Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Exécuté par PLAY (administrateur) sur UTILISA-YOEHSQZ (Hewlett-Packard p6-2312efm) (05-03-2022 16:08:34)
Exécuté depuis C:\Users\PLAY\Desktop\Downloads
Profils chargés: PLAY
Plate-forme: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: IE
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Internet Explorer\iexplore.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe ->) (Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) C:\Program Files\IDT\WDM\beats64.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe (Pas de fichier)
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\MountPoints2: {acfec273-5774-11e8-b9d2-78e3b5b558ed} - F:\RTK_NIC_DRIVER_INSTALLER.sfx.exe
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\91.1.25.70\Installer\chrmstp.exe [2021-06-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0457A182-7BB8-43AA-B67A-9AAAF30332D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {09C5B8AD-2031-4C8F-9F6C-67D0576749AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-06-21] (Google Inc -> Google Inc.)
Task: {1CE6426B-34DD-4F30-B6A2-8FD92EDB30F4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2F91155A-9A03-4052-B1CB-96BB1D8508A5} - System32\Tasks\{299D9C95-89AD-489F-93C4-307EB37FDA81} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.16.73.105.456/fr/abandoninstall?page=tsWLM
Task: {63856918-6BC3-4D91-A2B9-4A5EF337BC78} - System32\Tasks\CCleanerSkipUAC - PLAY => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76BB8F04-0016-459B-BB67-2356523E583E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-06-21] (Google Inc -> Google Inc.)
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - PLAY" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\{299D9C95-89AD-489F-93C4-307EB37FDA81}" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {ACAEB2A6-CB2E-4E02-BD1D-914E933B9FBF} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BFEDC2B2-16DD-4144-A66F-737C4BD2E88B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7A2E71A-026C-47E4-8D7F-3298F0AFCC0C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {F1D1E9BF-7917-40A2-8A9E-26FCE18F5EFE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [.DEFAULT] => 127.0.0.1:1080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{049BE33B-9800-4424-BFFF-B4495BC52FC2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{07472B4A-1F58-4425-97A3-3F62FE40F997}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{07D4C4F6-6DCF-4CDB-8ACB-1321514ED99A}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{12668ADF-223F-49D7-92E1-7922A6757AC2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{15D2BFF3-F5E4-49A7-B417-BF4115E634FF}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{166069F2-03A8-46EA-AA1E-B6FB5C216AA6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{16DB0ECE-3D3F-4E78-94E7-92BE2A7B2240}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{173C4726-2EA8-4938-9507-2F4B053324A6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{2208BAF9-CE8C-443D-AAD3-5EDFC67B9739}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{26249A06-B359-41D6-9C09-B25EA871F52B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{2725DD3C-8B4E-4470-ADD9-A133094AAB6E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{27F3DB55-EC1D-46CE-ACC5-83336ED49737}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29FF7BFE-8137-4544-98F0-287960AEEB2D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{33715CC1-9A81-490E-AB6E-7D9C4F742F20}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{39BAF009-8481-4CB8-89AA-DE1C6E97B768}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{3D29EF4D-FE0D-44D5-8F1E-E5D58B9CAFFE}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4027A155-CB8B-4CF9-A503-09570E4E1BB2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{43FA4B08-F0CC-472E-B5B5-A551E425B50E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4484F7BE-2678-4F58-B840-8A275CDDC74F}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4A0AAC73-562D-4ACC-A66A-90D1DEE1FF04}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4B7C7A18-AA7B-47DC-97D6-01B36ABC3599}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4E0FC943-44A9-4004-A193-5AE15842EBA4}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{5D1E7ECD-3907-40C6-B590-BA9791F77FF3}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{60A78367-94DF-405F-BE17-25913E45FEED}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{625410B6-2C64-4988-A1DE-107A57DD31B9}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{694AF580-56C1-4D14-A6FF-2A917C64CAA2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6CD430E8-551D-4C62-A6AB-EA850E34050C}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6E5648D9-63D3-4018-937C-D5B89B0FB0A1}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6FA94EE7-E7A5-4F8B-A938-DDB5456D119D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{702EE056-B7A5-4423-8136-D5F3AF3B5862}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{7609BC1B-FC1C-467B-B0ED-491B7415A5DF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{781230BE-9726-47C6-BCE4-5182DE23C4C6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{786803D6-B4F5-46E7-91BD-FFE04FEEC158}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8255C32E-05BA-4A3E-A668-A350BABB4284}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8436B815-5816-4D75-B4CF-28EC89AD3F32}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8CAFE047-1E9D-481F-AF61-F610B49D5667}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8E8ABBED-76B3-405F-B302-64E68E625C80}: [NameServer] 162.252.172.57 149.154.159.92
