Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Exécuté par GB (administrateur) sur DESKTOP-AMODNS9 (Dell Inc. Dell System XPS L502X) (24-12-2021 14:58:25)
Exécuté depuis D:\bureau
Profils chargés: GB
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis, Inc -> ) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AntGROUP) [Fichier non signé] C:\Program Files (x86)\Ant Download Manager\antCH\antCH.exe
(AntGROUP) [Fichier non signé] C:\Program Files (x86)\Ant Download Manager\AntDM.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <17>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe <7>
(Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] C:\Users\GB\AppData\Local\Clavier+\Clavier.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Pas de fichier)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470240 2011-02-24] (Acronis, Inc -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [AntDM] => C:\Program Files (x86)\Ant Download Manager\AntDM.exe [4805120 2021-02-01] (AntGROUP) [Fichier non signé]
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [Clavier+] => C:\Users\GB\AppData\Local\Clavier+\Clavier.exe [113664 2013-11-09] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé]
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2152704 2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.33.106\Installer\chrmstp.exe [2021-12-14] (Brave Software, Inc. -> Brave Software, Inc.)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll [209128 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll [182592 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2021-12-16] () <==== ATTENTION [zéro octet Fichier/Dossier]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01AD4F7E-C704-4395-BD51-BA6DAD5AE88B} - System32\Tasks\UAC pass\Everything - Chercher tout => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
Task: {1EE0A153-EE32-4CAB-A02E-56D72DCBAE1D} - System32\Tasks\UAC pass\Everything => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
Task: {3F1F4E53-0F5D-4581-B7B7-2B5AC148BC8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {451503F0-5D8A-4C6D-86FE-1D9646276301} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BE115DC-0677-45FD-A9E3-5DB0A3917F9B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {60AF1C0C-CC7C-45B7-9C1F-57997F248D5D} - System32\Tasks\UAC pass\Start Unlocker => C:\Program Files\Unlocker\Unlocker.exe [124928 2013-01-10] () [Fichier non signé]
Task: {7BAB94C9-D6CB-4B29-83B9-6CC36A5DAF9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DC49D08-50A3-4C26-B859-D98E53E75460} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A24FAD-4C8B-43C2-BB4B-912A5F0974B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F19189FC-5A4A-4F05-A178-94E19D2FD681} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6D31591-F72C-4B28-B091-EE755C35AAB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [{04EB05DB-775B-455D-BFF8-ADBD7D21C2CC}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{8E53D485-A2AD-4306-A437-A9075F0649BD}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{A2A4BCCC-029B-4268-9FE3-3F02FA1B2170}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{AB219EAB-41DE-4849-9D74-3A32C720E71D}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{F9EB665E-538C-40D1-A182-C424CE2B8462}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{FDD90F17-3AFD-406F-B6A9-ECBDF9858A45}] => hxxp://127.0.0.1:86/
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{0bdad731-d15e-fdbd-efa0-a46c3dda2dc7}: [NameServer] 198.18.0.1,198.18.0.2
Tcpip\..\Interfaces\{1a6b1ee8-8fa1-4af1-9942-52db6ea5735f}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{634039EC-05BF-4716-A567-C4B5C106BFE7}: [NameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{7486506b-1fed-46ef-9e27-c66c4c165a8a}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{7486506b-1fed-46ef-9e27-c66c4c165a8a}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a97c2990-2925-4631-9a9c-90ea30c69290}: [DhcpNameServer] 198.18.0.1 198.18.0.2
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\GB\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-22]
Edge HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
FireFox:
========
FF DefaultProfile: 3kn31g63.default
FF ProfilePath: C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default [2021-08-21]
FF Extension: (Dictionnaire français) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2021-05-02]
FF Extension: (Français Language Pack) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-05-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js [2018-11-08] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\cck2.cfg [2018-11-08] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default [2021-12-22]
CHR Extension: (Slides) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-05]
CHR Extension: (Docs) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-05]
CHR Extension: (Google Drive) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-05]
CHR Extension: (YouTube) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-05]
CHR Extension: (Sheets) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-04]
CHR Extension: (IDM Integration Module) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-02-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable [2021-10-14]
OPR DefaultSuggestURL: Opera Stable -> hxxps://suggest.yandex.ru/suggest-ya.cgi?v=4&part={searchTerms}&l10n={language}
OPR Extension: (Rich Hints Agent) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-10]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-26]
Brave:
=======
BRA Profile: C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-12-24]
BRA Extension: (Google Traduction) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-21]
BRA Extension: (Privacy Pass) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajhmfdgkijocedmfjonnpjfojldioehi [2021-11-16]
