Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Exécuté par jacad (administrateur) sur TOSHIBA-15-5 (TOSHIBA Satellite A500) (19-08-2022 15:40:44)
Exécuté depuis C:\Users\jacad\Downloads
Profils chargés: jacad
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_isolation.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\jacad\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\jacad\AppData\Roaming\ZHP\ZHPSuite.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <21>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_975290a9f28c9a50\dynabookHDDProtection.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186408 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe [520520 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [Screenpresso] => C:\Users\jacad\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [18192392 2022-08-17] (Learnpulse -> Learnpulse)
HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [MicrosoftEdgeAutoLaunch_1D331B814A2299233D94B9FED2993217] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-04-12] (pdfforge GmbH) [Fichier non signé]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0018A5C2-418C-49DB-BBB9-17CB34ADBF8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {34B6CD56-09FC-402E-BE42-92DB627EC77B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {47B349B3-356C-4539-A467-0A579270C189} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-18] (Microsoft Windows -> Microsoft Corporation)
Task: {4D90AAF0-E096-44BA-B177-5864B5467F64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {623833ED-4D34-4DA1-874A-9C8183AE6F02} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {62B3C2A6-7613-4B23-82F0-0C5A493EBFAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {8BAD5C60-942A-42AA-B32C-DC68F31A3838} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E6AE734-B564-4DE2-B8D2-F4868D4D4554} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
Task: {BA530A5F-F264-4A4F-881F-41D304CB177C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C77A46A5-D836-4D81-8843-23F9206E1F54} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CCAB05D7-F475-4752-823A-5F08A2EE2FBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CD1E3459-71B9-4B9E-A58E-8047D408CC63} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {D036AB13-BBBD-4835-B689-038EF42F8E20} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-18] (Microsoft Windows -> Microsoft Corporation)
Task: {D6CD6081-8B9A-4ADB-98D5-8C55A286D136} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9B28EB1-47B5-42E7-BB70-BCCB47CDDBDE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EB18FFB1-F7D8-4509-BCD7-3411C6EAE792} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50AB8FA-4D09-4184-8E66-BF24448EA080} - System32\Tasks\CCleanerSkipUAC - jacad => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FCE4AB1F-F472-4FAB-9EEE-DE643F6A7EFE} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0512bf06-f2de-42ab-9d1f-14c28aecb4f4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{49668aa3-bf96-4113-8312-1bb56c7ad778}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a6527e3-7f95-48c7-95cf-b024d5531936}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d1f47f68-18df-4788-8b75-5311a8caafca}: [DhcpNameServer] 172.20.10.1
Edge:
=======
DownloadDir:
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-19]
Edge Extension: (Kaspersky Protection) - C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-18]
Edge HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: lnjzph4x.default-1458407387387-1656598465381
FF ProfilePath: C:\Users\jacad\AppData\Roaming\Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381 [2022-08-19]
FF Notifications: Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381 -> hxxps://assiste.com
FF Extension: (Kaspersky Protection) - C:\Users\jacad\AppData\Roaming\Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2022-08-18]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-21] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-21] <==== ATTENTION
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-07-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46832 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-16] (Malwarebytes Inc. -> Malwarebytes)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\thpevm.inf_amd64_975290a9f28c9a50\dynabookHDDProtection.exe [425800 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2012-07-31] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2012-06-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1582640 2022-07-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [188648 2022-08-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187200 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270752 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_klif_swmon; C:\WINDOWS\System32\Drivers\klupd_klif_swmon.sys [209928 2018-10-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-19 15:40 - 2022-08-19 15:44 - 000025291 _____ C:\Users\jacad\Downloads\FRST.txt
2022-08-19 15:38 - 2022-08-19 15:42 - 000000000 ____D C:\FRST
2022-08-19 15:37 - 2022-08-19 15:37 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64(1).exe
2022-08-19 15:34 - 2022-08-19 15:35 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64.exe
2022-08-19 14:51 - 2022-08-19 14:51 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-08-19 07:28 - 2022-08-19 07:28 - 000314821 _____ C:\Users\jacad\Desktop\ZHPDiag.txt
2022-08-19 06:55 - 2022-08-19 06:55 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(3).exe
2022-08-19 06:29 - 2022-08-19 06:29 - 000000000 ___HD C:\$WinREAgent
2022-08-18 18:01 - 2022-08-18 18:01 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(2).exe
2022-08-18 12:30 - 2022-08-18 17:56 - 000001936 _____ C:\Users\jacad\Desktop\kpm - Raccourci.lnk
2022-08-18 11:56 - 2022-08-18 11:56 - 000314288 _____ C:\Users\jacad\Desktop\ZHPDiagXXXX (2).txt
2022-08-18 11:15 - 2022-08-18 11:15 - 000000486 _____ C:\Users\jacad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WINDOWS (C).lnk