Tcpip\..\Interfaces\{8F225BE8-8BA7-40B1-9014-E0E3620F6288}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9300D905-C905-42CB-A865-F57D42926B34}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{95B84DAC-3945-45F3-A4E3-3C101EAFDE9F}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{96C16AB7-3602-4B73-8F58-43BDDDE1BB3E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9EE12F5B-2245-4086-B2E7-D00640E043CA}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9EE4B6AC-C8AF-4FBB-94C3-7D4E51ED388E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{A4C50955-2B15-49B2-91FD-7AA4FD5B305B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{B618E6C9-5223-4DC9-8BB5-C74ED1655239}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BCB1B0A1-B539-4C5D-91D8-8438FFA2B31D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BE46E8C5-860D-4C72-8DD8-DD96C9D7B6B7}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BF745F8A-65B9-41E3-BFF5-0BED39E7361B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C4B5BB1E-3BEA-40C8-9EFA-33E4EEE9CB4B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C8D49D53-281C-4A88-A6B9-1478925B02A8}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C8F4CCEB-DCD0-44D0-9237-60B5640D3307}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D0EE3E82-D73F-423A-B66B-8E6E61F04393}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D24BC1E4-E7F6-47AC-AA58-47F866CE3317}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D8EAAD53-FD3F-4CF8-B8F7-B1B197731079}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{DC196FF0-72CF-4491-86DB-4FF18B4A1E84}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{DF3B01F7-8E0A-460F-AA7C-E361A70E4532}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E364FC09-BD41-422F-8B9F-C32A67361925}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E40FD040-4B08-4484-B666-3BF8FD26A88C}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E46017C0-CC57-4BBB-A8BC-7A8BDDD03514}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E6452D6C-ECD4-4E06-8A21-E0B04EF1F505}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{EBBD8BF2-7656-4F82-A0E9-3D18403E9FA7}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{EC20AF4A-4682-41A3-8B41-480B9E322D8E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{F7F76C36-C009-4E78-A485-03FFE393F614}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{FAA3E453-6707-4A5C-AFED-4705ED86A983}: [NameServer] 151.236.14.64,194.156.228.111
FireFox:
========
FF ProfilePath: C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default [2022-03-04]
FF DownloadDir: C:\Users\PLAY\Downloads
FF NetworkProxy: Mozilla\Firefox\Profiles\y9bqbldi.default -> type", 5
FF Extension: (Auto Shutdown) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\amin.eft_Shutdown@gmail.com [2010-02-15] [] [non signé]
FF Extension: (StatusbarEx) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\doudehou@gmail.com [2009-11-04] [] [non signé]
FF Extension: (Adblock Plus) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\elemhidehelper@adblockplus.org [2009-11-04] [] [non signé]
FF Extension: (Cooliris) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\piclens@cooliris.com [2010-02-15] [] [non signé]
FF Extension: (Splash) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\splash@aldreneo.com [2009-11-04] [] [non signé]
FF Extension: (Strata RELOADED) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\stratareloaded@addons.mozilla.org [2010-02-15] [] [non signé]
FF Extension: (Flagfox) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010-02-15] [] [non signé]
FF Extension: (URL Link) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd} [2009-11-04] [] [non signé]
FF Extension: (Image Zoom) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2010-02-15] [] [non signé]
FF Extension: (Blue Fox) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2010-02-15] [] [non signé]
FF Extension: (NoScript) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010-02-15] [] [non signé]
FF Extension: (Aquatint Black Gloss) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2009-11-04] [] [non signé]
FF Extension: (IE Tab) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009-11-04] [] [non signé]
FF Extension: (Update Notifier) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2009-11-04] [] [non signé]
FF Extension: (Download status) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66} [2010-02-15] [] [non signé]
FF Extension: (DownloadHelper) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-02-15] [] [non signé]
FF Extension: (Adblock Plus) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-02-15] [] [non signé]
FF Extension: (d57c9ff1638948fcb770f78bd89b6e8a) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2015-04-25] [] [non signé]
FF Extension: (IE View Lite) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3} [2010-02-15] [] [non signé]
FF Extension: (Pas de nom) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [non trouvé(e)]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.) [Fichier non signé]
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-11] (DivX, Inc) [Fichier non signé]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default [2022-03-05]
CHR Notifications: Default -> hxxps://www.winamax.fr
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Extension Surfshark VPN) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailoabdmgclmfmhdagmlohpjlbpffblp [2022-03-05]
CHR Extension: (Docs) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-21]
CHR Extension: (Sheets) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-04]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-03-04]
CHR Extension: (SeekPrv) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifipegfhpemcmdmfkaandbglgppnkhgj [2017-09-18]
CHR Extension: (Solitaire Games - World Collection) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmleklkkbobaonglkhkedkjofilkfjk [2016-06-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Bijoux HD) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmonmpnlegnelddekgpmmhileohhpma [2018-03-10]
CHR Extension: (Gmail) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Brave:
=======
BRA Profile: C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-04]
BRA Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-16]