BRA Extension: (CookiesBlock - cookie pop-ups) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajkknbgennjgacpfbhdobipfhhikbldg [2021-11-09]
BRA Extension: (Video Downloader professional) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2021-01-07]
BRA Extension: (Sidewise Tree Style Tabs) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\biiammgklaefagjclmnlialkmaemifgo [2021-03-14]
BRA Extension: (Download with Ant Download Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dalgiebmfcjackkbjfbfmlnflbdfbekj [2021-03-17]
BRA Extension: (Helium Backup) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2020-12-05]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-12-16]
BRA Extension: (Bloqueur vidéo) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kkgpdmegkhdheglikjleejknplhdpbck [2021-12-16]
BRA Extension: (The Flash Video Downloader) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmieilamoollaknppoffbmdgdcolcafa [2021-10-02]
BRA Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
BRA Extension: (My IP address) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\monhkdcehmbdgkhgpccaccbbcgcfpjkd [2020-12-05]
BRA Extension: (Smallpdf - Éditez et convertissez des PDF) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2021-12-16]
BRA Extension: (Thème de l'espace profond en noir) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pembcnmmbjikdbodfllkkkdaegalobbj [2021-01-06]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-10-15]
BRA Extension: (Brave NTP background images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2021-12-16]
BRA Extension: (Wallet Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2021-12-03]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-12-24]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-12-24]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-09-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-12-24]
BRA Extension: (Crypto Wallets) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-12-05]
BRA Extension: (PDF Viewer) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2020-12-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-12-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc. -> Apple Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-12-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
S3 DellFFDPWmiService; C:\Windows\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-01] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-20] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Fichier non signé]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Fichier non signé]
R2 PrivadoVPN.Service; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe [58544 2021-12-14] (Privado Networks LLC -> Privado Networks AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-02] (Miroslav Topolar -> Mister Group)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WireGuardTunnel$PrivadoVPN; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe [19120 2021-12-14] (Privado Networks LLC -> Privado Networks AG)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 cbfs20; C:\Windows\System32\drivers\cbfs20.sys [433168 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R1 googledrivefs3688; C:\Windows\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [29096 2020-08-21] (Hewlett-Packard Company -> Hewlett Packard)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-22] (Malwarebytes Inc -> Malwarebytes)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-02-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-12-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-22 15:29 - 2021-12-22 15:36 - 000000000 ____D C:\AdwCleaner
2021-12-22 10:19 - 2021-12-22 10:19 - 000000000 ____D C:\Users\GB\AppData\Roaming\27304
2021-12-22 10:05 - 2021-12-22 10:05 - 000029680 _____ (WireGuard LLC) C:\Windows\system32\Drivers\wintun.sys
2021-12-21 19:38 - 2021-12-21 22:15 - 000000000 ____D C:\Windows\system32\appmgmt
2021-12-21 15:39 - 2021-12-24 14:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3823513517-4018291188-4233142150-1001
2021-12-21 15:39 - 2021-12-24 14:08 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3823513517-4018291188-4233142150-1001
2021-12-20 20:26 - 2021-12-14 07:44 - 000381456 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3688.sys
2021-12-20 19:37 - 2021-12-22 09:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-12-20 19:03 - 2021-12-20 19:03 - 000019782 _____ C:\malwarbytes compte rendu01.txt
2021-12-20 18:22 - 2021-12-22 17:31 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-12-20 18:22 - 2021-12-20 18:22 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-20 18:22 - 2021-12-20 18:22 - 000000000 ____D C:\Users\GB\AppData\Local\mbam
2021-12-20 18:21 - 2021-12-20 18:21 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-12-20 18:21 - 2021-12-20 18:20 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-12-20 18:19 - 2021-12-20 18:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-20 18:19 - 2021-12-20 18:19 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-19 17:43 - 2021-12-19 17:43 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-19 17:43 - 2021-12-19 17:43 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-16 19:08 - 2021-12-16 19:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2016 Edition Standard FR
2021-12-16 09:20 - 2021-12-16 09:20 - 000000000 ____D C:\Windows\SystemTemp
2021-12-15 21:11 - 2021-12-15 21:11 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-15 21:11 - 2021-12-15 21:11 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-15 21:10 - 2021-12-15 21:10 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-15 21:10 - 2021-12-15 21:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-15 20:34 - 2021-12-15 20:34 - 000000000 ___HD C:\$WinREAgent
2021-12-15 18:40 - 2021-12-15 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivadoVPN
2021-12-10 10:21 - 2021-12-10 10:21 - 000000017 _____ C:\Users\GB\AppData\Local\resmon.resmoncfg
