\ProgramData\AomeiBR
2021-09-25 13:47 - 2021-09-25 13:47 - 000000000 ____D C:\ProgramData\Aomei
2021-09-21 08:30 - 2021-09-21 08:30 - 000315032 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-09-21 08:29 - 2021-09-21 19:54 - 000225648 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-09-21 08:29 - 2021-09-21 08:29 - 000265176 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-09-21 08:29 - 2021-09-21 08:29 - 000113952 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-09-15 07:37 - 2021-09-15 07:37 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-15 07:37 - 2021-09-15 07:37 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 07:37 - 2021-09-15 07:37 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 07:37 - 2021-09-15 07:37 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-15 07:37 - 2021-09-15 07:37 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-15 07:37 - 2021-09-15 07:37 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-13 09:38 - 2021-09-13 09:38 - 000000693 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor Browser.lnk
2021-09-11 08:40 - 2021-09-11 08:40 - 000000000 ____D C:\Users\dthav\AppData\Local\mbam
2021-09-09 11:21 - 2021-09-09 11:21 - 000122327 _____ C:\Users\dthav\Downloads\INFORMATION GESTION.PDF
2021-09-08 04:17 - 2021-09-08 04:17 - 000000000 ____D C:\AdwCleaner
2021-09-08 03:44 - 2021-10-23 07:31 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-09-05 17:39 - 2021-09-05 17:39 - 000000000 ____D C:\Users\dthav\AppData\Local\Kaspersky Lab
2021-09-04 18:42 - 2021-09-04 18:49 - 000000000 ____D C:\Users\dthav\AppData\Roaming\AceThinker
2021-09-04 18:42 - 2020-10-13 18:30 - 000036600 _____ (Riverbed Technology, Inc.) C:\Windows\system32\Drivers\npf.sys
2021-08-30 09:30 - 2021-10-31 10:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-30 09:30 - 2021-10-30 08:11 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-30 09:30 - 2021-10-01 07:35 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-30 09:30 - 2021-10-01 07:35 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-30 09:30 - 2021-08-30 09:35 - 000000000 ____D C:\Users\dthav\AppData\Local\Google
2021-08-30 09:30 - 2021-08-30 09:30 - 000000000 ____D C:\Program Files\Google
2021-08-26 14:39 - 2021-08-26 14:39 - 000000000 ____D C:\Users\dthav\OneDrive\Documents\ma carte identité
2021-08-26 14:17 - 2021-08-26 14:17 - 000359387 _____ C:\Users\dthav\OneDrive\Documents\mon rib.pdf
2021-08-25 04:26 - 2021-10-07 20:39 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-21 07:21 - 2021-10-31 08:57 - 000000000 ____D C:\Program Files\CCleaner
2021-08-21 07:21 - 2021-08-21 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-08-21 07:09 - 2021-10-31 10:30 - 000000000 ____D C:\Users\dthav\AppData\Local\ZHP
2021-08-21 07:03 - 2021-10-23 07:30 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-21 07:03 - 2021-08-21 07:21 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - dthav
2021-08-17 20:18 - 2021-08-17 20:18 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Thunderbird
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 ____D C:\Users\dthav\AppData\Local\Thunderbird
2021-08-17 17:39 - 2021-08-17 17:39 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-08-16 12:06 - 2021-08-16 12:06 - 006976520 _____ (Piriform Software Ltd) C:\CCleanerDU.dll
2021-08-15 16:54 - 2021-10-30 16:50 - 000000000 ____D C:\Users\dthav\Bibliothèque calibre
2021-08-15 15:32 - 2021-08-15 15:32 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\Foxit
2021-08-14 16:43 - 2021-08-14 16:44 - 000000000 ____D C:\KPRM
2021-08-14 10:08 - 2021-08-14 10:10 - 000000000 ____D C:\ProgramData\TEMP
2021-08-14 10:08 - 2021-08-14 10:08 - 000000000 ____D C:\ProgramData\Binarysense
2021-08-12 06:47 - 2021-08-12 06:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-12 06:47 - 2021-08-12 06:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-09 13:17 - 2021-04-09 14:53 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
2021-08-07 07:14 - 2021-08-07 07:14 - 000000072 _____ C:\Windows\system32\AdsInfoCls
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-31 10:33 - 2021-07-09 20:15 - 000000000 ____D C:\Users\dthav\AppData\Roaming\ZHP
2021-10-31 10:17 - 2021-07-08 18:33 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\Mozilla