BRA Extension: (Avast Online Security) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-16]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-11-16]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-11-16]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-11-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-11-16]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [125112 2015-11-05] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-05] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc. -> Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc. -> Raxco Software, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [318464 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221096 2022-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-03-05] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKsla02f77e8; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E13DCF8C-39A6-4153-9BAF-39B2E91E88D8}\MpKslDrv.sys [49424 2022-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 RTLUE8023-W7-64; C:\Windows\System32\DRIVERS\rtu64w7.sys [90840 2014-01-22] (Realtek Semiconductor Corp -> Realtek)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [91568 2009-11-09] (Fenghua Lee -> PowerISO Computing, Inc.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [536576 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2019-05-22] (Surfshark Ltd. -> The OpenVPN Project)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wintunshark; C:\Windows\System32\DRIVERS\wintunshark.sys [28936 2020-09-17] (Surfshark Ltd. -> Surfshark Ltd)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-05 15:47 - 2022-03-05 15:47 - 000305112 _____ C:\Users\PLAY\Desktop\ZHPDiag.html
2022-03-05 15:47 - 2022-03-05 15:46 - 000243648 _____ C:\ZHPDiag (2).txt
2022-03-05 14:29 - 2022-03-05 14:29 - 000001526 _____ C:\NBAM.txt
2022-03-05 12:51 - 2022-03-05 12:51 - 000001968 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-05 12:51 - 2022-03-05 12:51 - 000001956 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-05 12:50 - 2022-03-05 12:50 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-03-05 12:50 - 2022-03-05 12:50 - 000221096 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-03-05 12:50 - 2022-03-05 12:49 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-03-05 12:48 - 2022-03-05 12:48 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-05 12:09 - 2022-03-05 12:15 - 000000000 ____D C:\AdwCleaner
2022-03-05 10:36 - 2022-03-05 10:36 - 000000000 ___SD C:\Windows\system32\CompatTel
2022-03-05 10:36 - 2022-03-05 10:36 - 000000000 ____D C:\Windows\system32\appraiser
2022-03-04 22:36 - 2022-03-04 22:46 - 000191934 _____ C:\Windows\ntbtlog.txt
2022-03-04 17:14 - 2022-03-05 16:09 - 000000000 ____D C:\FRST
2022-02-21 11:04 - 2022-02-21 11:04 - 000000438 __RSH C:\ProgramData\ntuser.pol
2022-02-21 10:47 - 2019-08-21 02:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2022-02-21 10:47 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2022-02-21 10:47 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\system32\locale.nls
2022-02-21 10:47 - 2017-08-11 07:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2022-02-21 10:47 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2022-02-21 10:47 - 2016-10-11 16:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2022-02-21 10:47 - 2016-10-11 16:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2022-02-21 10:47 - 2016-10-11 16:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2022-02-21 10:47 - 2016-10-11 16:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2022-02-21 10:46 - 2019-08-27 04:27 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2022-02-21 10:46 - 2019-08-27 04:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2022-02-21 10:46 - 2019-08-21 00:19 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-02-21 10:46 - 2019-08-20 05:24 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2022-02-21 10:46 - 2019-08-20 05:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-02-21 10:46 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2022-02-21 10:46 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2022-02-21 10:46 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2022-02-21 10:46 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2022-02-21 10:46 - 2016-10-11 16:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-05 16:02 - 2014-06-12 07:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-05 15:46 - 2015-04-27 12:11 - 000000000 ____D C:\Users\PLAY\AppData\Roaming\ZHP
2022-03-05 15:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2022-03-05 15:14 - 2009-07-14 05:45 - 000020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-05 15:14 - 2009-07-14 05:45 - 000020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-05 13:22 - 2009-07-14 16:24 - 000746916 _____ C:\Windows\system32\perfh00C.dat
2022-03-05 13:22 - 2009-07-14 16:24 - 000149440 _____ C:\Windows\system32\perfc00C.dat
2022-03-05 13:22 - 2009-07-14 06:13 - 001667292 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-05 13:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-03-05 13:20 - 2018-04-20 19:19 - 000000000 ____D C:\Program Files\CCleaner
2022-03-05 13:18 - 2018-05-04 16:36 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2022-03-05 13:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-05 13:17 - 2014-06-12 13:40 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-03-05 12:48 - 2015-04-27 22:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-05 10:49 - 2017-11-08 09:33 - 000000000 ____D C:\Users\PLAY\AppData\Local\ZHP
2022-03-05 10:41 - 2010-02-15 09:21 - 000064024 _____ C:\Users\PLAY\AppData\Local\GDIPFONTCACHEV1.DAT
2022-03-05 10:41 - 2010-02-15 08:44 - 000000477 _____ C:\Users\PLAY\Desktop\Desktop.lnk
2022-03-05 10:39 - 2009-07-14 05:45 - 000294656 _____ C:\Windows\system32\FNTCACHE.DAT