2021-12-07 18:31 - 2021-12-07 18:31 - 000000000 ____D C:\Users\GB\AppData\Roaming\MusE
2021-12-07 18:31 - 2021-12-07 18:31 - 000000000 ____D C:\Users\GB\AppData\Local\MusE
2021-12-07 18:30 - 2021-12-07 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore 1.0
2021-12-07 18:30 - 2021-12-07 18:30 - 000000000 ____D C:\Program Files (x86)\MuseScore
2021-11-17 10:17 - 2021-11-17 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2021-11-17 10:17 - 2021-11-17 10:17 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2021-11-17 10:16 - 2021-11-17 10:18 - 000000000 ____D C:\Users\GB\AppData\Roaming\DVDVideoSoft
2021-11-10 07:49 - 2021-11-10 07:49 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-09 20:33 - 2021-11-09 20:33 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2021-10-28 15:37 - 2021-10-28 15:39 - 000000000 ____D C:\Users\GB\AppData\Local\DocumentScanner
2021-10-28 09:48 - 2021-10-28 09:48 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documalis Free PDF Scanner.lnk
2021-10-28 09:47 - 2021-10-28 09:47 - 000000000 ____D C:\Program Files (x86)\Documalis
2021-10-25 14:47 - 2021-10-25 14:47 - 000000000 ____D C:\Users\GB\AppData\Local\Wondershare
2021-10-25 14:46 - 2021-10-25 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2021-10-25 14:46 - 2021-10-25 14:47 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2021-10-25 14:46 - 2021-10-25 14:46 - 000000000 ____D C:\Program Files\iSkysoft
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ C:\Program Files\Meteorite.exe
2021-10-24 11:23 - 2021-10-24 11:23 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-24 11:23 - 2021-10-24 11:23 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-13 10:05 - 2021-10-13 10:05 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-13 10:05 - 2021-10-13 10:05 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-13 10:05 - 2021-10-13 10:05 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-13 10:04 - 2021-10-13 10:04 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-24 14:59 - 2021-03-18 19:09 - 000000000 ____D C:\FRST
2021-12-24 14:56 - 2021-01-31 16:33 - 000000000 ____D C:\Users\GB\AppData\Roaming\vlc
2021-12-24 14:47 - 2021-03-18 18:30 - 000000000 ____D C:\Users\GB\AppData\Roaming\ZHP
2021-12-24 14:30 - 2020-12-05 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-24 14:08 - 2020-12-05 14:59 - 000002465 _____ C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-24 14:04 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\PrivadoVPN
2021-12-24 14:04 - 2020-09-27 06:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-22 20:35 - 2020-12-05 14:50 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-22 20:35 - 2019-12-07 15:50 - 000756494 _____ C:\Windows\system32\perfh00C.dat
2021-12-22 20:35 - 2019-12-07 15:50 - 000142264 _____ C:\Windows\system32\perfc00C.dat
2021-12-22 20:35 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-22 20:05 - 2020-12-05 15:18 - 000000000 ____D C:\Users\GB\AppData\Roaming\Everything
2021-12-22 18:53 - 2020-12-07 19:58 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-22 18:51 - 2020-12-07 20:01 - 000000000 ____D C:\Users\GB\AppData\LocalLow\Mozilla
2021-12-22 18:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-22 18:29 - 2020-12-12 14:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-22 18:29 - 2020-09-27 08:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-22 18:29 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-22 17:36 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-22 17:35 - 2020-12-05 16:28 - 000000000 ____D C:\Users\GB\AppData\Local\Everything
2021-12-22 12:30 - 2020-12-12 18:20 - 000000000 ____D C:\Users\GB\AppData\Local\CrashDumps
2021-12-22 10:27 - 2021-08-09 12:58 - 000000000 ____D C:\Program Files\DVDFab
2021-12-22 10:22 - 2021-03-18 18:30 - 000000000 ____D C:\Users\GB\AppData\Local\ZHP
2021-12-22 10:19 - 2021-08-09 13:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-12-22 10:05 - 2021-09-04 18:11 - 000000000 ____D C:\Program Files (x86)\PrivadoVPN
2021-12-22 09:50 - 2020-12-05 19:03 - 000302704 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-21 19:41 - 2020-12-05 18:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-21 17:53 - 2020-12-26 10:42 - 000000000 ____D C:\Users\GB\AppData\Local\QuickPar
2021-12-20 20:26 - 2021-09-10 18:07 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-12-20 19:02 - 2021-01-21 16:37 - 000000000 ____D C:\Users\GB\MaxxAudioMeters64
2021-12-20 19:02 - 2021-01-04 19:56 - 000000000 ____D C:\Users\GB\AppData\Roaming\Windows Update
2021-12-20 19:02 - 2020-12-27 01:13 - 000000000 ____D C:\Program Files (x86)\DVDFab 9
2021-12-20 18:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-20 18:11 - 2020-12-27 19:19 - 000000000 ____D C:\Joh's Bibli
2021-12-19 19:17 - 2020-12-06 19:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-19 18:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-19 18:03 - 2020-09-27 08:36 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 18:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-19 17:42 - 2021-05-26 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-12-16 17:26 - 2021-02-04 17:00 - 000000000 ____D C:\Program Files\CCleaner
2021-12-16 09:46 - 2020-09-27 08:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-16 09:20 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-15 21:20 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-15 20:28 - 2020-12-07 11:01 - 000000000 ____D C:\Windows\system32\MRT
2021-12-15 20:22 - 2020-12-07 11:00 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-15 18:42 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-15 18:41 - 2021-07-12 12:50 - 000000466 __RSH C:\ProgramData\ntuser.pol
2021-12-14 22:57 - 2020-12-05 17:32 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-12-14 00:04 - 2020-12-05 18:55 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-09 12:03 - 2020-12-05 18:47 - 000001453 _____ C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-12-08 09:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-05 19:10 - 2020-12-27 00:45 - 000000000 ____D C:\Users\GB\AppData\Roaming\dvdcss
