Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Exécuté par BK (administrateur) sur HYRFHJ14MO8L2RC (LENOVO 80MJ) (28-02-2022 18:25:38)
Exécuté depuis C:\Users\BK\Downloads\FRST
Profils chargés: BK
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1554681525-92946815-586873948-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1554681525-92946815-586873948-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1554681525-92946815-586873948-1001\...\MountPoints2: {70329800-88b2-11e8-9f11-80a58992973f} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1554681525-92946815-586873948-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1554681525-92946815-586873948-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kl\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-03-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\Windows\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2022-02-07] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-02-18] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F2612F-4210-4CBE-93DF-A8041AC91451} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\realupgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {22E407D5-C4B8-4746-8C6C-DB0747C63CE1} - System32\Tasks\{CDEB7F6A-5543-45E0-A874-29DBF1D4EC42} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {23EB1DCD-5A31-49B6-8F4C-9FA53D95D9B7} - System32\Tasks\{BA80382E-D8C5-474B-A101-56793DF807B6} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {254E9BB7-F266-491B-997C-66D638FC6594} - System32\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {299C84CF-6898-48C4-809B-417E9A2A66FC} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe [1268048 2017-11-29] (RealNetworks, Inc. -> )
Task: {2A85DB84-3C6D-4284-A8F9-B64A1372FC1A} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe [2311216 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {4C7AD304-5A91-4BEB-A5CF-F26F93AEE1B6} - System32\Tasks\{3788DD8D-8376-46E6-860C-57E5714FA705} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F292E16-FEA3-4472-9D01-91BA632BD571} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\realupgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5436B3DA-FCCA-4638-A155-9D483501FF71} - System32\Tasks\pdfforge GmbH\PDF Architect 8\Update => C:\Program Files\PDF Architect 8\architect.exe [3497520 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {6FBC81E4-5FF4-47D9-8D48-F0C41FEDA467} - System32\Tasks\{CD3FB11A-AFDE-4F88-BE2F-DF653AEC2AE9} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {70CC509E-E6A7-49D8-90F3-CC7F8A142F0B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1000 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {76BD18BC-3A78-45C7-B199-A7E5BCBB3AB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-10] (Google Inc -> Google Inc.)
Task: {7B3A5DE0-674A-4E45-A705-4CD47DDF027D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {878FB5D1-D0F5-4981-A75D-1E1631FA78EC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9583DE40-E800-480E-B957-2BA1F46554DF} - System32\Tasks\{7214F160-AF7D-4EDE-95E5-4BE348333CAE} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {A8F4B905-16AC-48FA-9D16-000DD778B3AB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe [959824 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {ACA520F6-9F57-48A5-BF55-7D0E651336A8} - System32\Tasks\CCleanerSkipUAC - un => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BDDC2EC7-E8A2-47FF-B7E0-2E985020807D} - System32\Tasks\{8CCD1A2E-308C-4AD9-BF33-C8170737A976} => C:\Users\BK\Downloads\Avidemux_2.7.5 VC++ 64bits 191005.exe (Pas de fichier)
Task: {C21835F2-476F-4361-83B4-667A8B7D3055} - System32\Tasks\{3931FDD2-3970-4CED-83F8-B8570D8924EE} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {C9E22023-19C2-40ED-9B94-CA88FF9FB3CC} - System32\Tasks\{FF3132D9-AA41-4D22-9E6D-6ABDE65F32EF} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAE559F-58EE-4D0F-9560-DC7E85AB069A} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification Logon => C:\Program Files\PDF Architect 8\architect-launcher.exe [2311216 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {DB038D68-E84A-4E20-9593-3BF3B0B831F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {DBBEC8AA-83E5-47EE-902E-154F174097AB} - System32\Tasks\{88D00418-78A7-41C9-9552-E6231B689FA4} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEB9D06E-D0CF-48DE-A6D1-99E938823BB8} - System32\Tasks\{127476DD-46C2-4089-8CED-C32172FEAF12} => C:\Users\BK\Downloads\Avidemux_2.7.5 VC++ 64bits 191005.exe (Pas de fichier)
Task: {F2A42D07-08B4-472A-8C32-C42E8368F637} - System32\Tasks\{6B88A434-91C3-4FFF-A25F-3CB254321E39} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {FA589336-D39A-4EAF-B21F-8CA0865F2DEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-10] (Google Inc -> Google Inc.)