2022-03-05 10:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2022-03-05 10:36 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-04 23:18 - 2018-04-20 19:19 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-03-04 23:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2022-03-04 23:00 - 2016-06-20 22:48 - 000000000 ____D C:\Program Files (x86)\ZHPFix
2022-03-04 22:58 - 2019-12-01 15:47 - 000000000 ____D C:\ProgramData\Surfshark
2022-03-04 22:58 - 2019-12-01 15:47 - 000000000 ____D C:\Program Files (x86)\Surfshark
2022-03-04 22:58 - 2019-12-01 14:33 - 000000000 ____D C:\Users\PLAY\AppData\Roaming\Surfshark
2022-03-04 22:51 - 2020-11-06 19:03 - 000000000 ____D C:\Users\PLAY\AppData\Local\CrashDumps
2022-03-04 22:48 - 2015-04-30 22:49 - 000000000 ____D C:\ProgramData\AVAST Software
2022-03-04 15:30 - 2018-07-17 17:00 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-21 11:00 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-02-07 17:27 - 2014-06-12 13:51 - 000002155 _____ C:\Windows\epplauncher.mif
2022-02-07 17:27 - 2014-06-12 13:50 - 000001931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2022-02-07 17:26 - 2014-06-12 13:50 - 000000000 ____D C:\Program Files\Microsoft Security Client
2022-02-07 17:26 - 2014-06-12 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2022-02-07 17:13 - 2019-12-01 15:20 - 001641656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-05 11:03 - 2021-08-27 18:18 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PLAY
2022-02-05 11:03 - 2019-11-16 12:05 - 000003336 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-02-05 11:03 - 2019-11-16 12:05 - 000003208 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-02-05 11:03 - 2016-06-21 17:30 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-05 11:03 - 2016-06-21 17:30 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-05 11:03 - 2016-06-12 15:00 - 000003100 _____ C:\Windows\system32\Tasks\{299D9C95-89AD-489F-93C4-307EB37FDA81}
2022-02-03 14:18 - 2015-04-30 22:52 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
==================== Fichiers à la racine de certains dossiers ========
2014-08-03 12:27 - 2018-03-20 09:01 - 000122368 _____ () C:\Users\PLAY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheckExt =========================
2010-02-15 08:57 - 2003-03-15 23:15 - 000090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2008-11-06 17:33 - 2008-11-06 17:33 - 000684032 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivX.dll
2008-11-06 17:37 - 2008-11-06 17:37 - 000524288 _____ (DivX Inc.) C:\Windows\SysWOW64\DivXsm.exe
2008-11-06 17:33 - 2008-11-06 17:33 - 000012288 _____ C:\Windows\SysWOW64\DivXWMPExtType.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000823296 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx07.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000815104 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx0a.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000823296 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx0c.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000802816 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx11.dll
2008-12-11 01:33 - 2008-12-11 01:33 - 000086016 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000294912 _____ (DivXNetworks) C:\Windows\SysWOW64\dpu11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000593920 _____ (DivXNetworks) C:\Windows\SysWOW64\dpuGUI11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000344064 _____ (DivXNetworks) C:\Windows\SysWOW64\dpus11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000057344 _____ (DivXNetworks) C:\Windows\SysWOW64\dpv11.dll
2008-12-11 01:33 - 2008-12-11 01:33 - 000200704 _____ (DivX, Inc.) C:\Windows\SysWOW64\dtu100.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 001757184 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagX7.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 000258048 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXR7.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 000802816 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXRA7.dll
2008-11-06 17:35 - 2008-11-06 17:35 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libdivx.dll
2008-11-06 17:37 - 2008-11-06 17:37 - 003596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2014-06-14 12:52 - 2010-08-30 04:04 - 000536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2008-11-06 17:35 - 2008-11-06 17:35 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssldivx.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b3eeb869-f218-11e3-a28e-d0d4da7427b1}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {b3eeb869-f218-11e3-a28e-d0d4da7427b1}
device ramdisk=[C:]\Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\Winre.wim,{b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\Winre.wim,{b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\boot.sdi
LastRegBack: 2022-02-03 16:15
==================== Fin de FRST.txt ========================
Exécuté par PLAY (administrateur) sur UTILISA-YOEHSQZ (Hewlett-Packard p6-2312efm) (05-03-2022 16:08:34)
Exécuté depuis C:\Users\PLAY\Desktop\Downloads
Profils chargés: PLAY
Plate-forme: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: IE
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Internet Explorer\iexplore.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe ->) (Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) C:\Program Files\IDT\WDM\beats64.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe (Pas de fichier)
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\S-1-5-21-480081248-448449324-4229664033-1000\...\MountPoints2: {acfec273-5774-11e8-b9d2-78e3b5b558ed} - F:\RTK_NIC_DRIVER_INSTALLER.sfx.exe
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\91.1.25.70\Installer\chrmstp.exe [2021-06-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0457A182-7BB8-43AA-B67A-9AAAF30332D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {09C5B8AD-2031-4C8F-9F6C-67D0576749AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-06-21] (Google Inc -> Google Inc.)