2021-12-01 19:20 - 2020-12-05 15:04 - 000000000 ____D C:\Users\GB\AppData\Local\Packages
2021-11-30 17:40 - 2020-12-07 19:03 - 000000000 ____D C:\Users\GB\Downloads\Newshosting
==================== Fichiers à la racine de certains dossiers ========
2021-01-08 02:29 - 2021-01-08 02:29 - 019470392 _____ (TeamViewer) C:\Users\GB\TeamViewerQS.exe
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ () C:\Program Files\Meteorite.exe
2021-08-09 13:01 - 2021-08-09 13:01 - 000000171 _____ () C:\Users\GB\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-12-27 01:08 - 2020-12-27 01:08 - 000007859 _____ () C:\Users\GB\AppData\Roaming\pcouffin.cat
2020-12-27 01:08 - 2020-12-27 01:08 - 000001167 _____ () C:\Users\GB\AppData\Roaming\pcouffin.inf
2020-12-27 01:08 - 2020-12-27 01:08 - 000000055 _____ () C:\Users\GB\AppData\Roaming\pcouffin.log
2020-12-27 01:08 - 2020-12-27 01:08 - 000082816 _____ (VSO Software) C:\Users\GB\AppData\Roaming\pcouffin.sys
2021-03-05 14:03 - 2021-03-05 14:03 - 000156725 _____ () C:\Users\GB\AppData\Roaming\Windows Service.vbs
2021-06-07 13:09 - 2021-06-07 13:09 - 000003584 _____ () C:\Users\GB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-12-10 10:21 - 2021-12-10 10:21 - 000000017 _____ () C:\Users\GB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2019-02-01 23:41 - 2019-02-01 23:41 - 000052224 _____ (HP Inc.) C:\Windows\system32\hpbmiapi.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052736 _____ (HP Inc.) C:\Windows\system32\hpboid.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000012800 _____ (HP Inc.) C:\Windows\system32\hpboidps.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000078848 _____ (HP Inc.) C:\Windows\system32\hpbpro.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000013312 _____ (HP Inc.) C:\Windows\system32\hpbprops.dll
2019-02-01 23:40 - 2019-02-01 23:40 - 000070144 _____ (HP Inc.) C:\Windows\system32\HPBWSDR.DLL
2019-02-01 23:10 - 2019-02-01 23:10 - 000180736 _____ (HP Inc.) C:\Windows\system32\hplbddrv.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000067072 _____ (HP Inc.) C:\Windows\system32\HPZidr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000050688 _____ (HP Inc.) C:\Windows\system32\HPZinw12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000066048 _____ (HP Inc.) C:\Windows\system32\HPZipm12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000047104 _____ (HP Inc.) C:\Windows\system32\HPZipr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000038400 _____ (HP Inc.) C:\Windows\system32\hpzipt12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000024064 _____ (HP Inc.) C:\Windows\system32\hpzisn12.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ C:\Program Files\Meteorite.exe
2021-08-26 16:56 - 2020-02-20 18:04 - 000931328 __RSH C:\Windows\flvdec.dll
2020-12-15 10:12 - 1999-05-26 09:46 - 000212480 _____ (Eastman Kodak) C:\Windows\pcdlib32.dll
2020-12-15 10:12 - 1996-07-01 00:00 - 000087328 _____ (Twain Working Group) C:\Windows\TWAIN.DLL
2020-12-15 10:12 - 1996-07-01 00:00 - 000048560 _____ (Twain Working Group) C:\Windows\TWUNK_16.EXE
2020-12-15 10:12 - 1998-09-03 18:08 - 000069632 _____ (Twain Working Group) C:\Windows\TWUNK_32.EXE
2020-12-05 18:43 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2021-08-26 17:01 - 2009-09-27 08:39 - 000401920 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2021-08-26 17:01 - 2005-07-14 11:31 - 000032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2021-08-26 17:01 - 2004-02-22 09:11 - 000764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2021-08-26 16:56 - 2004-07-02 17:33 - 000327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2021-08-26 17:01 - 2016-07-12 11:13 - 004646912 ___SH C:\Windows\SysWOW64\ffms2.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000055296 _____ (HP Inc.) C:\Windows\SysWOW64\HPZidr12.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000039424 _____ (HP Inc.) C:\Windows\SysWOW64\HPZipr12.dll
2021-08-26 17:01 - 2004-01-24 23:00 - 000070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libcrypto-1_1.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libssl-1_1.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2021-08-26 16:56 - 2016-09-02 17:50 - 000214016 __RSH (Florin Ghido, florin.ghido@gmail.com) C:\Windows\SysWOW64\OptimFROG.dll
2021-08-26 16:56 - 2004-10-10 09:50 - 000278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2021-08-26 16:56 - 2010-01-07 00:00 - 000107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2021-08-26 16:56 - 2012-10-05 19:54 - 000188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2021-08-26 17:01 - 2004-01-24 23:00 - 000070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
displaymessageoverride StartupRepair
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
nx OptIn
bootmenupolicy Legacy
Chargeur de d‚marrage Windows
-----------------------------
identificateur {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {af88e08a-6fe1-4f37-aae9-62e1d864be23}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{f26c0366-64bc-4e0b-9a8c-440a3af3168d}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{f26c0366-64bc-4e0b-9a8c-440a3af3168d}
systemroot \Windows
detecthal Yes
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {f26c0366-64bc-4e0b-9a8c-440a3af3168d}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
==================== Fin de FRST.txt ========================
Exécuté par GB (administrateur) sur DESKTOP-AMODNS9 (Dell Inc. Dell System XPS L502X) (24-12-2021 14:58:25)
Exécuté depuis D:\bureau
Profils chargés: GB
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis, Inc -> ) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AntGROUP) [Fichier non signé] C:\Program Files (x86)\Ant Download Manager\antCH\antCH.exe