2022-08-18 11:01 - 2022-08-18 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-08-18 10:58 - 2022-08-19 06:29 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-18 10:58 - 2022-08-19 06:28 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-08-18 10:19 - 2022-08-18 10:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-18 10:18 - 2022-08-18 10:18 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-08-18 10:18 - 2022-08-18 10:18 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-18 10:18 - 2022-08-18 10:18 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-08-18 10:18 - 2022-08-18 10:18 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-08-18 10:18 - 2022-08-18 10:18 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-08-18 10:18 - 2022-08-18 10:18 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-08-18 10:18 - 2022-08-18 10:18 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-08-18 10:17 - 2022-08-18 10:17 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-08-18 10:17 - 2022-08-18 10:17 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-08-18 10:17 - 2022-08-18 10:17 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-08-18 10:17 - 2022-08-18 10:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-08-18 10:17 - 2022-08-18 10:17 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-08-18 10:17 - 2022-08-18 10:17 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-08-18 10:16 - 2022-08-18 10:16 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-18 10:14 - 2022-08-18 10:14 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-08-18 10:14 - 2022-08-18 10:14 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-08-18 10:13 - 2022-08-18 10:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-18 10:12 - 2022-08-18 10:12 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-08-18 10:12 - 2022-08-18 10:12 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-08-18 10:10 - 2022-08-18 10:10 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-08-18 10:10 - 2022-08-18 10:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-18 10:10 - 2022-08-18 10:10 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-18 10:10 - 2022-08-18 10:10 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-18 10:10 - 2022-08-18 10:10 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-18 06:48 - 2022-08-18 06:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-08-17 15:52 - 2022-08-18 11:06 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
2022-08-17 10:46 - 2022-08-17 10:46 - 000314769 _____ C:\Users\jacad\Desktop\ZHPDiagXXXX.txt
2022-08-17 10:23 - 2022-08-19 15:32 - 000000000 ____D C:\Users\jacad\AppData\Roaming\ZHP
2022-08-17 10:23 - 2022-08-19 06:59 - 000000915 _____ C:\Users\jacad\Desktop\ZHPSuite.lnk
2022-08-17 10:23 - 2022-08-17 10:23 - 000000000 ____D C:\Users\jacad\AppData\Local\ZHP
2022-08-17 10:22 - 2022-08-17 10:22 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(1).exe
2022-08-17 10:21 - 2022-08-17 10:21 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite.exe
2022-08-17 09:44 - 2022-08-17 09:44 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-08-17 09:40 - 2022-08-17 09:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-08-17 09:39 - 2022-08-17 09:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-08-17 09:35 - 2022-08-17 09:35 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-08-17 09:31 - 2022-08-17 09:31 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-08-17 09:31 - 2022-08-17 09:31 - 000000260 _____ C:\Users\jacad\Desktop\ordinateur très lent.URL
2022-08-17 09:30 - 2022-08-17 09:30 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-08-17 09:28 - 2022-08-17 09:28 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-08-17 09:28 - 2022-08-17 09:28 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-08-17 09:24 - 2022-08-17 09:24 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-08-17 09:10 - 2022-08-17 09:10 - 000023952 _____ C:\Users\jacad\Desktop\TOSHIBA-15-5.speccy
2022-08-17 08:55 - 2022-08-17 15:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-08-16 15:01 - 2022-08-16 15:01 - 000001434 _____ C:\Users\jacad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-08-16 14:26 - 2022-08-16 14:26 - 000000000 ____D C:\Users\jacad\.ms-ad
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-08-13 20:27 - 2022-08-13 20:27 - 000046832 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-07-08 17:23 - 2022-07-08 17:23 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-07-08 16:14 - 2022-07-08 16:14 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-07-08 16:12 - 2022-08-16 13:27 - 000000000 ____D C:\Program Files\RUXIM
2022-06-30 16:32 - 2022-06-30 16:27 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-06-30 16:24 - 2022-06-30 16:24 - 002549096 _____ (Malwarebytes) C:\Users\jacad\Downloads\MBSetup(1).exe
2022-06-30 16:13 - 2022-08-19 15:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-30 15:51 - 2022-06-30 15:52 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-06-30 15:50 - 2022-06-30 15:50 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-06-30 15:50 - 2022-06-30 15:50 - 000187200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-19 15:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-19 15:36 - 2017-01-06 16:46 - 000000000 ____D C:\Users\jacad\AppData\LocalLow\Mozilla
2022-08-19 15:23 - 2021-05-08 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-19 15:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-19 15:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-19 15:01 - 2018-08-16 09:11 - 000000000 ____D C:\Program Files\CCleaner
2022-08-19 14:56 - 2021-05-08 23:52 - 001778692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-19 14:56 - 2019-12-07 16:49 - 000795802 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-19 14:56 - 2019-12-07 16:49 - 000151166 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-19 14:51 - 2021-05-08 23:35 - 000448184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-19 14:49 - 2021-05-09 00:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-19 14:49 - 2021-05-08 23:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-19 07:55 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-19 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-19 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-08-19 07:47 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-19 07:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-19 07:42 - 2016-02-10 17:21 - 000000000 ____D C:\Users\jacad\AppData\Local\ClassicShell
2022-08-19 07:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-19 06:19 - 2021-05-09 00:12 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{79CB5219-7A43-4728-B462-177C5D4C51C9}
2022-08-18 11:06 - 2021-08-13 10:56 - 000001595 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2022-08-18 11:06 - 2016-02-16 17:52 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-08-18 11:05 - 2017-06-26 18:28 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-08-18 10:08 - 2021-05-08 23:39 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-18 09:21 - 2018-08-28 09:39 - 000000531 _____ C:\Users\jacad\Desktop\Jacques.website
2022-08-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-18 07:40 - 2016-02-17 16:34 - 000000000 ____D C:\Users\jacad\Desktop\Raccourcis Aplications
2022-08-18 07:13 - 2016-02-17 18:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-18 06:58 - 2016-02-17 18:07 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-18 06:46 - 2021-09-23 18:25 - 000000000 ____D C:\Users\jacad\OneDrive\Documents\Office Pro plus 2019 + Dropbox
2022-08-17 15:55 - 2021-02-24 19:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-17 15:42 - 2018-08-22 09:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-17 15:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-08-17 15:18 - 2018-08-07 11:26 - 000000000 ____D C:\ProgramData\Packages
2022-08-17 14:59 - 2021-05-09 00:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-17 14:57 - 2017-06-26 16:16 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-08-17 10:16 - 2021-09-18 17:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-08-17 10:15 - 2018-08-22 09:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-17 08:44 - 2021-05-09 00:12 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 08:44 - 2021-05-09 00:12 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-17 08:27 - 2021-05-08 16:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-08-17 08:20 - 2017-06-26 18:28 - 000001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-08-17 08:20 - 2017-06-26 18:28 - 000001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-08-16 15:44 - 2021-09-23 17:44 - 000000000 ___RD C:\Users\jacad\OneDrive\Documents\Fichiers Outlook
2022-08-16 14:26 - 2021-05-08 23:41 - 000000000 ____D C:\Users\jacad
2022-08-16 14:18 - 2021-05-08 17:45 - 000002444 _____ C:\Users\jacad\Desktop\Outlook.lnk
2022-08-16 13:31 - 2021-05-09 00:12 - 000004276 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-08-16 13:31 - 2021-05-09 00:12 - 000004044 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
==================== SigCheckExt =========================
2016-02-17 17:24 - 2009-12-08 17:19 - 000290304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrfxDA5c.dll
2016-02-17 17:24 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll
2016-02-17 17:24 - 2010-09-23 10:13 - 000051712 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll
2016-02-17 17:24 - 2005-04-22 06:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll
2016-02-17 17:24 - 2010-09-23 10:14 - 000058880 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll
2016-08-04 17:41 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2016-02-17 17:24 - 2012-03-19 06:09 - 000316928 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll
2018-08-06 16:58 - 2019-04-12 17:23 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2019-07-29 18:15 - 2019-07-29 18:15 - 000719817 _____ C:\WINDOWS\unins000.exe
2016-02-17 17:24 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2016-02-17 17:24 - 2007-12-13 23:16 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2016-02-17 17:24 - 2012-07-09 17:19 - 000005120 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2015-10-30 09:19 - 2016-10-15 07:17 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-10-15 07:17 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-02-17 17:24 - 2012-03-19 13:09 - 000245760 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000248120 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2022-08-19 15:37 - 2022-08-19 15:37 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64(1).exe
2022-08-19 15:34 - 2022-08-19 15:35 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64.exe
2022-08-17 10:22 - 2022-08-17 10:22 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(1).exe
2022-08-18 18:01 - 2022-08-18 18:01 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(2).exe
2022-08-19 06:55 - 2022-08-19 06:55 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(3).exe
2022-08-17 10:21 - 2022-08-17 10:21 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {821777d2-b04d-11eb-a71f-bfdd0650928f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {6c0d9a66-b045-11eb-96a1-cbce44dc7980}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6c0d9a67-b045-11eb-96a1-cbce44dc7980}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6c0d9a67-b045-11eb-96a1-cbce44dc7980}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6c0d9a66-b045-11eb-96a1-cbce44dc7980}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {821777d2-b04d-11eb-a71f-bfdd0650928f}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {821777d2-b04d-11eb-a71f-bfdd0650928f}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {6c0d9a66-b045-11eb-96a1-cbce44dc7980}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {6c0d9a67-b045-11eb-96a1-cbce44dc7980}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================