Task: {1CE6426B-34DD-4F30-B6A2-8FD92EDB30F4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2F91155A-9A03-4052-B1CB-96BB1D8508A5} - System32\Tasks\{299D9C95-89AD-489F-93C4-307EB37FDA81} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.16.73.105.456/fr/abandoninstall?page=tsWLM
Task: {63856918-6BC3-4D91-A2B9-4A5EF337BC78} - System32\Tasks\CCleanerSkipUAC - PLAY => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76BB8F04-0016-459B-BB67-2356523E583E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-06-21] (Google Inc -> Google Inc.)
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineCore" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BraveSoftwareUpdateTaskMachineUA" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - PLAY" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\{299D9C95-89AD-489F-93C4-307EB37FDA81}" /ENABLE
Task: {820A50B5-8D3C-4480-B5C3-B6915D4BFF9A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {ACAEB2A6-CB2E-4E02-BD1D-914E933B9FBF} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BFEDC2B2-16DD-4144-A66F-737C4BD2E88B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7A2E71A-026C-47E4-8D7F-3298F0AFCC0C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {F1D1E9BF-7917-40A2-8A9E-26FCE18F5EFE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [.DEFAULT] => 127.0.0.1:1080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{049BE33B-9800-4424-BFFF-B4495BC52FC2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{07472B4A-1F58-4425-97A3-3F62FE40F997}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{07D4C4F6-6DCF-4CDB-8ACB-1321514ED99A}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{12668ADF-223F-49D7-92E1-7922A6757AC2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{15D2BFF3-F5E4-49A7-B417-BF4115E634FF}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{166069F2-03A8-46EA-AA1E-B6FB5C216AA6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{16DB0ECE-3D3F-4E78-94E7-92BE2A7B2240}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{173C4726-2EA8-4938-9507-2F4B053324A6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{2208BAF9-CE8C-443D-AAD3-5EDFC67B9739}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{26249A06-B359-41D6-9C09-B25EA871F52B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{2725DD3C-8B4E-4470-ADD9-A133094AAB6E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{27F3DB55-EC1D-46CE-ACC5-83336ED49737}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29FF7BFE-8137-4544-98F0-287960AEEB2D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{33715CC1-9A81-490E-AB6E-7D9C4F742F20}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{39BAF009-8481-4CB8-89AA-DE1C6E97B768}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{3D29EF4D-FE0D-44D5-8F1E-E5D58B9CAFFE}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4027A155-CB8B-4CF9-A503-09570E4E1BB2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{43FA4B08-F0CC-472E-B5B5-A551E425B50E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4484F7BE-2678-4F58-B840-8A275CDDC74F}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4A0AAC73-562D-4ACC-A66A-90D1DEE1FF04}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{4B7C7A18-AA7B-47DC-97D6-01B36ABC3599}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4E0FC943-44A9-4004-A193-5AE15842EBA4}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{5D1E7ECD-3907-40C6-B590-BA9791F77FF3}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{60A78367-94DF-405F-BE17-25913E45FEED}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{625410B6-2C64-4988-A1DE-107A57DD31B9}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{694AF580-56C1-4D14-A6FF-2A917C64CAA2}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6CD430E8-551D-4C62-A6AB-EA850E34050C}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6E5648D9-63D3-4018-937C-D5B89B0FB0A1}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{6FA94EE7-E7A5-4F8B-A938-DDB5456D119D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{702EE056-B7A5-4423-8136-D5F3AF3B5862}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{7609BC1B-FC1C-467B-B0ED-491B7415A5DF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{781230BE-9726-47C6-BCE4-5182DE23C4C6}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{786803D6-B4F5-46E7-91BD-FFE04FEEC158}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8255C32E-05BA-4A3E-A668-A350BABB4284}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8436B815-5816-4D75-B4CF-28EC89AD3F32}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8CAFE047-1E9D-481F-AF61-F610B49D5667}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{8E8ABBED-76B3-405F-B302-64E68E625C80}: [NameServer] 162.252.172.57 149.154.159.92
Tcpip\..\Interfaces\{8F225BE8-8BA7-40B1-9014-E0E3620F6288}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9300D905-C905-42CB-A865-F57D42926B34}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{95B84DAC-3945-45F3-A4E3-3C101EAFDE9F}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{96C16AB7-3602-4B73-8F58-43BDDDE1BB3E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9EE12F5B-2245-4086-B2E7-D00640E043CA}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{9EE4B6AC-C8AF-4FBB-94C3-7D4E51ED388E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{A4C50955-2B15-49B2-91FD-7AA4FD5B305B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{B618E6C9-5223-4DC9-8BB5-C74ED1655239}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BCB1B0A1-B539-4C5D-91D8-8438FFA2B31D}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BE46E8C5-860D-4C72-8DD8-DD96C9D7B6B7}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{BF745F8A-65B9-41E3-BFF5-0BED39E7361B