(AntGROUP) [Fichier non signé] C:\Program Files (x86)\Ant Download Manager\AntDM.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <17>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe <7>
(Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] C:\Users\GB\AppData\Local\Clavier+\Clavier.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe
(Privado Networks LLC -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Pas de fichier)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470240 2011-02-24] (Acronis, Inc -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [AntDM] => C:\Program Files (x86)\Ant Download Manager\AntDM.exe [4805120 2021-02-01] (AntGROUP) [Fichier non signé]
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [Clavier+] => C:\Users\GB\AppData\Local\Clavier+\Clavier.exe [113664 2013-11-09] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé]
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\GB\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2152704 2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.33.106\Installer\chrmstp.exe [2021-12-14] (Brave Software, Inc. -> Brave Software, Inc.)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll [209128 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll [182592 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2021-12-16] () <==== ATTENTION [zéro octet Fichier/Dossier]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01AD4F7E-C704-4395-BD51-BA6DAD5AE88B} - System32\Tasks\UAC pass\Everything - Chercher tout => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
Task: {1EE0A153-EE32-4CAB-A02E-56D72DCBAE1D} - System32\Tasks\UAC pass\Everything => C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
Task: {3F1F4E53-0F5D-4581-B7B7-2B5AC148BC8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {451503F0-5D8A-4C6D-86FE-1D9646276301} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BE115DC-0677-45FD-A9E3-5DB0A3917F9B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {60AF1C0C-CC7C-45B7-9C1F-57997F248D5D} - System32\Tasks\UAC pass\Start Unlocker => C:\Program Files\Unlocker\Unlocker.exe [124928 2013-01-10] () [Fichier non signé]
Task: {7BAB94C9-D6CB-4B29-83B9-6CC36A5DAF9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DC49D08-50A3-4C26-B859-D98E53E75460} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A24FAD-4C8B-43C2-BB4B-912A5F0974B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F19189FC-5A4A-4F05-A178-94E19D2FD681} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6D31591-F72C-4B28-B091-EE755C35AAB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [{04EB05DB-775B-455D-BFF8-ADBD7D21C2CC}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{8E53D485-A2AD-4306-A437-A9075F0649BD}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{A2A4BCCC-029B-4268-9FE3-3F02FA1B2170}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{AB219EAB-41DE-4849-9D74-3A32C720E71D}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{F9EB665E-538C-40D1-A182-C424CE2B8462}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{FDD90F17-3AFD-406F-B6A9-ECBDF9858A45}] => hxxp://127.0.0.1:86/
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{0bdad731-d15e-fdbd-efa0-a46c3dda2dc7}: [NameServer] 198.18.0.1,198.18.0.2
Tcpip\..\Interfaces\{1a6b1ee8-8fa1-4af1-9942-52db6ea5735f}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{634039EC-05BF-4716-A567-C4B5C106BFE7}: [NameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{7486506b-1fed-46ef-9e27-c66c4c165a8a}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip\..\Interfaces\{7486506b-1fed-46ef-9e27-c66c4c165a8a}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a97c2990-2925-4631-9a9c-90ea30c69290}: [DhcpNameServer] 198.18.0.1 198.18.0.2
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\GB\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-22]
Edge HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
FireFox:
========
FF DefaultProfile: 3kn31g63.default
FF ProfilePath: C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default [2021-08-21]
FF Extension: (Dictionnaire français) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2021-05-02]
FF Extension: (Français Language Pack) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-05-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js [2018-11-08] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\cck2.cfg [2018-11-08] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default [2021-12-22]
CHR Extension: (Slides) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-05]
CHR Extension: (Docs) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-05]
CHR Extension: (Google Drive) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-05]
CHR Extension: (YouTube) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-05]
CHR Extension: (Sheets) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-05]
CHR Extension: (Google Docs hors connexion) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-04]
CHR Extension: (IDM Integration Module) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-02-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable [2021-10-14]
OPR DefaultSuggestURL: Opera Stable -> hxxps://suggest.yandex.ru/suggest-ya.cgi?v=4&part={searchTerms}&l10n={language}
OPR Extension: (Rich Hints Agent) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-10]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-26]
Brave:
=======
BRA Profile: C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-12-24]
BRA Extension: (Google Traduction) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-21]
BRA Extension: (Privacy Pass) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajhmfdgkijocedmfjonnpjfojldioehi [2021-11-16]
BRA Extension: (CookiesBlock - cookie pop-ups) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajkknbgennjgacpfbhdobipfhhikbldg [2021-11-09]
BRA Extension: (Video Downloader professional) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2021-01-07]
