Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-04-2022 03
Exécuté par Laurenceau (administrateur) sur LAURENCEAU-HP (Hewlett-Packard HP Pavilion g7 Notebook PC) (12-04-2022 14:49:27)
Exécuté depuis C:\Users\Laurenceau\Desktop
Profils chargés: Laurenceau
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1620 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom) [Fichier non signé] C:\Program Files\TomTom HOME\TTHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <4>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Spotify] => C:\Users\Laurenceau\AppData\Roaming\Spotify\Spotify.exe [20025272 2022-03-19] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Policies\Explorer: []
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-08-10] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2021-09-03] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\99.0.15399.87\Installer\chrmstp.exe [2022-04-07] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-07] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0AA2DF51-1CD3-494B-A016-75E244963C40} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {0F339EBD-6E64-4E9C-9E42-B75D2F62245A} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-28] (Piriform Software Ltd -> Piriform Software)
Task: {137F8010-A0FF-4476-9829-F8C470575E48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {192D0DE7-BB85-4D0C-9181-6C46CF411C12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C1BCDBE-7649-4192-9D46-BEA55A521B7D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {243EFE76-C168-484D-B849-16CA5BDD5BDD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {4E49B6D3-073A-44C8-BAD7-211114A6CA75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68BDDA44-CBA8-4434-8889-5CF9C605B435} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6E9A6329-EAE5-4F5A-AEA3-7DE439A77D13} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-28] (Piriform Software Ltd -> Piriform Software)
Task: {837E015B-10CA-4EDA-A11F-0A1B31F6C4C3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {88D4609A-D47E-4CD7-8243-DF9A96B6A433} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E322011-1B60-43B4-AB78-D7C0D9D1E7C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {8F09E83C-53B8-4505-BE5A-CAFAA59EB3B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {8F812873-1E7A-44E4-B135-DD5E58B51148} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9CFBC879-0D5E-4DB1-B391-A6A68E4AE61E} - System32\Tasks\CCleanerSkipUAC - Laurenceau => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A1DDEF15-EB13-45C2-98F5-88DF97D91ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {CA3B243C-20CE-4210-BA55-6D2F12A6ABE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4CF4F98-3A2B-454E-A545-D10983954027} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {FFF2BCDE-B5DC-4178-8814-78506B48094A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52b7afb2-8dba-4717-9c88-36c47f7eea88}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-10]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-10]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\TomTom\HOME\Profiles\g44v2ne5.default [2019-11-17]
FF Extension: (Pas de nom) - D:\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 [2022-04-03]
FF Homepage: Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 -> 20minutes.fr
FF Extension: (AdBlocker Ultimate) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (AdGuard AdBlocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adguardadblocker@adguard.com.xpi [2021-10-08]
FF Extension: (Clear Cache) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\clearcache@michel.de.almeida.xpi [2021-10-08]
FF Extension: (Enhancer for YouTube™) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2021-10-08]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-09]
FF Extension: (Green Blocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{585d400a-21d7-4270-a3c5-8c09aa351c1d}.xpi [2021-10-03]
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau [2022-04-12]
FF Homepage: Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau -> hxxps://www.20minutes.fr/
FF Notifications: Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau -> hxxps://www.foot-sur7.fr; hxxps://foot.streamonsport.fr; hxxps://assiste.com
