cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021
Exécuté par Admin (administrateur) sur DESKTOP-MGHF6B7 (ASUS All Series) (04-11-2021 19:58:20)
Exécuté depuis C:\Users\Admin\Desktop
Profils chargés: Admin
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1288 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Bitdefender LLC) [Fichier non signé] C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe
(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe <2>
(EJIE Technology) [Fichier non signé] C:\Program Files (x86)\Clover\clover.exe
(FSL - FreeSoftLand) [Fichier non signé] C:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Heidi Computers Ltd -> The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
(Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files\KeePass Password Safe 2\KeePass.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Siliten) [Fichier non signé] C:\Program Files (x86)\SilverCrest SMLM 807 A1 Driver\MouClient_FD2_9063RL.exe
(TomTom) [Fichier non signé] C:\Program Files\TomTom HOME\TTHOMEService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
HKLM-x32\...\Run: [InboxMonitor] => C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe [114688 2012-02-17] () [Fichier non signé]
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe [141160 2012-02-17] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641384 2012-02-17] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PdfProInboxMonitor] => C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe [114688 2012-02-17] () [Fichier non signé]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [512536 2021-09-28] (QFX Software Corporation -> QFX Software Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.9.0\GoogleDriveFS.exe --startup_mode
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.9.0\GoogleDriveFS.exe --startup_mode
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME\TTHOMERunner.exe [332288 2019-12-17] (TomTom) [Fichier non signé]
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [] => [X]
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [WinLaunch] => Z:\00-images mail af\WinLaunch\WinLaunch.exe -hide
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [9803720 2021-11-03] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] True
HKU\S-1-5-21-188433853-1034861487-459835961-1001\...\MountPoints2: {aff99e7c-234e-11ea-8d1c-7824af3b34eb} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-188433853-1034861487-459835961-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\49.0.9.0\GoogleDriveFS.exe --startup_mode
HKU\S-1-5-18\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [9803720 2021-11-03] (GlassWire -> SecureMix LLC)
HKLM\...\Print\Monitors\EPSON Stylus DX4400 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMCAE.DLL [129536 2006-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-09-09] (Adobe Inc. -> Adobe Systems, Inc.)
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk [2019-12-14]
ShortcutTarget: FSL Launcher.lnk -> C:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe (FSL - FreeSoftLand) [Fichier non signé]
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MouClient.lnk [2020-06-03]
ShortcutTarget: MouClient.lnk -> C:\Program Files (x86)\SilverCrest SMLM 807 A1 Driver\MouClient_FD2_9063RL.exe (Siliten) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-01-06]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {003BC3A3-5050-474B-B468-AE7EA86D7174} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [1586688 2017-01-23] (Bitdefender LLC) [Fichier non signé]