BRA Extension: (Sidewise Tree Style Tabs) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\biiammgklaefagjclmnlialkmaemifgo [2021-03-14]
BRA Extension: (Download with Ant Download Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dalgiebmfcjackkbjfbfmlnflbdfbekj [2021-03-17]
BRA Extension: (Helium Backup) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2020-12-05]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-12-16]
BRA Extension: (Bloqueur vidéo) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kkgpdmegkhdheglikjleejknplhdpbck [2021-12-16]
BRA Extension: (The Flash Video Downloader) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmieilamoollaknppoffbmdgdcolcafa [2021-10-02]
BRA Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-28]
BRA Extension: (My IP address) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\monhkdcehmbdgkhgpccaccbbcgcfpjkd [2020-12-05]
BRA Extension: (Smallpdf - Éditez et convertissez des PDF) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2021-12-16]
BRA Extension: (Thème de l'espace profond en noir) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pembcnmmbjikdbodfllkkkdaegalobbj [2021-01-06]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-10-15]
BRA Extension: (Brave NTP background images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2021-12-16]
BRA Extension: (Wallet Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2021-12-03]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-12-24]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-12-24]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-09-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-12-24]
BRA Extension: (Crypto Wallets) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-12-05]
BRA Extension: (PDF Viewer) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2020-12-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-12-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc. -> Apple Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-12-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
S3 DellFFDPWmiService; C:\Windows\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-01] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-20] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Fichier non signé]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Fichier non signé]
R2 PrivadoVPN.Service; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe [58544 2021-12-14] (Privado Networks LLC -> Privado Networks AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-02] (Miroslav Topolar -> Mister Group)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WireGuardTunnel$PrivadoVPN; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe [19120 2021-12-14] (Privado Networks LLC -> Privado Networks AG)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 cbfs20; C:\Windows\System32\drivers\cbfs20.sys [433168 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R1 googledrivefs3688; C:\Windows\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [29096 2020-08-21] (Hewlett-Packard Company -> Hewlett Packard)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-22] (Malwarebytes Inc -> Malwarebytes)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-02-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-12-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-22 15:29 - 2021-12-22 15:36 - 000000000 ____D C:\AdwCleaner
2021-12-22 10:19 - 2021-12-22 10:19 - 000000000 ____D C:\Users\GB\AppData\Roaming\27304
2021-12-22 10:05 - 2021-12-22 10:05 - 000029680 _____ (WireGuard LLC) C:\Windows\system32\Drivers\wintun.sys
2021-12-21 19:38 - 2021-12-21 22:15 - 000000000 ____D C:\Windows\system32\appmgmt
2021-12-21 15:39 - 2021-12-24 14:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3823513517-4018291188-4233142150-1001
2021-12-21 15:39 - 2021-12-24 14:08 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3823513517-4018291188-4233142150-1001
2021-12-20 20:26 - 2021-12-14 07:44 - 000381456 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3688.sys
2021-12-20 19:37 - 2021-12-22 09:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-12-20 19:03 - 2021-12-20 19:03 - 000019782 _____ C:\malwarbytes compte rendu01.txt
2021-12-20 18:22 - 2021-12-22 17:31 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-12-20 18:22 - 2021-12-20 18:22 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-20 18:22 - 2021-12-20 18:22 - 000000000 ____D C:\Users\GB\AppData\Local\mbam
2021-12-20 18:21 - 2021-12-20 18:21 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-12-20 18:21 - 2021-12-20 18:20 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-12-20 18:19 - 2021-12-20 18:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-20 18:19 - 2021-12-20 18:19 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-19 17:43 - 2021-12-19 17:43 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-19 17:43 - 2021-12-19 17:43 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-16 19:08 - 2021-12-16 19:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2016 Edition Standard FR
2021-12-16 09:20 - 2021-12-16 09:20 - 000000000 ____D C:\Windows\SystemTemp
2021-12-15 21:11 - 2021-12-15 21:11 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-15 21:11 - 2021-12-15 21:11 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-15 21:10 - 2021-12-15 21:10 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-15 21:10 - 2021-12-15 21:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-15 20:34 - 2021-12-15 20:34 - 000000000 ___HD C:\$WinREAgent
2021-12-15 18:40 - 2021-12-15 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivadoVPN
2021-12-10 10:21 - 2021-12-10 10:21 - 000000017 _____ C:\Users\GB\AppData\Local\resmon.resmoncfg
2021-12-07 18:31 - 2021-12-07 18:31 - 000000000 ____D C:\Users\GB\AppData\Roaming\MusE
2021-12-07 18:31 - 2021-12-07 18:31 - 000000000 ____D C:\Users\GB\AppData\Local\MusE
2021-12-07 18:30 - 2021-12-07 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore 1.0
2021-12-07 18:30 - 2021-12-07 18:30 - 000000000 ____D C:\Program Files (x86)\MuseScore
2021-11-17 10:17 - 2021-11-17 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2021-11-17 10:17 - 2021-11-17 10:17 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2021-11-17 10:16 - 2021-11-17 10:18 - 000000000 ____D C:\Users\GB\AppData\Roaming\DVDVideoSoft
2021-11-10 07:49 - 2021-11-10 07:49 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-09 20:33 - 2021-11-09 20:33 - 000000000 _____ C:\ProgramData\UpdateLock-8216C80C92C4E828
2021-10-28 15:37 - 2021-10-28 15:39 - 000000000 ____D C:\Users\GB\AppData\Local\DocumentScanner
2021-10-28 09:48 - 2021-10-28 09:48 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documalis Free PDF Scanner.lnk
2021-10-28 09:47 - 2021-10-28 09:47 - 000000000 ____D C:\Program Files (x86)\Documalis
2021-10-25 14:47 - 2021-10-25 14:47 - 000000000 ____D C:\Users\GB\AppData\Local\Wondershare
2021-10-25 14:46 - 2021-10-25 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2021-10-25 14:46 - 2021-10-25 14:47 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2021-10-25 14:46 - 2021-10-25 14:46 - 000000000 ____D C:\Program Files\iSkysoft
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ C:\Program Files\Meteorite.exe
2021-10-24 11:23 - 2021-10-24 11:23 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-24 11:23 - 2021-10-24 11:23 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-13 10:05 - 2021-10-13 10:05 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-13 10:05 - 2021-10-13 10:05 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-13 10:05 - 2021-10-13 10:05 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-13 10:04 - 2021-10-13 10:04 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-13 10:03 - 2021-10-13 10:03 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-24 14:59 - 2021-03-18 19:09 - 000000000 ____D C:\FRST
2021-12-24 14:56 - 2021-01-31 16:33 - 000000000 ____D C:\Users\GB\AppData\Roaming\vlc
2021-12-24 14:47 - 2021-03-18 18:30 - 000000000 ____D C:\Users\GB\AppData\Roaming\ZHP
2021-12-24 14:30 - 2020-12-05 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-24 14:08 - 2020-12-05 14:59 - 000002465 _____ C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-24 14:04 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\PrivadoVPN
2021-12-24 14:04 - 2020-09-27 06:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-22 20:35 - 2020-12-05 14:50 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-22 20:35 - 2019-12-07 15:50 - 000756494 _____ C:\Windows\system32\perfh00C.dat
2021-12-22 20:35 - 2019-12-07 15:50 - 000142264 _____ C:\Windows\system32\perfc00C.dat
2021-12-22 20:35 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-22 20:05 - 2020-12-05 15:18 - 000000000 ____D C:\Users\GB\AppData\Roaming\Everything
2021-12-22 18:53 - 2020-12-07 19:58 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-22 18:51 - 2020-12-07 20:01 - 000000000 ____D C:\Users\GB\AppData\LocalLow\Mozilla
2021-12-22 18:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-22 18:29 - 2020-12-12 14:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-22 18:29 - 2020-09-27 08:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-22 18:29 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-22 17:36 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-22 17:35 - 2020-12-05 16:28 - 000000000 ____D C:\Users\GB\AppData\Local\Everything
2021-12-22 12:30 - 2020-12-12 18:20 - 000000000 ____D C:\Users\GB\AppData\Local\CrashDumps
2021-12-22 10:27 - 2021-08-09 12:58 - 000000000 ____D C:\Program Files\DVDFab
2021-12-22 10:22 - 2021-03-18 18:30 - 000000000 ____D C:\Users\GB\AppData\Local\ZHP
2021-12-22 10:19 - 2021-08-09 13:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-12-22 10:05 - 2021-09-04 18:11 - 000000000 ____D C:\Program Files (x86)\PrivadoVPN
2021-12-22 09:50 - 2020-12-05 19:03 - 000302704 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-21 19:41 - 2020-12-05 18:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-21 17:53 - 2020-12-26 10:42 - 000000000 ____D C:\Users\GB\AppData\Local\QuickPar
2021-12-20 20:26 - 2021-09-10 18:07 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-12-20 19:02 - 2021-01-21 16:37 - 000000000 ____D C:\Users\GB\MaxxAudioMeters64
2021-12-20 19:02 - 2021-01-04 19:56 - 000000000 ____D C:\Users\GB\AppData\Roaming\Windows Update
2021-12-20 19:02 - 2020-12-27 01:13 - 000000000 ____D C:\Program Files (x86)\DVDFab 9
2021-12-20 18:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-20 18:11 - 2020-12-27 19:19 - 000000000 ____D C:\Joh's Bibli
2021-12-19 19:17 - 2020-12-06 19:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-19 18:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-19 18:03 - 2020-09-27 08:36 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 18:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-19 17:42 - 2021-05-26 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2021-12-16 17:26 - 2021-02-04 17:00 - 000000000 ____D C:\Program Files\CCleaner
2021-12-16 09:46 - 2020-09-27 08:34 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-16 09:20 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-12-16 09:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-15 21:20 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-15 20:28 - 2020-12-07 11:01 - 000000000 ____D C:\Windows\system32\MRT
2021-12-15 20:22 - 2020-12-07 11:00 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-15 18:42 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-15 18:41 - 2021-07-12 12:50 - 000000466 __RSH C:\ProgramData\ntuser.pol
2021-12-14 22:57 - 2020-12-05 17:32 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-12-14 00:04 - 2020-12-05 18:55 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-09 12:03 - 2020-12-05 18:47 - 000001453 _____ C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-12-08 09:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-05 19:10 - 2020-12-27 00:45 - 000000000 ____D C:\Users\GB\AppData\Roaming\dvdcss
2021-12-01 19:20 - 2020-12-05 15:04 - 000000000 ____D C:\Users\GB\AppData\Local\Packages
2021-11-30 17:40 - 2020-12-07 19:03 - 000000000 ____D C:\Users\GB\Downloads\Newshosting
==================== Fichiers à la racine de certains dossiers ========
2021-01-08 02:29 - 2021-01-08 02:29 - 019470392 _____ (TeamViewer) C:\Users\GB\TeamViewerQS.exe
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ () C:\Program Files\Meteorite.exe
2021-08-09 13:01 - 2021-08-09 13:01 - 000000171 _____ () C:\Users\GB\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-12-27 01:08 - 2020-12-27 01:08 - 000007859 _____ () C:\Users\GB\AppData\Roaming\pcouffin.cat
2020-12-27 01:08 - 2020-12-27 01:08 - 000001167 _____ () C:\Users\GB\AppData\Roaming\pcouffin.inf
2020-12-27 01:08 - 2020-12-27 01:08 - 000000055 _____ () C:\Users\GB\AppData\Roaming\pcouffin.log
2020-12-27 01:08 - 2020-12-27 01:08 - 000082816 _____ (VSO Software) C:\Users\GB\AppData\Roaming\pcouffin.sys
2021-03-05 14:03 - 2021-03-05 14:03 - 000156725 _____ () C:\Users\GB\AppData\Roaming\Windows Service.vbs
2021-06-07 13:09 - 2021-06-07 13:09 - 000003584 _____ () C:\Users\GB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-12-10 10:21 - 2021-12-10 10:21 - 000000017 _____ () C:\Users\GB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2019-02-01 23:41 - 2019-02-01 23:41 - 000052224 _____ (HP Inc.) C:\Windows\system32\hpbmiapi.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052736 _____ (HP Inc.) C:\Windows\system32\hpboid.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000012800 _____ (HP Inc.) C:\Windows\system32\hpboidps.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000078848 _____ (HP Inc.) C:\Windows\system32\hpbpro.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000013312 _____ (HP Inc.) C:\Windows\system32\hpbprops.dll
2019-02-01 23:40 - 2019-02-01 23:40 - 000070144 _____ (HP Inc.) C:\Windows\system32\HPBWSDR.DLL
2019-02-01 23:10 - 2019-02-01 23:10 - 000180736 _____ (HP Inc.) C:\Windows\system32\hplbddrv.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000067072 _____ (HP Inc.) C:\Windows\system32\HPZidr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000050688 _____ (HP Inc.) C:\Windows\system32\HPZinw12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000066048 _____ (HP Inc.) C:\Windows\system32\HPZipm12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000047104 _____ (HP Inc.) C:\Windows\system32\HPZipr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000038400 _____ (HP Inc.) C:\Windows\system32\hpzipt12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000024064 _____ (HP Inc.) C:\Windows\system32\hpzisn12.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll
2021-10-25 13:36 - 2011-05-14 00:44 - 001130496 _____ C:\Program Files\Meteorite.exe
2021-08-26 16:56 - 2020-02-20 18:04 - 000931328 __RSH C:\Windows\flvdec.dll
2020-12-15 10:12 - 1999-05-26 09:46 - 000212480 _____ (Eastman Kodak) C:\Windows\pcdlib32.dll
2020-12-15 10:12 - 1996-07-01 00:00 - 000087328 _____ (Twain Working Group) C:\Windows\TWAIN.DLL
2020-12-15 10:12 - 1996-07-01 00:00 - 000048560 _____ (Twain Working Group) C:\Windows\TWUNK_16.EXE
2020-12-15 10:12 - 1998-09-03 18:08 - 000069632 _____ (Twain Working Group) C:\Windows\TWUNK_32.EXE
2020-12-05 18:43 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2021-08-26 17:01 - 2009-09-27 08:39 - 000401920 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2021-08-26 17:01 - 2005-07-14 11:31 - 000032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2021-08-26 17:01 - 2004-02-22 09:11 - 000764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2021-08-26 16:56 - 2004-07-02 17:33 - 000327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2021-08-26 17:01 - 2016-07-12 11:13 - 004646912 ___SH C:\Windows\SysWOW64\ffms2.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000055296 _____ (HP Inc.) C:\Windows\SysWOW64\HPZidr12.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000039424 _____ (HP Inc.) C:\Windows\SysWOW64\HPZipr12.dll
2021-08-26 17:01 - 2004-01-24 23:00 - 000070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libcrypto-1_1.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libssl-1_1.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2020-12-05 18:43 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2021-08-26 16:56 - 2016-09-02 17:50 - 000214016 __RSH (Florin Ghido, florin.ghido@gmail.com) C:\Windows\SysWOW64\OptimFROG.dll
2021-08-26 16:56 - 2004-10-10 09:50 - 000278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2021-08-26 16:56 - 2010-01-07 00:00 - 000107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2020-12-05 18:43 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2021-08-26 16:56 - 2012-10-05 19:54 - 000188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2021-08-26 17:01 - 2004-01-24 23:00 - 000070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
displaymessageoverride StartupRepair
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
nx OptIn
bootmenupolicy Legacy
Chargeur de d‚marrage Windows
-----------------------------
identificateur {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {af88e08a-6fe1-4f37-aae9-62e1d864be23}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{f26c0366-64bc-4e0b-9a8c-440a3af3168d}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{f26c0366-64bc-4e0b-9a8c-440a3af3168d}
systemroot \Windows
detecthal Yes
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {adbb3fa5-355a-11eb-ad0b-c0226f8ab4d9}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {adbb3fa7-355a-11eb-ad0b-c0226f8ab4d9}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {adbb3fa8-355a-11eb-ad0b-c0226f8ab4d9}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {f26c0366-64bc-4e0b-9a8c-440a3af3168d}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
==================== Fin de FRST.txt ========================