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-04-12]
FF Extension: (McAfee® WebAdvisor) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2022-04-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-13] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default [2022-04-03]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR91212G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-01-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\99.0.15399.87\elevation_service.exe [1876832 2022-03-28] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [975088 2022-04-08] (McAfee, LLC -> McAfee, LLC)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 loqacnzi; C:\WINDOWS\system32\drivers\loqacnzi.sys [52472 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-03-06] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-12 14:54 - 2022-04-12 14:55 - 000000000 ____D C:\Users\Laurenceau\Desktop\crystaldiskinfo-portable-8-16-4
2022-04-12 14:51 - 2022-04-12 14:51 - 006189924 _____ C:\Users\Laurenceau\Desktop\crystaldiskinfo-portable-8-16-4.zip
2022-04-12 14:49 - 2022-04-12 14:56 - 000023916 _____ C:\Users\Laurenceau\Desktop\FRST.txt
2022-04-12 14:40 - 2022-04-12 14:53 - 000000000 ____D C:\FRST
2022-04-12 14:36 - 2022-04-12 14:36 - 002365952 _____ (Farbar) C:\Users\Laurenceau\Desktop\FRST64.exe
2022-04-12 13:45 - 2022-04-12 13:45 - 003482312 _____ (Nicolas Coolman) C:\Users\Laurenceau\Desktop\ZHPSuite.exe
2022-04-10 14:56 - 2022-04-10 14:56 - 000079855 _____ C:\Users\Laurenceau\Downloads\métreur-1.pdf
2022-04-09 14:51 - 2022-04-09 14:51 - 000011728 _____ C:\Users\Laurenceau\Desktop\Untitled 1.odt
2022-04-09 14:43 - 2022-04-09 14:29 - 000080238 _____ C:\Users\Laurenceau\Desktop\Métreur chiffreur.pdf
2022-04-06 13:17 - 2022-04-07 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-04-03 22:06 - 2022-04-03 22:09 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-04-03 22:06 - 2022-04-03 22:06 - 000001253 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-04-03 21:01 - 2022-04-03 21:01 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-03 19:42 - 2022-04-03 19:42 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-03 19:42 - 2022-04-03 19:42 - 000011791 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-03 19:41 - 2022-04-03 19:41 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-03 19:38 - 2022-04-03 19:39 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-03 18:14 - 2022-04-03 18:14 - 000000000 ___HD C:\$WinREAgent
2022-03-27 14:25 - 2022-03-27 14:25 - 000080443 _____ C:\Users\Laurenceau\Downloads\Technicien bureau d'études génie climatique Métreur Chiffreur.pdf
2022-03-20 21:13 - 2022-04-03 22:09 - 000000000 ____D C:\Program Files (x86)\LibreOffice 5
2022-03-20 21:00 - 2022-03-20 21:00 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-03-20 20:41 - 2022-03-20 20:42 - 029759472 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(22).exe
2022-03-20 20:32 - 2022-03-20 20:37 - 029759472 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(21).exe
2022-03-18 15:52 - 2022-03-18 15:52 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-03-18 15:51 - 2022-03-18 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-03-18 15:40 - 2022-03-18 15:42 - 040738528 _____ (pdfforge GmbH) C:\Users\Laurenceau\Downloads\PDFCreator-4_4_2-Setup.exe
2022-03-11 15:29 - 2022-03-11 15:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 15:26 - 2022-03-11 15:26 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 15:24 - 2022-03-11 15:24 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 15:22 - 2022-03-11 15:22 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-13 16:02 - 2022-02-13 16:03 - 029517808 _____ C:\Users\Laurenceau\Desktop\UCheck_portable64(21).exe
2022-02-12 14:25 - 2022-04-12 13:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-07 16:43 - 2022-02-07 16:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-27 14:30 - 2022-01-27 14:30 - 000498602 _____ C:\Users\Laurenceau\Desktop\attestation LAURENCEAU.pdf
2022-01-22 15:16 - 2021-10-08 12:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2022-01-15 16:12 - 2022-01-15 16:12 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 16:12 - 2022-01-15 16:12 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-12 15:04 - 2018-03-06 18:13 - 000731954 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-04-12 14:57 - 2016-11-18 16:50 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\Mozilla