Task: {07829167-7713-46FB-93C7-F8074927A395} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {08CA2421-DFF8-4A8A-A67B-5B8355290389} - System32\Tasks\taches CB\Chat_bouffe => powershell -WindowStyle hidden -Command "& {[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.MessageBox]::Show('Remplir la gamelle des chats.','Chats.')}"
Task: {0A198E85-EBC9-4DB6-B363-8F4B63476535} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-14] (Google Inc -> Google LLC)
Task: {0DAE1B02-DF91-49E4-924C-050D67497676} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1745A578-8BE4-4EF3-A183-3263786D05FF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {2225A9A5-F387-455B-81C8-A9C0BD2F5DAC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {25E83E7C-D1F7-4FF2-AAE1-8C69D2A2C8FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {2748CB04-F018-4426-9709-1029D9017F91} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe
Task: {29FAA161-5C64-4266-BC1B-CA6F09AD8682} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4276420C-347F-4705-8F31-0AD12D385AF2} - System32\Tasks\taches CB\O2pulsat => powershell -WindowStyle hidden -Command "& {[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.MessageBox]::Show('Mesurer O² et la pulsation et les inscrire sur fichier XLS.','Mesurer saturation et pulsation')}"
Task: {4282594F-ACD4-4D1A-BA4B-6E723F4F3681} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [11085352 2021-10-15] (NCH Software, Inc. -> NCH Software)
Task: {6DDD415E-CCAF-461D-A598-7A758BE766B7} - \TEST AFFICHE FENETRE 2 -> Pas de fichier <==== ATTENTION
Task: {781BB2FF-69F9-48AC-BFA2-B83C1C8B6B0A} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [11085352 2021-10-15] (NCH Software, Inc. -> NCH Software)
Task: {9B0AA682-51ED-4451-BAA1-EBDA8F4AD13A} - System32\Tasks\taches CB\Aspi-filtre-mousse => powershell -WindowStyle hidden -Command "& {[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.MessageBox]::Show('NETTOYER FILTRE MOUSSE DE L ASPIRATEUR.','Aspirateur')}"
Task: {9C310E71-44C1-48D9-904C-28B3C64739D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9CC3A8A5-C5F4-4190-A47F-FAA580F805F0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0794FDF-35F1-4E88-8C9C-7145B10311F4} - System32\Tasks\taches CB\Aspi-filtre-papier => powershell -WindowStyle hidden -Command "& {[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.MessageBox]::Show('NETTOYER LES FILTRES DE L ASPIRATEUR (MOUSSE ET PAPIER). VERIFIER SI LE BAC DE POUSSIERE EST PLEIN.','Aspirateur')}"
Task: {AECA3303-71EC-48BB-B20C-49F174F2C7E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBA582AB-1003-466A-8D6B-96BB50D81F38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-14] (Google Inc -> Google LLC)
Task: {CF6A84FB-CBF0-44AB-9CAD-6B7359477B96} - System32\Tasks\taches CB\Sauve clé usb => powershell -WindowStyle hidden -Command "& {[System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms'); [System.Windows.Forms.MessageBox]::Show('FAIRE LA SAUVEGARDE DE LA CLE USB.','Aspirateur')}"
Task: {DF73B7B6-F4A2-4C37-BEE6-E1DF0130219C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3EDB0FE-9040-426E-BCE3-D664AFCBAC80} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-10-20] () [Fichier non signé]
Task: {E99871BF-C585-4C40-BB0E-E7EE9DC5E6CC} - System32\Tasks\taches CB\restosys => cscript C:\retauration\create_restore_point.vbs"