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C4B5BB1E-3BEA-40C8-9EFA-33E4EEE9CB4B}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C8D49D53-281C-4A88-A6B9-1478925B02A8}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{C8F4CCEB-DCD0-44D0-9237-60B5640D3307}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D0EE3E82-D73F-423A-B66B-8E6E61F04393}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D24BC1E4-E7F6-47AC-AA58-47F866CE3317}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{D8EAAD53-FD3F-4CF8-B8F7-B1B197731079}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{DC196FF0-72CF-4491-86DB-4FF18B4A1E84}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{DF3B01F7-8E0A-460F-AA7C-E361A70E4532}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E364FC09-BD41-422F-8B9F-C32A67361925}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E40FD040-4B08-4484-B666-3BF8FD26A88C}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E46017C0-CC57-4BBB-A8BC-7A8BDDD03514}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{E6452D6C-ECD4-4E06-8A21-E0B04EF1F505}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{EBBD8BF2-7656-4F82-A0E9-3D18403E9FA7}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{EC20AF4A-4682-41A3-8B41-480B9E322D8E}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{F7F76C36-C009-4E78-A485-03FFE393F614}: [NameServer] 151.236.14.64,194.156.228.111
Tcpip\..\Interfaces\{FAA3E453-6707-4A5C-AFED-4705ED86A983}: [NameServer] 151.236.14.64,194.156.228.111
FireFox:
========
FF ProfilePath: C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default [2022-03-04]
FF DownloadDir: C:\Users\PLAY\Downloads
FF NetworkProxy: Mozilla\Firefox\Profiles\y9bqbldi.default -> type", 5
FF Extension: (Auto Shutdown) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\amin.eft_Shutdown@gmail.com [2010-02-15] [] [non signé]
FF Extension: (StatusbarEx) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\doudehou@gmail.com [2009-11-04] [] [non signé]
FF Extension: (Adblock Plus) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\elemhidehelper@adblockplus.org [2009-11-04] [] [non signé]
FF Extension: (Cooliris) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\piclens@cooliris.com [2010-02-15] [] [non signé]
FF Extension: (Splash) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\splash@aldreneo.com [2009-11-04] [] [non signé]
FF Extension: (Strata RELOADED) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\stratareloaded@addons.mozilla.org [2010-02-15] [] [non signé]
FF Extension: (Flagfox) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010-02-15] [] [non signé]
FF Extension: (URL Link) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd} [2009-11-04] [] [non signé]
FF Extension: (Image Zoom) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} [2010-02-15] [] [non signé]
FF Extension: (Blue Fox) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2010-02-15] [] [non signé]
FF Extension: (NoScript) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010-02-15] [] [non signé]
FF Extension: (Aquatint Black Gloss) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2009-11-04] [] [non signé]
FF Extension: (IE Tab) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2009-11-04] [] [non signé]
FF Extension: (Update Notifier) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2009-11-04] [] [non signé]
FF Extension: (Download status) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66} [2010-02-15] [] [non signé]
FF Extension: (DownloadHelper) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-02-15] [] [non signé]
FF Extension: (Adblock Plus) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-02-15] [] [non signé]
FF Extension: (d57c9ff1638948fcb770f78bd89b6e8a) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2015-04-25] [] [non signé]
FF Extension: (IE View Lite) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\Extensions\{FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3} [2010-02-15] [] [non signé]
FF Extension: (Pas de nom) - C:\Users\PLAY\AppData\Roaming\Mozilla\Firefox\Profiles\y9bqbldi.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [non trouvé(e)]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2008-11-06] (DivX,Inc.) [Fichier non signé]
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-12-11] (DivX, Inc) [Fichier non signé]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default [2022-03-05]
CHR Notifications: Default -> hxxps://www.winamax.fr
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Extension Surfshark VPN) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailoabdmgclmfmhdagmlohpjlbpffblp [2022-03-05]
CHR Extension: (Docs) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-21]
CHR Extension: (Sheets) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-04]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-03-04]
CHR Extension: (SeekPrv) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifipegfhpemcmdmfkaandbglgppnkhgj [2017-09-18]
CHR Extension: (Solitaire Games - World Collection) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmleklkkbobaonglkhkedkjofilkfjk [2016-06-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR Extension: (Bijoux HD) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmonmpnlegnelddekgpmmhileohhpma [2018-03-10]
CHR Extension: (Gmail) - C:\Users\PLAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Brave:
=======
BRA Profile: C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-04]
BRA Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-16]