2022-04-12 14:56 - 2018-01-06 19:58 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-12 14:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-12 14:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-12 14:37 - 2020-03-15 21:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-12 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-12 14:24 - 2021-06-17 13:43 - 000000000 ____D C:\Users\Laurenceau\AppData\Roaming\Spotify
2022-04-12 13:27 - 2017-10-04 14:27 - 000000000 ____D C:\Program Files\CCleaner
2022-04-12 13:21 - 2021-06-17 13:47 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\Spotify
2022-04-11 14:41 - 2019-11-23 15:50 - 000000000 ___RD C:\Users\Laurenceau\Desktop\CV
2022-04-11 13:37 - 2020-06-23 11:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-10 14:46 - 2020-06-23 11:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-09 14:51 - 2019-11-23 15:50 - 000015346 _____ C:\Users\Laurenceau\Desktop\Tableau contact employeurs.ods
2022-04-09 13:38 - 2018-03-11 20:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 13:54 - 2021-12-13 14:47 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2603305841-1989612468-1150847816-1001
2022-04-08 13:54 - 2020-08-21 13:51 - 000002436 _____ C:\Users\Laurenceau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-08 13:54 - 2020-06-23 11:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2603305841-1989612468-1150847816-1001
2022-04-07 15:12 - 2019-11-23 15:50 - 000000000 ____D C:\Users\Laurenceau\Desktop\candidatures
2022-04-07 13:39 - 2020-09-28 14:45 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-07 13:37 - 2020-12-13 17:51 - 000002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-04-07 13:37 - 2020-12-13 17:48 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-04-07 11:13 - 2021-10-10 13:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-07 11:13 - 2021-08-18 14:30 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-07 11:13 - 2018-11-14 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 13:04 - 2021-02-22 14:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 13:04 - 2020-06-23 11:48 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 13:04 - 2020-06-23 11:48 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-05 13:20 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-04 13:25 - 2020-06-23 11:30 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-04 13:25 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-04 13:25 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-04 13:16 - 2020-06-23 11:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-04 13:16 - 2020-06-23 11:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-03 22:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-03 22:23 - 2016-09-11 17:16 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-04-03 22:20 - 2020-06-23 11:00 - 000722216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-03 20:39 - 2017-12-28 17:31 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-03 20:39 - 2016-09-12 13:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-03 20:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-03 19:54 - 2018-09-03 13:20 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\CrashDumps
2022-04-03 19:48 - 2017-10-04 14:27 - 000001048 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-03 17:06 - 2021-06-14 16:00 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\IGDump
2022-03-23 21:13 - 2021-02-22 14:47 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-02-22 14:47 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-20 21:00 - 2021-04-29 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-03-20 21:00 - 2018-04-05 13:49 - 000000000 ____D C:\Program Files\iTunes
2022-03-20 17:18 - 2020-07-05 14:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-20 17:18 - 2019-10-07 14:50 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-18 15:52 - 2018-11-21 16:08 - 000000000 ____D C:\Program Files\PDFCreator
==================== Fichiers à la racine de certains dossiers ========