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{44466e0e-f511-4a62-a56e-5c9d79bc8c39}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7872780d-a5cb-4fc8-841e-18e2d70efa7d}: [NameServer] 8.8.8.8,8.8.4.4

Edge:
=======
DownloadDir: C:\Users\Admin\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-188433853-1034861487-459835961-1001 -> hxxp://free.fr/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-03]
Edge DownloadDir: Default -> C:\Users\Admin\Downloads
Edge HomePage: Default -> hxxp://free.fr/
Edge StartupUrls: Default -> "hxxp://www.free.fr/"
Edge Extension: (Extension Abonnement RSS) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbjofpiipnjjiedmddjdbhbfpbafbakk [2021-07-26]
Edge Extension: (Satin Stacks) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgilogkdbbgmgabhfoaaaedodhelhndn [2021-07-23]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-26]
Edge Extension: (RSS Reader Extension (by Inoreader)) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lbjfhdjlblncekgomhadnnpampcahhal [2021-07-26]
Edge HKU\S-1-5-21-188433853-1034861487-459835961-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: LyN92pbQ.default
FF DefaultProfile: 76khbak4.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299 [2021-11-04]
FF Homepage: Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299 -> hxxps://zimbra.free.fr|hxxp://panbelgique.motards.net/search?search_id=newposts
FF Notifications: Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299 -> hxxps://motosnord.forumdesfans.com
FF Extension: (WebTranslate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\98a81af4-fb95-4bd5-addd-72e6d3957dde@webtranslate.fr.xpi [2021-07-18]
FF Extension: (Facebook Container) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-07]
FF Extension: (Google images view image button) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\google_images_view_image_button@mail.com.xpi [2021-07-18]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-10-01]
FF Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-09-14]
FF Extension: (Voir image) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{287dcf75-bec6-4eec-b4f6-71948a2eea29}.xpi [2021-08-03]
FF Extension: (Search by Image) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2021-11-04]
FF Extension: (Nightly and Aurora) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{596ea437-a17b-4b82-a56c-23a33177512e}.xpi [2021-07-18]
FF Extension: (Aurora Borealis) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{66890fd9-47b8-4c1f-a749-ed27a1f88834}.xpi [2021-07-18]
FF Extension: (Livemarks) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{c5867acc-54c9-4074-9574-04d8818d53e8}.xpi [2021-10-15]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5oslngci.default-release-1626622396299\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\LyN92pbQ.default [2020-05-25]
FF Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\LyN92pbQ.default\Extensions\passwordmanager@avira.com [2019-12-14]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\LyN92pbQ.default\searchplugins\AdTrustMediaComodo Dragon.xml [2020-02-20]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\kompozer.net\KompoZer\Profiles\ridsx094.default [2021-10-13]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default [2020-04-12]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-cs@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-de@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (English (US) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Español (España) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Finnish Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-fi@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Français Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-fr@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Galego (España) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-gl@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-he@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-hu@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-it@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Japanese Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-ja@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-ko@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-nl@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Polski Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-pl@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-ru@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-sl@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (српски (sr) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-sr@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Admin\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\76khbak4.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2020-04-12] [] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-07-18] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-07-18] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-11-04]
CHR HomePage: Default -> hxxp://google.fr/
CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?fr=fpc-comodo&type=81_33050001006_80.0.3987.87_u_hp_sp"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=81_33050001006_80.0.3987.87_u_ds_sp&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-15]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-10]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-14]
CHR Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-11-02]
CHR Extension: (Search by Image) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2021-11-04]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-14]
CHR Extension: (Easy AdBlocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gginmiamniniinhbipmknjiefidjlnob [2020-01-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-22]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-07-22]
CHR Extension: (Extension Abonnement RSS (par Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2021-07-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-10]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-03]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-03]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-15]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-08-15]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-15]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-15]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-15]
CHR Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-08-15]
CHR Extension: (Avira Safe Shopping) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-08-15]
CHR Extension: (Adblock pour Youtube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-08-15]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-15]