2021-10-31 10:17 - 2021-07-08 18:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-31 10:02 - 2021-07-08 18:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-31 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-30 16:50 - 2021-07-08 18:14 - 000000000 ____D C:\Users\dthav
2021-10-30 10:41 - 2021-07-12 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-10-30 10:41 - 2021-07-12 12:20 - 000000000 ____D C:\Program Files\HWiNFO64
2021-10-30 09:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-10-30 08:37 - 2021-07-08 20:38 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner
2021-10-30 08:37 - 2021-07-08 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-30 08:24 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-30 08:19 - 2021-07-24 07:35 - 000000000 ____D C:\Users\dthav\AppData\Local\PrivaZer
2021-10-30 08:12 - 2021-07-24 07:35 - 000000000 ____D C:\Program Files (x86)\PrivaZer
2021-10-30 08:12 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-10-30 08:04 - 2021-07-16 19:14 - 000000000 ____D C:\Users\dthav\AppData\Local\CrashDumps
2021-10-30 07:55 - 2021-07-08 18:11 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-30 07:55 - 2019-12-07 15:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2021-10-30 07:55 - 2019-12-07 15:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2021-10-30 07:51 - 2021-07-08 18:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-30 07:51 - 2021-07-08 18:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-29 20:31 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-10-29 10:10 - 2021-07-09 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-10-29 10:10 - 2021-07-09 20:22 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-10-29 08:17 - 2021-07-08 18:18 - 000000000 ____D C:\Users\dthav\AppData\Local\Packages
2021-10-29 08:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-29 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-28 16:15 - 2021-07-09 21:05 - 000000000 ____D C:\Users\dthav\AppData\Roaming\vlc
2021-10-25 14:56 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-10-23 17:30 - 2021-07-08 18:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-21 11:51 - 2021-07-08 18:19 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2318516632-1433698277-3918489527-1002
2021-10-21 11:51 - 2021-07-08 18:14 - 000002421 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-16 08:20 - 2021-07-08 18:59 - 000000000 ____D C:\Users\dthav\Tracing
2021-10-16 07:53 - 2021-07-10 17:50 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Foxit Software
2021-10-16 07:50 - 2021-07-08 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-14 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-13 06:26 - 2021-07-09 20:37 - 000000000 ____D C:\Windows\system32\MRT
2021-10-13 06:25 - 2021-07-09 20:37 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-09 07:21 - 2021-07-08 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2021-10-09 07:21 - 2021-07-08 20:33 - 000000000 ____D C:\Program Files\UCheck
2021-10-09 07:14 - 2021-07-08 20:56 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-10-09 07:07 - 2021-07-08 18:07 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 07:07 - 2021-07-08 18:07 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-07 20:39 - 2021-07-08 18:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-01 06:56 - 2021-07-09 20:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{366dd4ab-e016-11eb-9610-8769174e3224}
{366dd4ac-e016-11eb-9610-8769174e3224}
{c8f2bbe8-183f-11ec-8d36-806e6f6e6963}
timeout 1
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {366dd4b0-e016-11eb-9610-8769174e3224}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {366dd4ab-e016-11eb-9610-8769174e3224}
description Hard Drive
Application logicielle (101fffff)
--------------------------------
identificateur {366dd4ac-e016-11eb-9610-8769174e3224}
description CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {c8f2bbe8-183f-11ec-8d36-806e6f6e6963}
description USB HDD
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {366dd4b0-e016-11eb-9610-8769174e3224}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {366dd4b2-e016-11eb-9610-8769174e3224}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {366dd4b0-e016-11eb-9610-8769174e3224}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
integrityservices Enable
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {366dd4b3-e016-11eb-9610-8769174e3224}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================