2019-02-14 18:22 - 2019-12-29 15:59 - 003328384 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPCleaner.exe
2018-08-06 14:35 - 2018-08-06 14:35 - 003157376 _____ () C:\Users\Laurenceau\ZHPDiag3.exe
2020-03-16 13:30 - 2020-03-16 13:30 - 003425664 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPSuite.exe
==================== SigCheckExt =========================
2016-07-24 14:13 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2016-09-14 17:11 - 2021-09-03 14:21 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-10-07 18:24 - 2012-01-04 10:37 - 004444672 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2016-10-07 18:24 - 2012-01-04 10:37 - 001425408 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2015-10-30 09:19 - 2016-03-04 15:02 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-03-04 15:02 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2000-04-04 02:52 - 2000-04-04 02:52 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll
2019-02-14 18:22 - 2019-12-29 15:59 - 003328384 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPCleaner.exe
2018-08-06 14:35 - 2018-08-06 14:35 - 003157376 _____ C:\Users\Laurenceau\ZHPDiag3.exe
2020-03-16 13:30 - 2020-03-16 13:30 - 003425664 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPSuite.exe
2022-04-12 14:36 - 2022-04-12 14:36 - 002365952 _____ (Farbar) C:\Users\Laurenceau\Desktop\FRST64.exe
2022-04-12 13:45 - 2022-04-12 13:45 - 003482312 _____ (Nicolas Coolman) C:\Users\Laurenceau\Desktop\ZHPSuite.exe
2014-05-31 16:12 - 2014-05-31 16:34 - 132525638 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_fr.exe
2021-11-21 15:38 - 2021-11-21 15:38 - 000000000 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.11_Win_x86_install_fr.exe
2017-03-27 17:28 - 2017-03-27 17:33 - 132368998 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_fr.exe
2017-03-07 15:35 - 2017-03-07 15:35 - 000377672 _____ (Autodesk Inc.) C:\Users\Laurenceau\Downloads\AutoCAD_2017_French_Win_32_64bit_wi_fr-FR_Setup_webinstall.exe
2017-09-04 14:13 - 2017-09-04 14:13 - 000377824 _____ (Autodesk Inc.) C:\Users\Laurenceau\Downloads\AutoCAD_2018_French_Win_32_64bit_wi_fr-FR_Setup_webinstall.exe
2015-05-25 16:24 - 2015-05-25 16:24 - 001023571 _____ C:\Users\Laurenceau\Downloads\calculdesconduits2009frv.exe
2015-02-23 14:33 - 2015-02-23 14:34 - 010150809 _____ C:\Users\Laurenceau\Downloads\dolphin-x64-4.0.2.exe
2016-09-12 17:04 - 2016-09-12 17:04 - 001352192 _____ C:\Users\Laurenceau\Downloads\EJmiB6N87eh_SFTGC.exe
2016-11-06 15:03 - 2016-11-06 15:03 - 000862023 _____ C:\Users\Laurenceau\Downloads\GraphCalc4.0.1.exe
2019-05-26 14:56 - 2019-05-26 15:09 - 574665112 _____ (IZUBA énergies ) C:\Users\Laurenceau\Downloads\install_pleiades4.19.4.4.exe
2013-02-10 16:02 - 2017-01-05 14:15 - 013234037 _____ C:\Users\Laurenceau\Downloads\JPO 2012 & 2013.exe
2021-08-24 13:33 - 2021-08-24 13:33 - 002811112 _____ (kernel-panik) C:\Users\Laurenceau\Downloads\kprm_2.9.2.exe
2013-08-14 16:43 - 2013-08-14 16:44 - 001808233 _____ C:\Users\Laurenceau\Downloads\pf-setup-fr-653.exe
2014-07-13 14:06 - 2014-07-13 14:07 - 000593613 _____ C:\Users\Laurenceau\Downloads\Setup_ClearProg_1.6.1_Beta6.exe
2020-08-03 16:30 - 2020-08-03 16:32 - 000000000 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(11).exe
2020-08-04 13:33 - 2020-08-04 13:36 - 000000000 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(12).exe
2017-04-30 13:58 - 2017-04-30 14:03 - 094392654 _____ C:\Users\Laurenceau\Downloads\xcas64inst(1).exe
2017-04-30 13:50 - 2017-04-30 14:12 - 094392654 _____ C:\Users\Laurenceau\Downloads\xcas64inst.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3b7cd35e-b530-11ea-b48f-8cd4216513e4}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3b7cd35e-b530-11ea-b48f-8cd4216513e4}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3b7cd35e-b530-11ea-b48f-8cd4216513e4}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Laurenceau (administrateur) sur LAURENCEAU-HP (Hewlett-Packard HP Pavilion g7 Notebook PC) (12-04-2022 14:49:27)
Exécuté depuis C:\Users\Laurenceau\Desktop
Profils chargés: Laurenceau