Task: {FAB862D0-A7BD-4440-BC35-C30B76C8F797} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1000 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {FD0D5E65-B7C1-4B1C-89E9-6D7D05664466} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E1494A5B-15E9-4649-9BEB-8457C3FB9894} /F:UpdateSystèmeĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2FE10156-3457-42EE-971F-DF52F8F8A4FA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2FE10156-3457-42EE-971F-DF52F8F8A4FA}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D4653DA-2823-46BD-A864-DC66C1B385AD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8988F7F5-7875-4AF0-9108-40E3EC14D006}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DBA2B3D5-7F28-4613-8475-EE3576B21B03}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 81bron8m.default-1645995030286
FF ProfilePath: C:\Users\BK\AppData\Roaming\Mozilla\Firefox\Profiles\81bron8m.default-1645995030286 [2022-02-28]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.10.217 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [Pas de fichier]
FF Plugin-x32: @real.com/nprpplugin;version=18.1.10.217 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default [2022-02-26]
CHR Extension: (Slides) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-26]
CHR Extension: (Docs) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-26]
CHR Extension: (Google Drive) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-26]
CHR Extension: (YouTube) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-26]
CHR Extension: (Sheets) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-26]
CHR Extension: (Gmail) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-26]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2015-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-27] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 PDF Architect 8; C:\Program Files\PDF Architect 8\activation-service.exe [3336752 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628272 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Update Service; C:\Program Files\PDF Architect 8\update-service.exe [382000 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [37104 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
S4 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [989912 2018-02-09] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-02-27] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U1 aswbdisk; pas de ImagePath
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-28 18:01 - 2022-02-28 18:13 - 000000908 _____ C:\Users\BK\Desktop\ZHPFix.txt
2022-02-28 18:00 - 2022-02-28 18:00 - 000351747 _____ C:\Users\BK\Desktop\ZHPDiag.html
2022-02-28 18:00 - 2022-02-28 18:00 - 000287120 _____ C:\Users\BK\Desktop\ZHPDiag.txt
2022-02-28 17:42 - 2022-02-28 17:42 - 003479704 _____ (Nicolas Coolman) C:\Users\BK\Downloads\ZHPSuite.exe
2022-02-27 22:59 - 2022-02-28 17:40 - 000000000 ____D C:\Users\BK\Documents\DESINFECTION
2022-02-27 15:31 - 2022-02-27 15:31 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-27 15:30 - 2022-02-27 15:30 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-02-27 15:29 - 2022-02-27 15:26 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-02-27 15:25 - 2022-02-27 15:26 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-27 15:22 - 2022-02-27 15:22 - 002412728 _____ (Malwarebytes) C:\Users\BK\Downloads\malwarebytes_4-5-4_fr_215092.exe
2022-02-27 14:09 - 2022-02-27 14:09 - 000008286 _____ C:\Users\BK\Documents\CrystalDiskInfo_20220227140939.txt
2022-02-27 14:00 - 2022-02-27 14:00 - 000001781 _____ C:\Users\BK\Desktop\CrystalDiskInfo (64bit).lnk
2022-02-26 20:22 - 2022-02-26 20:22 - 001343320 _____ (Google LLC) C:\Users\BK\Downloads\ChromeSetup.exe
2022-02-26 19:37 - 2022-02-26 19:39 - 000000000 ____D C:\AdwCleaner
2022-02-26 19:34 - 2022-02-26 19:35 - 008540344 _____ (Malwarebytes) C:\Users\BK\Downloads\adwcleaner_8.3.1.exe
2022-02-26 18:46 - 2022-02-28 18:13 - 000000000 ____D C:\Users\BK\AppData\Roaming\ZHP
2022-02-26 18:46 - 2022-02-28 17:43 - 000000000 ____D C:\Users\BK\AppData\Local\ZHP
2022-02-26 14:13 - 2022-02-26 14:13 - 000000000 ____D C:\Users\un\AppData\Local\CEF
2022-02-25 11:50 - 2022-02-28 18:18 - 000000000 ____D C:\Users\BK\Downloads\FRST
2022-02-25 11:50 - 2022-02-25 11:51 - 000000000 ____D C:\Users\BK\Downloads\ZHP
2022-02-25 11:21 - 2022-02-28 18:26 - 000000000 ____D C:\FRST
2022-02-24 09:59 - 2022-02-24 10:00 - 003284632 _____ (Nicolas Coolman) C:\Users\un\Downloads\ZHPDiag3.exe
2022-02-23 17:15 - 2022-02-23 17:20 - 000000000 ____D C:\Program Files\PDF Architect 8
2022-02-23 17:15 - 2022-02-23 17:15 - 000000000 ____D C:\Users\un\Documents\PDF Architect
2022-02-22 07:46 - 2022-02-22 07:46 - 000002994 _____ C:\Windows\system32\Tasks\{CDEB7F6A-5543-45E0-A874-29DBF1D4EC42}
2022-02-22 07:45 - 2022-02-22 07:45 - 000002994 _____ C:\Windows\system32\Tasks\{BA80382E-D8C5-474B-A101-56793DF807B6}
2022-02-22 07:42 - 2022-02-22 07:42 - 000002994 _____ C:\Windows\system32\Tasks\{FF3132D9-AA41-4D22-9E6D-6ABDE65F32EF}
2022-02-22 07:40 - 2022-02-22 07:40 - 000002992 _____ C:\Windows\system32\Tasks\{6B88A434-91C3-4FFF-A25F-3CB254321E39}
2022-02-22 07:40 - 2022-02-22 07:40 - 000002992 _____ C:\Windows\system32\Tasks\{3931FDD2-3970-4CED-83F8-B8570D8924EE}
2022-02-22 07:38 - 2022-02-22 07:38 - 000002992 _____ C:\Windows\system32\Tasks\{7214F160-AF7D-4EDE-95E5-4BE348333CAE}
2022-02-22 07:34 - 2022-02-22 07:34 - 000002994 _____ C:\Windows\system32\Tasks\{3788DD8D-8376-46E6-860C-57E5714FA705}
2022-02-22 07:33 - 2022-02-22 07:33 - 000002994 _____ C:\Windows\system32\Tasks\{CD3FB11A-AFDE-4F88-BE2F-DF653AEC2AE9}
2022-02-22 07:33 - 2022-02-22 07:33 - 000002994 _____ C:\Windows\system32\Tasks\{88D00418-78A7-41C9-9552-E6231B689FA4}
2022-02-20 12:29 - 2022-02-20 12:32 - 000000000 ____D C:\Users\BK\Documents\CV LM Brigitte
2022-02-19 18:35 - 2022-02-26 18:46 - 000001280 _____ C:\Users\BK\Desktop\ZHPCleaner - Raccourci.lnk
2022-02-19 10:07 - 2022-02-19 14:05 - 000003354 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001
2022-02-19 10:07 - 2022-02-19 14:05 - 000003214 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1001
2022-02-19 09:58 - 2022-02-24 09:06 - 000010168 _____ C:\Users\un\Desktop\ZHPCleaner (R).html
2022-02-19 09:55 - 2022-02-24 09:40 - 000008995 _____ C:\Users\un\Desktop\ZHPCleaner (S).html
2022-02-18 14:34 - 2022-02-18 14:34 - 000000000 ____D C:\Users\BK\AppData\Local\pdfforge
2022-02-18 14:32 - 2022-02-18 14:32 - 000181248 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2022-02-18 14:30 - 2022-02-18 14:30 - 000000668 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-02-18 14:26 - 2022-02-18 14:34 - 000000000 ____D C:\Program Files\PDFCreator
2022-02-18 14:22 - 2022-02-18 14:22 - 040681792 _____ (pdfforge GmbH) C:\Users\BK\Downloads\PDFCreator-4_4_1-Setup.exe
2022-02-18 13:28 - 2022-02-18 13:28 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2022-02-18 12:30 - 2022-02-18 12:30 - 000000000 ____D C:\Users\un\AppData\Roaming\PDF Architect 7
2022-02-17 18:12 - 2022-02-17 18:12 - 000488702 ____R C:\Users\BK\Documents\appel_loyer_20220301_20220331.pdf
2022-02-17 18:09 - 2022-02-18 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-02-17 12:39 - 2022-02-28 10:29 - 000000000 ____D C:\Users\BK\Desktop\Captvty
2022-02-17 12:39 - 2022-02-17 12:39 - 000001014 _____ C:\Users\BK\Desktop\Captvty - Raccourci.lnk
2022-02-17 12:27 - 2022-02-17 12:28 - 047627853 _____ (Oleg N. Scherbakov) C:\Users\BK\Downloads\captvty-2.9.6.5-autoextract.exe
2022-02-17 09:55 - 2022-02-17 09:55 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - un
2022-02-17 09:54 - 2022-02-17 09:54 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-17 09:54 - 2022-02-17 09:54 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-02-17 09:53 - 2022-02-28 17:41 - 000000000 ____D C:\Program Files\CCleaner
2022-02-17 09:46 - 2022-02-17 09:47 - 036738144 _____ (Piriform Software Ltd) C:\Users\BK\Downloads\ccsetup590_pro_trial(1).exe
2022-02-17 09:06 - 2022-02-17 09:06 - 036738144 _____ (Piriform Software Ltd) C:\Users\BK\Downloads\ccsetup590_pro_trial.exe
2022-02-16 19:27 - 2022-02-16 19:27 - 000300584 ____R C:\Users\BK\Documents\2620697120387.PDF
2022-02-12 19:29 - 2022-02-12 19:29 - 000000000 ____D C:\Users\un\AppData\Local\pdfforge
2022-02-09 09:12 - 2022-02-09 09:15 - 000000000 ____D C:\Users\BK\Documents\KANGUKA USB
2022-02-08 09:10 - 2022-02-08 09:10 - 000483508 ____R C:\Users\BK\Documents\PDFarchitecte_DesactivationPopPup.pdf
2022-02-07 21:05 - 2022-02-07 21:05 - 000000000 ____D C:\Windows\system32\Tasks\pdfforge GmbH
2022-02-07 21:02 - 2022-02-07 21:02 - 000000000 ____D C:\Users\un\AppData\Roaming\PDF Architect 8
2022-02-07 20:09 - 2022-02-07 20:09 - 000000036 ____R C:\Users\BK\Documents\Carte-TP_000000600818472_2022-02-07_.pdf
2022-02-06 11:57 - 2022-02-06 11:57 - 000078154 ____R C:\Users\BK\Documents\2-_Les_poids_et_mesures_liste_histoire.pdf
2022-02-02 08:07 - 2022-02-02 08:08 - 004703951 ____R C:\Users\BK\Documents\Bail Toulouse.pdf
2022-01-31 09:38 - 2022-02-11 13:31 - 000000000 ____D C:\Users\BK\Documents\GMF
2022-01-31 09:38 - 2022-01-31 09:38 - 000000000 ____D C:\Users\BK\Documents\ASSU 2000
2022-01-31 08:45 - 2022-01-31 08:45 - 000426483 ____R C:\Users\BK\Documents\faktablad-kokning-av-dricksvatten-franska.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-28 18:14 - 2022-01-28 09:14 - 000000913 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894}.job
2022-02-28 17:50 - 2018-02-09 10:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-28 17:50 - 2009-07-14 05:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-02-28 17:50 - 2009-07-14 05:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-02-28 17:41 - 2017-01-13 08:37 - 000000000 ____D C:\Users\BK\AppData\LocalLow\Mozilla
2022-02-28 17:40 - 2021-07-08 10:15 - 000000000 ____D C:\Users\BK\AppData\Roaming\PDF Architect 8
2022-02-28 17:39 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-28 17:36 - 2016-10-17 18:46 - 000000000 __SHD C:\Users\BK\IntelGraphicsProfiles
2022-02-28 17:33 - 2019-09-04 01:25 - 000000000 ____D C:\Windows\pss
2022-02-28 17:30 - 2017-11-15 10:19 - 000003952 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{7D3FB350-C307-4230-9249-61966EC07EA7}
2022-02-28 11:08 - 2011-04-12 10:16 - 000747894 _____ C:\Windows\system32\perfh00C.dat
2022-02-28 11:08 - 2011-04-12 10:16 - 000150386 _____ C:\Windows\system32\perfc00C.dat
2022-02-28 11:08 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-28 11:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-02-27 21:50 - 2017-11-15 10:32 - 000000000 ____D C:\Users\BK\Desktop\Anciennes données de Firefox
2022-02-26 14:13 - 2016-10-23 22:33 - 000000000 ____D C:\Users\un\AppData\Local\Adobe
2022-02-26 14:01 - 2016-10-17 17:53 - 000000000 __SHD C:\Users\un\IntelGraphicsProfiles
2022-02-26 11:37 - 2021-08-06 14:55 - 000000000 ____D C:\Users\BK\Documents\DEPENSES RECETTES
2022-02-26 11:24 - 2020-08-20 16:12 - 000000000 ____D C:\Users\BK\AppData\Local\CrashDumps
2022-02-25 11:07 - 2019-11-27 18:20 - 000000000 ____D C:\Users\un\AppData\Roaming\ZHP
2022-02-25 10:50 - 2019-11-27 18:20 - 000000000 ____D C:\Users\un\AppData\Local\ZHP
2022-02-25 08:49 - 2020-05-26 20:34 - 000000000 ____D C:\Users\BK\Documents\PENSION RETRAITE DIVERS
2022-02-23 17:33 - 2021-04-08 06:58 - 000000000 ____D C:\Users\BK\Documents\DIVERS
2022-02-23 17:19 - 2021-07-08 09:17 - 000000800 _____ C:\Users\Public\Desktop\PDF Architect 8.lnk
2022-02-23 16:14 - 2021-01-13 18:38 - 000000000 ____D C:\Users\un\AppData\Local\CrashDumps
2022-02-23 15:07 - 2021-12-09 10:39 - 000000000 ____D C:\Users\BK\AppData\Roaming\vlc
2022-02-23 14:18 - 2016-10-17 17:32 - 000087392 _____ C:\Users\un\AppData\Local\GDIPFONTCACHEV1.DAT
2022-02-22 20:16 - 2018-12-26 17:23 - 000000000 ____D C:\Users\BK\Documents\EDF
2022-02-22 20:11 - 2016-10-17 18:47 - 000087392 _____ C:\Users\BK\AppData\Local\GDIPFONTCACHEV1.DAT
2022-02-22 20:07 - 2009-07-14 05:45 - 000346568 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-22 19:55 - 2011-04-12 10:28 - 000000000 ____D C:\Windows\ShellNew
2022-02-22 19:55 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2022-02-22 19:40 - 2017-01-28 15:46 - 000000000 ____D C:\Users\BK\Documents\BIBLE
2022-02-22 08:04 - 2016-11-27 12:27 - 001644652 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-20 21:25 - 2017-09-18 17:11 - 000000000 ____D C:\Users\un\AppData\Local\ElevatedDiagnostics
2022-02-20 15:25 - 2021-06-25 09:21 - 000000000 ____D C:\Users\BK\Documents\MUTULLE CMPS Complète
2022-02-18 13:34 - 2016-11-02 19:43 - 000000000 ____D C:\Users\BK\AppData\Local\Adobe
2022-02-18 13:32 - 2020-01-15 11:10 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-18 12:42 - 2017-11-15 09:50 - 000000000 ____D C:\Windows\system32\appmgmt
2022-02-18 09:39 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-18 08:59 - 2021-11-02 17:46 - 000000000 ____D C:\Users\BK\Documents\SOLANGE
2022-02-18 08:56 - 2021-10-06 07:37 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-02-17 18:18 - 2019-10-10 18:16 - 000000000 ____D C:\Users\BK\Documents\LOYER
2022-02-17 12:41 - 2022-01-26 20:45 - 000000000 ____D C:\Users\un\Desktop\Captvty
2022-02-17 12:40 - 2016-10-17 16:53 - 000000000 ____D C:\Users\un
2022-02-17 10:51 - 2021-12-16 12:26 - 000000000 ____D C:\Users\BK\Documents\CLAUDE
2022-02-17 10:06 - 2021-01-02 12:47 - 000001003 _____ C:\Users\Public\Desktop\Audacity.lnk
2022-02-17 10:06 - 2021-01-02 12:47 - 000000000 ____D C:\Program Files (x86)\Audacity
2022-02-16 19:18 - 2021-04-18 09:29 - 000000000 ____D C:\Users\BK\Documents\COMMANDES
2022-02-14 13:49 - 2021-01-14 12:05 - 000000000 ____D C:\Users\BK\AppData\Roaming\avidemux
2022-02-11 13:14 - 2019-01-06 17:31 - 000000000 ____D C:\Users\BK\Documents\ASSURANCE 2000
2022-02-09 10:38 - 2016-12-26 06:27 - 000000000 ____D C:\Windows\system32\MRT
2022-02-09 09:46 - 2016-12-26 06:27 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-03 14:54 - 2017-06-12 07:41 - 000000000 ____D C:\Users\BK\Documents\RECETTES
2022-02-03 14:44 - 2019-11-19 18:49 - 000000000 ____D C:\Users\BK\dwhelper
2022-01-31 09:41 - 2021-06-14 10:55 - 000000000 ____D C:\Users\BK\Documents\BANQUES
2022-01-30 20:20 - 2021-06-11 17:02 - 000000000 ____D C:\Users\BK\Documents\SURENDETTEMENT
==================== Fichiers à la racine de certains dossiers ========
2018-02-09 10:26 - 2018-02-09 10:26 - 007649280 _____ () C:\Program Files (x86)\GUTA333.tmp
2019-07-20 23:50 - 2020-04-26 16:35 - 000003584 _____ () C:\Users\BK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-07-31 09:36 - 2019-07-31 09:36 - 000000017 _____ () C:\Users\BK\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-02-26 09:02
==================== Fin de FRST.txt ========================
Exécuté par BK (administrateur) sur HYRFHJ14MO8L2RC (LENOVO 80MJ) (28-02-2022 18:25:38)
Exécuté depuis C:\Users\BK\Downloads\FRST
Profils chargés: BK
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1554681525-92946815-586873948-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1554681525-92946815-586873948-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1554681525-92946815-586873948-1001\...\MountPoints2: {70329800-88b2-11e8-9f11-80a58992973f} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1554681525-92946815-586873948-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1554681525-92946815-586873948-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\kl\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-03-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\Windows\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2022-02-07] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [181248 2022-02-18] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F2612F-4210-4CBE-93DF-A8041AC91451} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\realupgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {22E407D5-C4B8-4746-8C6C-DB0747C63CE1} - System32\Tasks\{CDEB7F6A-5543-45E0-A874-29DBF1D4EC42} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {23EB1DCD-5A31-49B6-8F4C-9FA53D95D9B7} - System32\Tasks\{BA80382E-D8C5-474B-A101-56793DF807B6} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {254E9BB7-F266-491B-997C-66D638FC6594} - System32\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {299C84CF-6898-48C4-809B-417E9A2A66FC} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe [1268048 2017-11-29] (RealNetworks, Inc. -> )
Task: {2A85DB84-3C6D-4284-A8F9-B64A1372FC1A} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification => C:\Program Files\PDF Architect 8\architect-launcher.exe [2311216 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {4C7AD304-5A91-4BEB-A5CF-F26F93AEE1B6} - System32\Tasks\{3788DD8D-8376-46E6-860C-57E5714FA705} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F292E16-FEA3-4472-9D01-91BA632BD571} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\realupgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5436B3DA-FCCA-4638-A155-9D483501FF71} - System32\Tasks\pdfforge GmbH\PDF Architect 8\Update => C:\Program Files\PDF Architect 8\architect.exe [3497520 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {6FBC81E4-5FF4-47D9-8D48-F0C41FEDA467} - System32\Tasks\{CD3FB11A-AFDE-4F88-BE2F-DF653AEC2AE9} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {70CC509E-E6A7-49D8-90F3-CC7F8A142F0B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1000 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {76BD18BC-3A78-45C7-B199-A7E5BCBB3AB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-10] (Google Inc -> Google Inc.)
Task: {7B3A5DE0-674A-4E45-A705-4CD47DDF027D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {878FB5D1-D0F5-4981-A75D-1E1631FA78EC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9583DE40-E800-480E-B957-2BA1F46554DF} - System32\Tasks\{7214F160-AF7D-4EDE-95E5-4BE348333CAE} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {A8F4B905-16AC-48FA-9D16-000DD778B3AB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe [959824 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {ACA520F6-9F57-48A5-BF55-7D0E651336A8} - System32\Tasks\CCleanerSkipUAC - un => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BDDC2EC7-E8A2-47FF-B7E0-2E985020807D} - System32\Tasks\{8CCD1A2E-308C-4AD9-BF33-C8170737A976} => C:\Users\BK\Downloads\Avidemux_2.7.5 VC++ 64bits 191005.exe (Pas de fichier)
Task: {C21835F2-476F-4361-83B4-667A8B7D3055} - System32\Tasks\{3931FDD2-3970-4CED-83F8-B8570D8924EE} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {C9E22023-19C2-40ED-9B94-CA88FF9FB3CC} - System32\Tasks\{FF3132D9-AA41-4D22-9E6D-6ABDE65F32EF} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAE559F-58EE-4D0F-9560-DC7E85AB069A} - System32\Tasks\pdfforge GmbH\PDF Architect 8\App Notification Logon => C:\Program Files\PDF Architect 8\architect-launcher.exe [2311216 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
Task: {DB038D68-E84A-4E20-9593-3BF3B0B831F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {DBBEC8AA-83E5-47EE-902E-154F174097AB} - System32\Tasks\{88D00418-78A7-41C9-9552-E6231B689FA4} => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1432192 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEB9D06E-D0CF-48DE-A6D1-99E938823BB8} - System32\Tasks\{127476DD-46C2-4089-8CED-C32172FEAF12} => C:\Users\BK\Downloads\Avidemux_2.7.5 VC++ 64bits 191005.exe (Pas de fichier)
Task: {F2A42D07-08B4-472A-8C32-C42E8368F637} - System32\Tasks\{6B88A434-91C3-4FFF-A25F-3CB254321E39} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {FA589336-D39A-4EAF-B21F-8CA0865F2DEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-10] (Google Inc -> Google Inc.)
Task: {FAB862D0-A7BD-4440-BC35-C30B76C8F797} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1000 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [135504 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {FD0D5E65-B7C1-4B1C-89E9-6D7D05664466} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E1494A5B-15E9-4649-9BEB-8457C3FB9894} /F:UpdateSystèmeĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2FE10156-3457-42EE-971F-DF52F8F8A4FA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2FE10156-3457-42EE-971F-DF52F8F8A4FA}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D4653DA-2823-46BD-A864-DC66C1B385AD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8988F7F5-7875-4AF0-9108-40E3EC14D006}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DBA2B3D5-7F28-4613-8475-EE3576B21B03}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 81bron8m.default-1645995030286
FF ProfilePath: C:\Users\BK\AppData\Roaming\Mozilla\Firefox\Profiles\81bron8m.default-1645995030286 [2022-02-28]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.10.217 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [Pas de fichier]
FF Plugin-x32: @real.com/nprpplugin;version=18.1.10.217 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default [2022-02-26]
CHR Extension: (Slides) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-26]
CHR Extension: (Docs) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-26]
CHR Extension: (Google Drive) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-26]
CHR Extension: (YouTube) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-26]
CHR Extension: (Sheets) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-26]
CHR Extension: (Gmail) - C:\Users\BK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-26]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2015-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-27] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 PDF Architect 8; C:\Program Files\PDF Architect 8\activation-service.exe [3336752 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628272 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 8 Update Service; C:\Program Files\PDF Architect 8\update-service.exe [382000 2022-02-21] (pdfforge GmbH -> pdfforge GmbH)
S4 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [37104 2017-11-29] (RealNetworks, Inc. -> RealNetworks, Inc.)
S4 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [989912 2018-02-09] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-02-27] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U1 aswbdisk; pas de ImagePath
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-28 18:01 - 2022-02-28 18:13 - 000000908 _____ C:\Users\BK\Desktop\ZHPFix.txt
2022-02-28 18:00 - 2022-02-28 18:00 - 000351747 _____ C:\Users\BK\Desktop\ZHPDiag.html
2022-02-28 18:00 - 2022-02-28 18:00 - 000287120 _____ C:\Users\BK\Desktop\ZHPDiag.txt
2022-02-28 17:42 - 2022-02-28 17:42 - 003479704 _____ (Nicolas Coolman) C:\Users\BK\Downloads\ZHPSuite.exe
2022-02-27 22:59 - 2022-02-28 17:40 - 000000000 ____D C:\Users\BK\Documents\DESINFECTION
2022-02-27 15:31 - 2022-02-27 15:31 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-27 15:30 - 2022-02-27 15:30 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-02-27 15:29 - 2022-02-27 15:26 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-02-27 15:25 - 2022-02-27 15:26 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-27 15:22 - 2022-02-27 15:22 - 002412728 _____ (Malwarebytes) C:\Users\BK\Downloads\malwarebytes_4-5-4_fr_215092.exe
2022-02-27 14:09 - 2022-02-27 14:09 - 000008286 _____ C:\Users\BK\Documents\CrystalDiskInfo_20220227140939.txt
2022-02-27 14:00 - 2022-02-27 14:00 - 000001781 _____ C:\Users\BK\Desktop\CrystalDiskInfo (64bit).lnk
2022-02-26 20:22 - 2022-02-26 20:22 - 001343320 _____ (Google LLC) C:\Users\BK\Downloads\ChromeSetup.exe
2022-02-26 19:37 - 2022-02-26 19:39 - 000000000 ____D C:\AdwCleaner
2022-02-26 19:34 - 2022-02-26 19:35 - 008540344 _____ (Malwarebytes) C:\Users\BK\Downloads\adwcleaner_8.3.1.exe
2022-02-26 18:46 - 2022-02-28 18:13 - 000000000 ____D C:\Users\BK\AppData\Roaming\ZHP
2022-02-26 18:46 - 2022-02-28 17:43 - 000000000 ____D C:\Users\BK\AppData\Local\ZHP
2022-02-26 14:13 - 2022-02-26 14:13 - 000000000 ____D C:\Users\un\AppData\Local\CEF
2022-02-25 11:50 - 2022-02-28 18:18 - 000000000 ____D C:\Users\BK\Downloads\FRST
2022-02-25 11:50 - 2022-02-25 11:51 - 000000000 ____D C:\Users\BK\Downloads\ZHP
2022-02-25 11:21 - 2022-02-28 18:26 - 000000000 ____D C:\FRST
2022-02-24 09:59 - 2022-02-24 10:00 - 003284632 _____ (Nicolas Coolman) C:\Users\un\Downloads\ZHPDiag3.exe
2022-02-23 17:15 - 2022-02-23 17:20 - 000000000 ____D C:\Program Files\PDF Architect 8
2022-02-23 17:15 - 2022-02-23 17:15 - 000000000 ____D C:\Users\un\Documents\PDF Architect
2022-02-22 07:46 - 2022-02-22 07:46 - 000002994 _____ C:\Windows\system32\Tasks\{CDEB7F6A-5543-45E0-A874-29DBF1D4EC42}
2022-02-22 07:45 - 2022-02-22 07:45 - 000002994 _____ C:\Windows\system32\Tasks\{BA80382E-D8C5-474B-A101-56793DF807B6}
2022-02-22 07:42 - 2022-02-22 07:42 - 000002994 _____ C:\Windows\system32\Tasks\{FF3132D9-AA41-4D22-9E6D-6ABDE65F32EF}
2022-02-22 07:40 - 2022-02-22 07:40 - 000002992 _____ C:\Windows\system32\Tasks\{6B88A434-91C3-4FFF-A25F-3CB254321E39}
2022-02-22 07:40 - 2022-02-22 07:40 - 000002992 _____ C:\Windows\system32\Tasks\{3931FDD2-3970-4CED-83F8-B8570D8924EE}
2022-02-22 07:38 - 2022-02-22 07:38 - 000002992 _____ C:\Windows\system32\Tasks\{7214F160-AF7D-4EDE-95E5-4BE348333CAE}
2022-02-22 07:34 - 2022-02-22 07:34 - 000002994 _____ C:\Windows\system32\Tasks\{3788DD8D-8376-46E6-860C-57E5714FA705}
2022-02-22 07:33 - 2022-02-22 07:33 - 000002994 _____ C:\Windows\system32\Tasks\{CD3FB11A-AFDE-4F88-BE2F-DF653AEC2AE9}
2022-02-22 07:33 - 2022-02-22 07:33 - 000002994 _____ C:\Windows\system32\Tasks\{88D00418-78A7-41C9-9552-E6231B689FA4}
2022-02-20 12:29 - 2022-02-20 12:32 - 000000000 ____D C:\Users\BK\Documents\CV LM Brigitte
2022-02-19 18:35 - 2022-02-26 18:46 - 000001280 _____ C:\Users\BK\Desktop\ZHPCleaner - Raccourci.lnk
2022-02-19 10:07 - 2022-02-19 14:05 - 000003354 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1554681525-92946815-586873948-1001
2022-02-19 10:07 - 2022-02-19 14:05 - 000003214 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1554681525-92946815-586873948-1001
2022-02-19 09:58 - 2022-02-24 09:06 - 000010168 _____ C:\Users\un\Desktop\ZHPCleaner (R).html
2022-02-19 09:55 - 2022-02-24 09:40 - 000008995 _____ C:\Users\un\Desktop\ZHPCleaner (S).html
2022-02-18 14:34 - 2022-02-18 14:34 - 000000000 ____D C:\Users\BK\AppData\Local\pdfforge
2022-02-18 14:32 - 2022-02-18 14:32 - 000181248 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2022-02-18 14:30 - 2022-02-18 14:30 - 000000668 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-02-18 14:26 - 2022-02-18 14:34 - 000000000 ____D C:\Program Files\PDFCreator
2022-02-18 14:22 - 2022-02-18 14:22 - 040681792 _____ (pdfforge GmbH) C:\Users\BK\Downloads\PDFCreator-4_4_1-Setup.exe
2022-02-18 13:28 - 2022-02-18 13:28 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2022-02-18 12:30 - 2022-02-18 12:30 - 000000000 ____D C:\Users\un\AppData\Roaming\PDF Architect 7
2022-02-17 18:12 - 2022-02-17 18:12 - 000488702 ____R C:\Users\BK\Documents\appel_loyer_20220301_20220331.pdf
2022-02-17 18:09 - 2022-02-18 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-02-17 12:39 - 2022-02-28 10:29 - 000000000 ____D C:\Users\BK\Desktop\Captvty
2022-02-17 12:39 - 2022-02-17 12:39 - 000001014 _____ C:\Users\BK\Desktop\Captvty - Raccourci.lnk
2022-02-17 12:27 - 2022-02-17 12:28 - 047627853 _____ (Oleg N. Scherbakov) C:\Users\BK\Downloads\captvty-2.9.6.5-autoextract.exe
2022-02-17 09:55 - 2022-02-17 09:55 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - un
2022-02-17 09:54 - 2022-02-17 09:54 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-02-17 09:54 - 2022-02-17 09:54 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-02-17 09:53 - 2022-02-28 17:41 - 000000000 ____D C:\Program Files\CCleaner
2022-02-17 09:46 - 2022-02-17 09:47 - 036738144 _____ (Piriform Software Ltd) C:\Users\BK\Downloads\ccsetup590_pro_trial(1).exe
2022-02-17 09:06 - 2022-02-17 09:06 - 036738144 _____ (Piriform Software Ltd) C:\Users\BK\Downloads\ccsetup590_pro_trial.exe
2022-02-16 19:27 - 2022-02-16 19:27 - 000300584 ____R C:\Users\BK\Documents\2620697120387.PDF
2022-02-12 19:29 - 2022-02-12 19:29 - 000000000 ____D C:\Users\un\AppData\Local\pdfforge
2022-02-09 09:12 - 2022-02-09 09:15 - 000000000 ____D C:\Users\BK\Documents\KANGUKA USB
2022-02-08 09:10 - 2022-02-08 09:10 - 000483508 ____R C:\Users\BK\Documents\PDFarchitecte_DesactivationPopPup.pdf
2022-02-07 21:05 - 2022-02-07 21:05 - 000000000 ____D C:\Windows\system32\Tasks\pdfforge GmbH
2022-02-07 21:02 - 2022-02-07 21:02 - 000000000 ____D C:\Users\un\AppData\Roaming\PDF Architect 8
2022-02-07 20:09 - 2022-02-07 20:09 - 000000036 ____R C:\Users\BK\Documents\Carte-TP_000000600818472_2022-02-07_.pdf
2022-02-06 11:57 - 2022-02-06 11:57 - 000078154 ____R C:\Users\BK\Documents\2-_Les_poids_et_mesures_liste_histoire.pdf
2022-02-02 08:07 - 2022-02-02 08:08 - 004703951 ____R C:\Users\BK\Documents\Bail Toulouse.pdf
2022-01-31 09:38 - 2022-02-11 13:31 - 000000000 ____D C:\Users\BK\Documents\GMF
2022-01-31 09:38 - 2022-01-31 09:38 - 000000000 ____D C:\Users\BK\Documents\ASSU 2000
2022-01-31 08:45 - 2022-01-31 08:45 - 000426483 ____R C:\Users\BK\Documents\faktablad-kokning-av-dricksvatten-franska.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-28 18:14 - 2022-01-28 09:14 - 000000913 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E1494A5B-15E9-4649-9BEB-8457C3FB9894}.job
2022-02-28 17:50 - 2018-02-09 10:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-28 17:50 - 2009-07-14 05:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-02-28 17:50 - 2009-07-14 05:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-02-28 17:41 - 2017-01-13 08:37 - 000000000 ____D C:\Users\BK\AppData\LocalLow\Mozilla
2022-02-28 17:40 - 2021-07-08 10:15 - 000000000 ____D C:\Users\BK\AppData\Roaming\PDF Architect 8
2022-02-28 17:39 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-28 17:36 - 2016-10-17 18:46 - 000000000 __SHD C:\Users\BK\IntelGraphicsProfiles
2022-02-28 17:33 - 2019-09-04 01:25 - 000000000 ____D C:\Windows\pss
2022-02-28 17:30 - 2017-11-15 10:19 - 000003952 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{7D3FB350-C307-4230-9249-61966EC07EA7}
2022-02-28 11:08 - 2011-04-12 10:16 - 000747894 _____ C:\Windows\system32\perfh00C.dat
2022-02-28 11:08 - 2011-04-12 10:16 - 000150386 _____ C:\Windows\system32\perfc00C.dat
2022-02-28 11:08 - 2009-07-14 06:13 - 001669584 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-28 11:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-02-27 21:50 - 2017-11-15 10:32 - 000000000 ____D C:\Users\BK\Desktop\Anciennes données de Firefox
2022-02-26 14:13 - 2016-10-23 22:33 - 000000000 ____D C:\Users\un\AppData\Local\Adobe
2022-02-26 14:01 - 2016-10-17 17:53 - 000000000 __SHD C:\Users\un\IntelGraphicsProfiles
2022-02-26 11:37 - 2021-08-06 14:55 - 000000000 ____D C:\Users\BK\Documents\DEPENSES RECETTES
2022-02-26 11:24 - 2020-08-20 16:12 - 000000000 ____D C:\Users\BK\AppData\Local\CrashDumps
2022-02-25 11:07 - 2019-11-27 18:20 - 000000000 ____D C:\Users\un\AppData\Roaming\ZHP
2022-02-25 10:50 - 2019-11-27 18:20 - 000000000 ____D C:\Users\un\AppData\Local\ZHP
2022-02-25 08:49 - 2020-05-26 20:34 - 000000000 ____D C:\Users\BK\Documents\PENSION RETRAITE DIVERS
2022-02-23 17:33 - 2021-04-08 06:58 - 000000000 ____D C:\Users\BK\Documents\DIVERS
2022-02-23 17:19 - 2021-07-08 09:17 - 000000800 _____ C:\Users\Public\Desktop\PDF Architect 8.lnk
2022-02-23 16:14 - 2021-01-13 18:38 - 000000000 ____D C:\Users\un\AppData\Local\CrashDumps
2022-02-23 15:07 - 2021-12-09 10:39 - 000000000 ____D C:\Users\BK\AppData\Roaming\vlc
2022-02-23 14:18 - 2016-10-17 17:32 - 000087392 _____ C:\Users\un\AppData\Local\GDIPFONTCACHEV1.DAT
2022-02-22 20:16 - 2018-12-26 17:23 - 000000000 ____D C:\Users\BK\Documents\EDF
2022-02-22 20:11 - 2016-10-17 18:47 - 000087392 _____ C:\Users\BK\AppData\Local\GDIPFONTCACHEV1.DAT
2022-02-22 20:07 - 2009-07-14 05:45 - 000346568 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-22 19:55 - 2011-04-12 10:28 - 000000000 ____D C:\Windows\ShellNew
2022-02-22 19:55 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2022-02-22 19:40 - 2017-01-28 15:46 - 000000000 ____D C:\Users\BK\Documents\BIBLE
2022-02-22 08:04 - 2016-11-27 12:27 - 001644652 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-20 21:25 - 2017-09-18 17:11 - 000000000 ____D C:\Users\un\AppData\Local\ElevatedDiagnostics
2022-02-20 15:25 - 2021-06-25 09:21 - 000000000 ____D C:\Users\BK\Documents\MUTULLE CMPS Complète
2022-02-18 13:34 - 2016-11-02 19:43 - 000000000 ____D C:\Users\BK\AppData\Local\Adobe
2022-02-18 13:32 - 2020-01-15 11:10 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-02-18 12:42 - 2017-11-15 09:50 - 000000000 ____D C:\Windows\system32\appmgmt
2022-02-18 09:39 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-18 08:59 - 2021-11-02 17:46 - 000000000 ____D C:\Users\BK\Documents\SOLANGE
2022-02-18 08:56 - 2021-10-06 07:37 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-02-17 18:18 - 2019-10-10 18:16 - 000000000 ____D C:\Users\BK\Documents\LOYER
2022-02-17 12:41 - 2022-01-26 20:45 - 000000000 ____D C:\Users\un\Desktop\Captvty
2022-02-17 12:40 - 2016-10-17 16:53 - 000000000 ____D C:\Users\un
2022-02-17 10:51 - 2021-12-16 12:26 - 000000000 ____D C:\Users\BK\Documents\CLAUDE
2022-02-17 10:06 - 2021-01-02 12:47 - 000001003 _____ C:\Users\Public\Desktop\Audacity.lnk
2022-02-17 10:06 - 2021-01-02 12:47 - 000000000 ____D C:\Program Files (x86)\Audacity
2022-02-16 19:18 - 2021-04-18 09:29 - 000000000 ____D C:\Users\BK\Documents\COMMANDES
2022-02-14 13:49 - 2021-01-14 12:05 - 000000000 ____D C:\Users\BK\AppData\Roaming\avidemux
2022-02-11 13:14 - 2019-01-06 17:31 - 000000000 ____D C:\Users\BK\Documents\ASSURANCE 2000
2022-02-09 10:38 - 2016-12-26 06:27 - 000000000 ____D C:\Windows\system32\MRT
2022-02-09 09:46 - 2016-12-26 06:27 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-03 14:54 - 2017-06-12 07:41 - 000000000 ____D C:\Users\BK\Documents\RECETTES
2022-02-03 14:44 - 2019-11-19 18:49 - 000000000 ____D C:\Users\BK\dwhelper
2022-01-31 09:41 - 2021-06-14 10:55 - 000000000 ____D C:\Users\BK\Documents\BANQUES
2022-01-30 20:20 - 2021-06-11 17:02 - 000000000 ____D C:\Users\BK\Documents\SURENDETTEMENT
==================== Fichiers à la racine de certains dossiers ========
2018-02-09 10:26 - 2018-02-09 10:26 - 007649280 _____ () C:\Program Files (x86)\GUTA333.tmp
2019-07-20 23:50 - 2020-04-26 16:35 - 000003584 _____ () C:\Users\BK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-07-31 09:36 - 2019-07-31 09:36 - 000000017 _____ () C:\Users\BK\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-02-26 09:02
==================== Fin de FRST.txt ========================