CHR Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbkglfijbcbgblgflchnbphjdllaogb [2021-08-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-15]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-08-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-15]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-15]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-15]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-03]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKU\S-1-5-21-188433853-1034861487-459835961-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7055304 2021-10-22] (GlassWire -> SecureMix LLC)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7826104 2021-11-03] (Malwarebytes Inc -> Malwarebytes)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2012-02-17] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [83480 2021-09-28] (QFX Software Corporation -> )
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Fichier non signé]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AviraUpdaterService; "C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe" [X]
S3 DisplayFusionService; "F:\displayFusion\DisplayFusion\DisplayFusionService.exe" [X]
S2 HCloverService; C:\Program Files (x86)\Clover\CloverSvc.dll [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 CSRBC; C:\WINDOWS\System32\Drivers\csrbc.sys [46384 2021-05-11] (Sena Technologies, Inc. -> CSR plc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 InputFilter_Hid_FlexDef2b; C:\WINDOWS\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Siliten)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-08-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [265176 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [315032 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [113952 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [225648 2021-09-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-03] (Malwarebytes Inc -> Malwarebytes)
R3 MouFilter_Mou_FlexDef4; C:\WINDOWS\System32\drivers\MouFilter_FlexDef4.sys [15360 2010-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Siliten)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WiseUnlock; C:\Windows\WiseUnlock64.sys [33864 2020-03-11] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-11-04 19:52 - 2021-11-04 19:58 - 000043165 _____ C:\Users\Admin\Desktop\FRST.txt
2021-11-04 19:50 - 2021-11-04 19:50 - 002311168 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2021-11-04 19:47 - 2021-11-04 19:47 - 000466043 _____ C:\Users\Admin\Desktop\ZHPDiag.txt
2021-11-04 19:39 - 2021-11-04 19:47 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2021-11-04 19:39 - 2021-11-04 19:39 - 000000865 _____ C:\Users\Admin\Desktop\ZHPSuite.lnk
2021-11-04 19:39 - 2021-11-04 19:39 - 000000000 ____D C:\Users\Admin\AppData\Local\ZHP
2021-11-03 10:06 - 2021-11-03 10:06 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 10:06 - 2021-11-03 10:06 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-02 18:09 - 2021-11-04 18:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-01 22:05 - 2021-11-01 22:05 - 000000000 ____D C:\Users\Admin\Suite NCH Software
2021-11-01 22:02 - 2021-11-01 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2021-11-01 22:02 - 2021-11-01 22:02 - 000000000 ____D C:\Program Files (x86)\GlassWire
2021-11-01 22:02 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2021-11-01 22:02 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2021-10-28 21:32 - 2021-10-28 21:32 - 011792608 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.56.2_win64-setup.exe
2021-10-21 20:41 - 2021-10-21 20:41 - 000001828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2021-10-21 20:41 - 2021-10-21 20:41 - 000000000 ____D C:\Program Files\Eraser
2021-10-21 20:39 - 2021-10-21 20:39 - 008759496 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.2.0.2991.exe
2021-10-17 21:41 - 2021-10-17 21:41 - 011788240 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.56.0_win64-setup.exe
2021-10-15 09:21 - 2021-10-15 09:21 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-15 09:21 - 2021-10-15 09:21 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-15 09:21 - 2021-10-15 09:21 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-15 09:21 - 2021-10-15 09:21 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-15 09:21 - 2021-10-15 09:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-15 09:21 - 2021-10-15 09:21 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-15 09:21 - 2021-10-15 09:21 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-15 09:14 - 2021-10-15 09:14 - 000000000 ___HD C:\$WinREAgent
2021-10-07 21:35 - 2021-10-07 21:35 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
2021-10-05 21:41 - 2021-10-18 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
2021-10-05 21:36 - 2021-10-05 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2021-10-05 21:33 - 2021-11-02 19:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-04 17:35 - 2021-10-04 17:35 - 000000000 ____D C:\Program Files\Notepad++
2021-10-04 17:30 - 2021-10-04 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape
2021-09-27 17:30 - 2021-09-27 17:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sena Technologies
2021-09-23 18:52 - 2021-09-23 18:52 - 000315032 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-09-23 18:51 - 2021-09-23 18:51 - 000265176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-09-23 18:51 - 2021-09-23 18:51 - 000225648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-09-23 18:51 - 2021-09-23 18:51 - 000113952 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-09-21 19:21 - 2021-09-21 19:21 - 000000000 ____D C:\Program Files\DIFX
2021-09-21 19:20 - 2021-09-27 17:30 - 000000000 ____D C:\Program Files (x86)\Sena Technologies
2021-09-20 16:15 - 2021-09-20 16:15 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-17 19:18 - 2021-09-17 19:18 - 000483831 _____ C:\Users\Admin\Downloads\CI Loriane.pdf
2021-09-17 19:15 - 2021-09-17 19:15 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 19:14 - 2021-09-17 19:14 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 19:14 - 2021-09-17 19:14 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 19:14 - 2021-09-17 19:14 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 19:14 - 2021-09-17 19:14 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 19:14 - 2021-09-17 19:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 19:13 - 2021-09-17 19:13 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 19:13 - 2021-09-17 19:13 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 19:13 - 2021-09-17 19:13 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-26 19:36 - 2021-08-26 19:36 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2021-08-23 21:17 - 2021-08-23 21:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Sysinternals
2021-08-23 19:05 - 2021-08-23 19:05 - 011421048 _____ (Tim Kosse) C:\Users\Admin\Downloads\FileZilla_3.55.1_win64-setup.exe
2021-08-22 21:48 - 2021-08-22 21:48 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Admin
2021-08-22 16:53 - 2021-08-22 16:53 - 000000000 ____D C:\Users\Admin\AppData\Local\Meltytech
2021-08-22 16:52 - 2021-08-22 16:52 - 000001892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2021-08-22 16:52 - 2021-08-22 16:52 - 000000000 ____D C:\Program Files\Shotcut