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1620 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom) [Fichier non signé] C:\Program Files\TomTom HOME\TTHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <4>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Run: [Spotify] => C:\Users\Laurenceau\AppData\Roaming\Spotify\Spotify.exe [20025272 2022-03-19] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2603305841-1989612468-1150847816-1001\...\Policies\Explorer: []
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-08-10] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2021-09-03] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\99.0.15399.87\Installer\chrmstp.exe [2022-04-07] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-07] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0AA2DF51-1CD3-494B-A016-75E244963C40} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {0F339EBD-6E64-4E9C-9E42-B75D2F62245A} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-28] (Piriform Software Ltd -> Piriform Software)
Task: {137F8010-A0FF-4476-9829-F8C470575E48} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
Task: {192D0DE7-BB85-4D0C-9181-6C46CF411C12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C1BCDBE-7649-4192-9D46-BEA55A521B7D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {243EFE76-C168-484D-B849-16CA5BDD5BDD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {4E49B6D3-073A-44C8-BAD7-211114A6CA75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68BDDA44-CBA8-4434-8889-5CF9C605B435} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6E9A6329-EAE5-4F5A-AEA3-7DE439A77D13} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-28] (Piriform Software Ltd -> Piriform Software)
Task: {837E015B-10CA-4EDA-A11F-0A1B31F6C4C3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {88D4609A-D47E-4CD7-8243-DF9A96B6A433} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E322011-1B60-43B4-AB78-D7C0D9D1E7C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {8F09E83C-53B8-4505-BE5A-CAFAA59EB3B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {8F812873-1E7A-44E4-B135-DD5E58B51148} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9CFBC879-0D5E-4DB1-B391-A6A68E4AE61E} - System32\Tasks\CCleanerSkipUAC - Laurenceau => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A1DDEF15-EB13-45C2-98F5-88DF97D91ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-06] (Google Inc -> Google Inc.)
Task: {CA3B243C-20CE-4210-BA55-6D2F12A6ABE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4CF4F98-3A2B-454E-A545-D10983954027} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {FFF2BCDE-B5DC-4178-8814-78506B48094A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{52b7afb2-8dba-4717-9c88-36c47f7eea88}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-10]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-10]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\TomTom\HOME\Profiles\g44v2ne5.default [2019-11-17]
FF Extension: (Pas de nom) - D:\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 [2022-04-03]
FF Homepage: Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739 -> 20minutes.fr
FF Extension: (AdBlocker Ultimate) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (AdGuard AdBlocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\adguardadblocker@adguard.com.xpi [2021-10-08]
FF Extension: (Clear Cache) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\clearcache@michel.de.almeida.xpi [2021-10-08]
FF Extension: (Enhancer for YouTube™) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2021-10-08]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-09]
FF Extension: (Green Blocker) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\3hvqpqmv.default-release-1630333763739\Extensions\{585d400a-21d7-4270-a3c5-8c09aa351c1d}.xpi [2021-10-03]
FF ProfilePath: C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau [2022-04-12]
FF Homepage: Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau -> hxxps://www.20minutes.fr/
FF Notifications: Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau -> hxxps://www.foot-sur7.fr; hxxps://foot.streamonsport.fr; hxxps://assiste.com
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-04-12]