BRA Extension: (Avast Online Security) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-11-16]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-11-16]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-11-16]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-11-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\PLAY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-11-16]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-11-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [125112 2015-11-05] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-05] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1488136 2009-07-23] (Raxco Software, Inc. -> Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1486600 2009-07-23] (Raxco Software, Inc. -> Raxco Software, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [318464 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221096 2022-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-03-05] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKsla02f77e8; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E13DCF8C-39A6-4153-9BAF-39B2E91E88D8}\MpKslDrv.sys [49424 2022-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 RTLUE8023-W7-64; C:\Windows\System32\DRIVERS\rtu64w7.sys [90840 2014-01-22] (Realtek Semiconductor Corp -> Realtek)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [91568 2009-11-09] (Fenghua Lee -> PowerISO Computing, Inc.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [536576 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2019-05-22] (Surfshark Ltd. -> The OpenVPN Project)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wintunshark; C:\Windows\System32\DRIVERS\wintunshark.sys [28936 2020-09-17] (Surfshark Ltd. -> Surfshark Ltd)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-05 15:47 - 2022-03-05 15:47 - 000305112 _____ C:\Users\PLAY\Desktop\ZHPDiag.html
2022-03-05 15:47 - 2022-03-05 15:46 - 000243648 _____ C:\ZHPDiag (2).txt
2022-03-05 14:29 - 2022-03-05 14:29 - 000001526 _____ C:\NBAM.txt
2022-03-05 12:51 - 2022-03-05 12:51 - 000001968 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-05 12:51 - 2022-03-05 12:51 - 000001956 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-05 12:50 - 2022-03-05 12:50 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-03-05 12:50 - 2022-03-05 12:50 - 000221096 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-03-05 12:50 - 2022-03-05 12:49 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-03-05 12:48 - 2022-03-05 12:48 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-05 12:09 - 2022-03-05 12:15 - 000000000 ____D C:\AdwCleaner
2022-03-05 10:36 - 2022-03-05 10:36 - 000000000 ___SD C:\Windows\system32\CompatTel
2022-03-05 10:36 - 2022-03-05 10:36 - 000000000 ____D C:\Windows\system32\appraiser
2022-03-04 22:36 - 2022-03-04 22:46 - 000191934 _____ C:\Windows\ntbtlog.txt
2022-03-04 17:14 - 2022-03-05 16:09 - 000000000 ____D C:\FRST
2022-02-21 11:04 - 2022-02-21 11:04 - 000000438 __RSH C:\ProgramData\ntuser.pol
2022-02-21 10:47 - 2019-08-21 02:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2022-02-21 10:47 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2022-02-21 10:47 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\system32\locale.nls
2022-02-21 10:47 - 2017-08-11 07:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2022-02-21 10:47 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2022-02-21 10:47 - 2016-10-11 16:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2022-02-21 10:47 - 2016-10-11 16:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2022-02-21 10:47 - 2016-10-11 16:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2022-02-21 10:47 - 2016-10-11 16:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2022-02-21 10:46 - 2019-08-27 04:27 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2022-02-21 10:46 - 2019-08-27 04:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2022-02-21 10:46 - 2019-08-21 00:19 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-02-21 10:46 - 2019-08-20 05:24 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2022-02-21 10:46 - 2019-08-20 05:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-02-21 10:46 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2022-02-21 10:46 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2022-02-21 10:46 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2022-02-21 10:46 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2022-02-21 10:46 - 2016-10-11 16:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2022-02-21 10:46 - 2016-10-11 16:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2022-02-21 10:46 - 2016-10-11 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-05 16:02 - 2014-06-12 07:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-05 15:46 - 2015-04-27 12:11 - 000000000 ____D C:\Users\PLAY\AppData\Roaming\ZHP
2022-03-05 15:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2022-03-05 15:14 - 2009-07-14 05:45 - 000020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-05 15:14 - 2009-07-14 05:45 - 000020880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-05 13:22 - 2009-07-14 16:24 - 000746916 _____ C:\Windows\system32\perfh00C.dat
2022-03-05 13:22 - 2009-07-14 16:24 - 000149440 _____ C:\Windows\system32\perfc00C.dat
2022-03-05 13:22 - 2009-07-14 06:13 - 001667292 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-05 13:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-03-05 13:20 - 2018-04-20 19:19 - 000000000 ____D C:\Program Files\CCleaner
2022-03-05 13:18 - 2018-05-04 16:36 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2022-03-05 13:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-05 13:17 - 2014-06-12 13:40 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-03-05 12:48 - 2015-04-27 22:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-05 10:49 - 2017-11-08 09:33 - 000000000 ____D C:\Users\PLAY\AppData\Local\ZHP
2022-03-05 10:41 - 2010-02-15 09:21 - 000064024 _____ C:\Users\PLAY\AppData\Local\GDIPFONTCACHEV1.DAT
2022-03-05 10:41 - 2010-02-15 08:44 - 000000477 _____ C:\Users\PLAY\Desktop\Desktop.lnk
2022-03-05 10:39 - 2009-07-14 05:45 - 000294656 _____ C:\Windows\system32\FNTCACHE.DAT
2022-03-05 10:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2022-03-05 10:36 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2022-03-05 10:36 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-04 23:18 - 2018-04-20 19:19 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-03-04 23:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2022-03-04 23:00 - 2016-06-20 22:48 - 000000000 ____D C:\Program Files (x86)\ZHPFix
2022-03-04 22:58 - 2019-12-01 15:47 - 000000000 ____D C:\ProgramData\Surfshark
2022-03-04 22:58 - 2019-12-01 15:47 - 000000000 ____D C:\Program Files (x86)\Surfshark
2022-03-04 22:58 - 2019-12-01 14:33 - 000000000 ____D C:\Users\PLAY\AppData\Roaming\Surfshark
2022-03-04 22:51 - 2020-11-06 19:03 - 000000000 ____D C:\Users\PLAY\AppData\Local\CrashDumps
2022-03-04 22:48 - 2015-04-30 22:49 - 000000000 ____D C:\ProgramData\AVAST Software
2022-03-04 15:30 - 2018-07-17 17:00 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-02-21 11:00 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-02-07 17:27 - 2014-06-12 13:51 - 000002155 _____ C:\Windows\epplauncher.mif
2022-02-07 17:27 - 2014-06-12 13:50 - 000001931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2022-02-07 17:26 - 2014-06-12 13:50 - 000000000 ____D C:\Program Files\Microsoft Security Client
2022-02-07 17:26 - 2014-06-12 13:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2022-02-07 17:13 - 2019-12-01 15:20 - 001641656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-05 11:03 - 2021-08-27 18:18 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PLAY
2022-02-05 11:03 - 2019-11-16 12:05 - 000003336 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-02-05 11:03 - 2019-11-16 12:05 - 000003208 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-02-05 11:03 - 2016-06-21 17:30 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-05 11:03 - 2016-06-21 17:30 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-05 11:03 - 2016-06-12 15:00 - 000003100 _____ C:\Windows\system32\Tasks\{299D9C95-89AD-489F-93C4-307EB37FDA81}
2022-02-03 14:18 - 2015-04-30 22:52 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
==================== Fichiers à la racine de certains dossiers ========
2014-08-03 12:27 - 2018-03-20 09:01 - 000122368 _____ () C:\Users\PLAY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheckExt =========================
2010-02-15 08:57 - 2003-03-15 23:15 - 000090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2008-11-06 17:33 - 2008-11-06 17:33 - 000684032 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivX.dll
2008-11-06 17:37 - 2008-11-06 17:37 - 000524288 _____ (DivX Inc.) C:\Windows\SysWOW64\DivXsm.exe
2008-11-06 17:33 - 2008-11-06 17:33 - 000012288 _____ C:\Windows\SysWOW64\DivXWMPExtType.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000823296 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx07.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000815104 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx0a.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000823296 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx0c.dll
2008-11-06 17:33 - 2008-11-06 17:33 - 000802816 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx_xx11.dll
2008-12-11 01:33 - 2008-12-11 01:33 - 000086016 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000294912 _____ (DivXNetworks) C:\Windows\SysWOW64\dpu11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000593920 _____ (DivXNetworks) C:\Windows\SysWOW64\dpuGUI11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000344064 _____ (DivXNetworks) C:\Windows\SysWOW64\dpus11.dll
2008-12-09 03:28 - 2008-12-09 03:28 - 000057344 _____ (DivXNetworks) C:\Windows\SysWOW64\dpv11.dll
2008-12-11 01:33 - 2008-12-11 01:33 - 000200704 _____ (DivX, Inc.) C:\Windows\SysWOW64\dtu100.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 001757184 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagX7.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 000258048 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXR7.dll
2010-02-15 08:58 - 2008-07-04 18:23 - 000802816 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXRA7.dll
2008-11-06 17:35 - 2008-11-06 17:35 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libdivx.dll
2008-11-06 17:37 - 2008-11-06 17:37 - 003596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2014-06-14 12:52 - 2010-08-30 04:04 - 000536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2008-11-06 17:35 - 2008-11-06 17:35 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssldivx.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b3eeb869-f218-11e3-a28e-d0d4da7427b1}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {b3eeb869-f218-11e3-a28e-d0d4da7427b1}
device ramdisk=[C:]\Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\Winre.wim,{b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\Winre.wim,{b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b3eeb867-f218-11e3-a28e-d0d4da7427b1}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {b3eeb86a-f218-11e3-a28e-d0d4da7427b1}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\b3eeb869-f218-11e3-a28e-d0d4da7427b1\boot.sdi
LastRegBack: 2022-02-03 16:15
==================== Fin de FRST.txt ========================