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-11-04 19:58 - 2020-05-21 21:37 - 000000000 ____D C:\FRST
2021-11-04 19:51 - 2020-10-11 20:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TeraCopy
2021-11-04 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-04 19:31 - 2020-01-01 19:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MPC-HC
2021-11-04 19:30 - 2020-09-01 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\glasswire
2021-11-04 19:28 - 2019-12-14 14:26 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-04 18:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-04 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-04 18:33 - 2020-06-23 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-04 18:18 - 2019-12-14 17:15 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-04 18:17 - 2019-12-14 17:15 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2021-11-04 18:15 - 2020-06-23 10:22 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-04 18:15 - 2019-12-07 15:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-04 18:15 - 2019-12-07 15:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-04 18:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-04 18:10 - 2019-12-14 22:33 - 000000000 ____D C:\Program Files\CCleaner
2021-11-04 18:08 - 2020-06-23 10:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-04 18:08 - 2020-06-23 10:21 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-04 18:08 - 2019-12-14 14:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-11-04 18:08 - 2019-12-14 14:34 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2021-11-04 09:44 - 2021-02-06 20:22 - 000000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2021-11-04 09:44 - 2020-06-23 10:28 - 000003198 _____ C:\WINDOWS\system32\Tasks\BDAntiCryptoWallTask
2021-11-04 09:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-04 08:03 - 2020-06-23 10:28 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-188433853-1034861487-459835961-1001
2021-11-04 08:03 - 2020-06-23 09:03 - 000002417 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 08:00 - 2019-12-14 14:21 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2021-11-03 21:05 - 2020-12-13 17:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-03 20:38 - 2020-08-30 09:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IGDump
2021-11-03 18:03 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-03 09:11 - 2019-12-14 17:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-02 19:25 - 2021-07-18 16:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-02 19:25 - 2019-12-17 19:18 - 000001432 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\firefox.lnk
2021-11-02 12:38 - 2020-02-14 20:36 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2021-11-02 09:49 - 2021-01-23 11:19 - 000000000 ____D C:\Program Files\Recuva
2021-11-01 22:09 - 2020-06-23 10:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-11-01 22:05 - 2021-03-24 20:07 - 000001375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad - Logiciel de montage vidéo.lnk
2021-11-01 22:05 - 2020-06-23 09:03 - 000000000 ____D C:\Users\Admin
2021-11-01 21:55 - 2021-03-24 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-01 21:54 - 2020-04-13 13:36 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-11-01 21:54 - 2020-04-13 13:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Notepad++
2021-11-01 21:52 - 2020-12-09 22:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FileZilla
2021-11-01 21:52 - 2020-02-14 20:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mp3tag
2021-11-01 21:51 - 2021-07-31 19:49 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-11-01 21:51 - 2020-12-09 22:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-01 21:51 - 2020-12-09 22:16 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-01 21:51 - 2019-12-27 18:51 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-11-01 21:50 - 2019-12-27 18:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\audacity
2021-11-01 18:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-31 20:57 - 2019-12-14 21:30 - 000000000 ____D C:\Users\Admin\AppData\Local\adslTV
2021-10-31 09:12 - 2020-07-06 07:23 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-29 20:17 - 2019-12-17 21:15 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MyPhoneExplorer
2021-10-27 21:35 - 2019-12-17 21:40 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2021-10-23 20:52 - 2020-02-08 20:25 - 000000000 ____D C:\ProgramData\TEMP
2021-10-21 21:34 - 2021-01-23 20:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2021-10-21 20:48 - 2020-06-23 10:28 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2021-10-21 20:48 - 2019-12-14 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-10-21 20:48 - 2019-12-14 14:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2021-10-21 20:42 - 2020-06-23 10:28 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-19 13:39 - 2019-12-14 17:25 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-10-18 20:47 - 2021-03-20 14:46 - 000000000 ____D C:\Program Files (x86)\KeyScrambler
2021-10-16 10:15 - 2021-01-18 20:15 - 000000000 ____D C:\Users\Admin\AppData\Roaming\XnViewMP
2021-10-15 12:00 - 2020-06-23 10:21 - 000634968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-15 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-15 08:24 - 2019-12-14 14:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-15 08:21 - 2019-12-14 14:42 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-13 17:44 - 2019-12-14 14:36 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-10 17:57 - 2021-02-22 13:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-10 09:19 - 2020-01-02 09:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2021-10-09 18:09 - 2020-07-06 07:22 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 18:09 - 2020-07-06 07:22 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-07 21:35 - 2020-06-27 19:45 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-10-05 21:36 - 2019-12-17 21:15 - 000000000 ____D C:\Program Files (x86)\MyPhoneExplorer