FF Extension: (McAfee® WebAdvisor) - C:\Users\Laurenceau\AppData\Roaming\Mozilla\Firefox\Profiles\1vz45b96.Antoine Laurenceau\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2022-04-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-12-13] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default [2022-04-03]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR91212G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-01-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurenceau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\99.0.15399.87\elevation_service.exe [1876832 2022-03-28] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-12-13] (Piriform Software Ltd -> Piriform Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [975088 2022-04-08] (McAfee, LLC -> McAfee, LLC)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 loqacnzi; C:\WINDOWS\system32\drivers\loqacnzi.sys [52472 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-03-06] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-12 14:54 - 2022-04-12 14:55 - 000000000 ____D C:\Users\Laurenceau\Desktop\crystaldiskinfo-portable-8-16-4
2022-04-12 14:51 - 2022-04-12 14:51 - 006189924 _____ C:\Users\Laurenceau\Desktop\crystaldiskinfo-portable-8-16-4.zip
2022-04-12 14:49 - 2022-04-12 14:56 - 000023916 _____ C:\Users\Laurenceau\Desktop\FRST.txt
2022-04-12 14:40 - 2022-04-12 14:53 - 000000000 ____D C:\FRST
2022-04-12 14:36 - 2022-04-12 14:36 - 002365952 _____ (Farbar) C:\Users\Laurenceau\Desktop\FRST64.exe
2022-04-12 13:45 - 2022-04-12 13:45 - 003482312 _____ (Nicolas Coolman) C:\Users\Laurenceau\Desktop\ZHPSuite.exe
2022-04-10 14:56 - 2022-04-10 14:56 - 000079855 _____ C:\Users\Laurenceau\Downloads\métreur-1.pdf
2022-04-09 14:51 - 2022-04-09 14:51 - 000011728 _____ C:\Users\Laurenceau\Desktop\Untitled 1.odt
2022-04-09 14:43 - 2022-04-09 14:29 - 000080238 _____ C:\Users\Laurenceau\Desktop\Métreur chiffreur.pdf
2022-04-06 13:17 - 2022-04-07 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-04-03 22:06 - 2022-04-03 22:09 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-04-03 22:06 - 2022-04-03 22:06 - 000001253 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-04-03 21:01 - 2022-04-03 21:01 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-03 19:42 - 2022-04-03 19:42 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-03 19:42 - 2022-04-03 19:42 - 000011791 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-03 19:41 - 2022-04-03 19:41 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-03 19:38 - 2022-04-03 19:39 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-03 18:14 - 2022-04-03 18:14 - 000000000 ___HD C:\$WinREAgent
2022-03-27 14:25 - 2022-03-27 14:25 - 000080443 _____ C:\Users\Laurenceau\Downloads\Technicien bureau d'études génie climatique Métreur Chiffreur.pdf
2022-03-20 21:13 - 2022-04-03 22:09 - 000000000 ____D C:\Program Files (x86)\LibreOffice 5
2022-03-20 21:00 - 2022-03-20 21:00 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-03-20 20:41 - 2022-03-20 20:42 - 029759472 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(22).exe
2022-03-20 20:32 - 2022-03-20 20:37 - 029759472 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(21).exe
2022-03-18 15:52 - 2022-03-18 15:52 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2022-03-18 15:51 - 2022-03-18 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2022-03-18 15:40 - 2022-03-18 15:42 - 040738528 _____ (pdfforge GmbH) C:\Users\Laurenceau\Downloads\PDFCreator-4_4_2-Setup.exe
2022-03-11 15:29 - 2022-03-11 15:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 15:26 - 2022-03-11 15:26 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 15:24 - 2022-03-11 15:24 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 15:22 - 2022-03-11 15:22 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-13 16:02 - 2022-02-13 16:03 - 029517808 _____ C:\Users\Laurenceau\Desktop\UCheck_portable64(21).exe
2022-02-12 14:25 - 2022-04-12 13:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-07 16:43 - 2022-02-07 16:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-01-27 14:30 - 2022-01-27 14:30 - 000498602 _____ C:\Users\Laurenceau\Desktop\attestation LAURENCEAU.pdf
2022-01-22 15:16 - 2021-10-08 12:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2022-01-15 16:12 - 2022-01-15 16:12 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-15 16:12 - 2022-01-15 16:12 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-12 15:04 - 2018-03-06 18:13 - 000731954 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2022-04-12 14:57 - 2016-11-18 16:50 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\Mozilla
2022-04-12 14:56 - 2018-01-06 19:58 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-12 14:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-12 14:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-12 14:37 - 2020-03-15 21:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-12 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-12 14:24 - 2021-06-17 13:43 - 000000000 ____D C:\Users\Laurenceau\AppData\Roaming\Spotify
2022-04-12 13:27 - 2017-10-04 14:27 - 000000000 ____D C:\Program Files\CCleaner
2022-04-12 13:21 - 2021-06-17 13:47 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\Spotify
2022-04-11 14:41 - 2019-11-23 15:50 - 000000000 ___RD C:\Users\Laurenceau\Desktop\CV
2022-04-11 13:37 - 2020-06-23 11:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-10 14:46 - 2020-06-23 11:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-09 14:51 - 2019-11-23 15:50 - 000015346 _____ C:\Users\Laurenceau\Desktop\Tableau contact employeurs.ods
2022-04-09 13:38 - 2018-03-11 20:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 13:54 - 2021-12-13 14:47 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2603305841-1989612468-1150847816-1001
2022-04-08 13:54 - 2020-08-21 13:51 - 000002436 _____ C:\Users\Laurenceau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-08 13:54 - 2020-06-23 11:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2603305841-1989612468-1150847816-1001
2022-04-07 15:12 - 2019-11-23 15:50 - 000000000 ____D C:\Users\Laurenceau\Desktop\candidatures
2022-04-07 13:39 - 2020-09-28 14:45 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-07 13:37 - 2020-12-13 17:51 - 000002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-04-07 13:37 - 2020-12-13 17:48 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-04-07 11:13 - 2021-10-10 13:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-07 11:13 - 2021-08-18 14:30 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-07 11:13 - 2018-11-14 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 13:04 - 2021-02-22 14:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 13:04 - 2020-06-23 11:48 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 13:04 - 2020-06-23 11:48 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-05 13:20 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-04 13:25 - 2020-06-23 11:30 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-04 13:25 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-04 13:25 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-04 13:16 - 2020-06-23 11:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-04 13:16 - 2020-06-23 11:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-03 22:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-03 22:23 - 2016-09-11 17:16 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-04-03 22:20 - 2020-06-23 11:00 - 000722216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-03 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-03 20:39 - 2017-12-28 17:31 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-03 20:39 - 2016-09-12 13:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-03 20:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-03 19:54 - 2018-09-03 13:20 - 000000000 ____D C:\Users\Laurenceau\AppData\Local\CrashDumps
2022-04-03 19:48 - 2017-10-04 14:27 - 000001048 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-03 17:06 - 2021-06-14 16:00 - 000000000 ____D C:\Users\Laurenceau\AppData\LocalLow\IGDump
2022-03-23 21:13 - 2021-02-22 14:47 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-02-22 14:47 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-20 21:00 - 2021-04-29 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-03-20 21:00 - 2018-04-05 13:49 - 000000000 ____D C:\Program Files\iTunes
2022-03-20 17:18 - 2020-07-05 14:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-20 17:18 - 2019-10-07 14:50 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-18 15:52 - 2018-11-21 16:08 - 000000000 ____D C:\Program Files\PDFCreator
==================== Fichiers à la racine de certains dossiers ========
2019-02-14 18:22 - 2019-12-29 15:59 - 003328384 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPCleaner.exe
2018-08-06 14:35 - 2018-08-06 14:35 - 003157376 _____ () C:\Users\Laurenceau\ZHPDiag3.exe
2020-03-16 13:30 - 2020-03-16 13:30 - 003425664 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPSuite.exe
==================== SigCheckExt =========================
2016-07-24 14:13 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2016-09-14 17:11 - 2021-09-03 14:21 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-10-07 18:24 - 2012-01-04 10:37 - 004444672 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2016-10-07 18:24 - 2012-01-04 10:37 - 001425408 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2015-10-30 09:19 - 2016-03-04 15:02 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-03-04 15:02 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2000-04-04 02:52 - 2000-04-04 02:52 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll
2019-02-14 18:22 - 2019-12-29 15:59 - 003328384 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPCleaner.exe
2018-08-06 14:35 - 2018-08-06 14:35 - 003157376 _____ C:\Users\Laurenceau\ZHPDiag3.exe
2020-03-16 13:30 - 2020-03-16 13:30 - 003425664 _____ (Nicolas Coolman) C:\Users\Laurenceau\ZHPSuite.exe
2022-04-12 14:36 - 2022-04-12 14:36 - 002365952 _____ (Farbar) C:\Users\Laurenceau\Desktop\FRST64.exe
2022-04-12 13:45 - 2022-04-12 13:45 - 003482312 _____ (Nicolas Coolman) C:\Users\Laurenceau\Desktop\ZHPSuite.exe
2014-05-31 16:12 - 2014-05-31 16:34 - 132525638 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_fr.exe
2021-11-21 15:38 - 2021-11-21 15:38 - 000000000 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.11_Win_x86_install_fr.exe
2017-03-27 17:28 - 2017-03-27 17:33 - 132368998 _____ C:\Users\Laurenceau\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_fr.exe
2017-03-07 15:35 - 2017-03-07 15:35 - 000377672 _____ (Autodesk Inc.) C:\Users\Laurenceau\Downloads\AutoCAD_2017_French_Win_32_64bit_wi_fr-FR_Setup_webinstall.exe
2017-09-04 14:13 - 2017-09-04 14:13 - 000377824 _____ (Autodesk Inc.) C:\Users\Laurenceau\Downloads\AutoCAD_2018_French_Win_32_64bit_wi_fr-FR_Setup_webinstall.exe
2015-05-25 16:24 - 2015-05-25 16:24 - 001023571 _____ C:\Users\Laurenceau\Downloads\calculdesconduits2009frv.exe
2015-02-23 14:33 - 2015-02-23 14:34 - 010150809 _____ C:\Users\Laurenceau\Downloads\dolphin-x64-4.0.2.exe
2016-09-12 17:04 - 2016-09-12 17:04 - 001352192 _____ C:\Users\Laurenceau\Downloads\EJmiB6N87eh_SFTGC.exe
2016-11-06 15:03 - 2016-11-06 15:03 - 000862023 _____ C:\Users\Laurenceau\Downloads\GraphCalc4.0.1.exe
2019-05-26 14:56 - 2019-05-26 15:09 - 574665112 _____ (IZUBA énergies ) C:\Users\Laurenceau\Downloads\install_pleiades4.19.4.4.exe
2013-02-10 16:02 - 2017-01-05 14:15 - 013234037 _____ C:\Users\Laurenceau\Downloads\JPO 2012 & 2013.exe
2021-08-24 13:33 - 2021-08-24 13:33 - 002811112 _____ (kernel-panik) C:\Users\Laurenceau\Downloads\kprm_2.9.2.exe
2013-08-14 16:43 - 2013-08-14 16:44 - 001808233 _____ C:\Users\Laurenceau\Downloads\pf-setup-fr-653.exe
2014-07-13 14:06 - 2014-07-13 14:07 - 000593613 _____ C:\Users\Laurenceau\Downloads\Setup_ClearProg_1.6.1_Beta6.exe
2020-08-03 16:30 - 2020-08-03 16:32 - 000000000 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(11).exe
2020-08-04 13:33 - 2020-08-04 13:36 - 000000000 _____ C:\Users\Laurenceau\Downloads\UCheck_portable64(12).exe
2017-04-30 13:58 - 2017-04-30 14:03 - 094392654 _____ C:\Users\Laurenceau\Downloads\xcas64inst(1).exe
2017-04-30 13:50 - 2017-04-30 14:12 - 094392654 _____ C:\Users\Laurenceau\Downloads\xcas64inst.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3b7cd35e-b530-11ea-b48f-8cd4216513e4}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3b7cd35e-b530-11ea-b48f-8cd4216513e4}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3293c2e6-b538-11ea-ad3c-caee3f1a0f57}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3b7cd35d-b530-11ea-b48f-8cd4216513e4}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3b7cd35e-b530-11ea-b48f-8cd4216513e4}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
==================== Fin de FRST.txt ========================