==================== Fichiers à la racine de certains dossiers ========

2019-12-27 17:57 - 2017-10-20 16:57 - 854534880 _____ () C:\Program Files (x86)\Nuance.PDF.Converter.Enterprise.7.v16.0.0.400.MULTI.PC.rar
2021-01-05 19:00 - 2021-01-05 19:00 - 001029415 _____ () C:\Program Files (x86)\RegSeeker47.zip
2020-10-11 20:46 - 2020-10-11 20:41 - 000001374 _____ () C:\Users\Admin\AppData\Roaming\fastcopy.ini
2021-03-17 17:32 - 2021-08-07 21:11 - 000005079 _____ () C:\Users\Admin\AppData\Local\pingidentityprefs.fileprefs
2020-02-04 18:47 - 2021-07-18 16:12 - 000000128 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2021-05-25 19:17 - 2021-05-25 19:17 - 000000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel

==================== SigCheckExt =========================

2020-11-06 20:34 - 2019-11-08 09:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2008-08-07 10:50 - 2008-08-07 10:50 - 001817600 _____ (Zeon International Investment Corp. ) C:\WINDOWS\system32\ZDImage2pdf7.dll
2019-12-15 20:20 - 2019-12-15 20:20 - 000016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
1998-07-13 00:00 - 1998-07-13 00:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
1998-07-13 00:00 - 1998-07-13 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL
2019-12-14 18:35 - 2019-12-14 18:35 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
1998-07-13 00:00 - 1998-07-13 00:00 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2FR.DLL
2004-02-23 00:00 - 2004-02-23 00:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2003-03-18 19:14 - 2003-03-18 19:14 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2003-02-21 03:42 - 2003-02-21 03:42 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
1998-07-13 00:00 - 1998-07-13 00:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCCLPFR.DLL
1998-07-12 23:00 - 1998-07-12 23:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL
1998-07-13 00:00 - 1998-07-13 00:00 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STDFTFR.DLL
2001-05-22 00:00 - 2001-05-22 00:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll
2000-10-02 09:40 - 2000-10-02 09:40 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2000-07-15 00:00 - 2000-07-15 00:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
1998-07-12 23:00 - 1998-07-12 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL
2021-11-04 19:50 - 2021-11-04 19:50 - 002311168 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-06-04 21:50 - 2020-06-04 21:51 - 004778360 _____ (Bitdefender ) C:\Users\Admin\Downloads\BDAntiRansomwareSetup 2020.exe
2021-03-03 20:34 - 2021-03-03 20:34 - 002661103 _____ C:\Users\Admin\Downloads\Clover_Setup 3.0.406 - Version propre - .exe
2020-04-17 07:14 - 2020-04-17 07:14 - 010100481 _____ (PortableApps.com) C:\Users\Admin\Downloads\FreeCommanderPortable_2020_Build_810a.paf.exe
2019-12-17 21:33 - 2019-12-17 21:33 - 003498805 _____ (FastStone Soft) C:\Users\Admin\Downloads\FSCaptureSetup93.exe
2019-12-14 21:36 - 2019-12-14 21:36 - 003299691 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\fsl-launcher_1-1-4-4_en_56140.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{69fd34ec-1e73-11ea-982e-c66307f43caa}
{69fd34ed-1e73-11ea-982e-c66307f43caa}
timeout 1

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {69fd34f2-1e73-11ea-982e-c66307f43caa}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Application logicielle (101fffff)
--------------------------------
identificateur {69fd34ec-1e73-11ea-982e-c66307f43caa}
description Hard Drive

Application logicielle (101fffff)
--------------------------------
identificateur {69fd34ed-1e73-11ea-982e-c66307f43caa}
description Lecteur CD/DVD

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {69fd34f5-1e73-11ea-982e-c66307f43caa}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {69fd34f2-1e73-11ea-982e-c66307f43caa}
nx OptIn
bootmenupolicy Standard

Chargeur de d‚marrage Windows
-----------------------------
identificateur {69fd34f5-1e73-11ea-982e-c66307f43caa}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{69fd34f6-1e73-11ea-982e-c66307f43caa}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{69fd34f6-1e73-11ea-982e-c66307f43caa}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {69fd34f2-1e73-11ea-982e-c66307f43caa}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {69fd34f5-1e73-11ea-982e-c66307f43caa}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {69fd34f6-1e73-11ea-982e-c66307f43caa}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité