Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Exécuté par Sara (administrateur) sur LAPTOP-3NFGGI5Q (Acer Aspire V3-575T) (21-09-2022 19:45:28)
Exécuté depuis C:\Users\Sara\Desktop
Profils chargés: Sara
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2006 (X64) Langue: Français (Canada)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxEM.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(svchost.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-17] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BD73142-0F6D-45EC-8F86-FCBDEA80CABB} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2770688 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {0D3E1F3C-0C4B-4B8D-AA23-8C12EF4C9C5E} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-01-20] (Acer Incorporated -> )
Task: {197680AB-B80A-4A89-856D-E66CF42E3061} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {1984DBF1-5929-445B-805F-8E99D599EA06} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {2418823E-6F77-4B59-8638-65F6C3A49D4B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-01-20] (Acer Incorporated -> )
Task: {30BD5247-65CF-45DB-BACD-EB35373233A6} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [383840 2015-09-05] (Acer Incorporated -> Acer Incorporated)
Task: {3F982350-FCD4-43D5-AE0E-E367BCDC8662} - System32\Tasks\CCleanerSkipUAC - Sara => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {42214903-EDCE-4497-A610-A7493E7C7F76} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-07] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {47D24B09-C608-4A3F-A508-793C9DF62FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2017-09-12] (Google Inc -> Google Inc.)
Task: {485CE262-54BD-4CB8-920F-6C202DFB76A6} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4EE15F97-3315-4387-8698-2B619346B542} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Sara\Downloads\adwcleaner_7.2.4.0.exe /r (Pas de fichier)
Task: {70E3503C-9B6A-4532-97D6-AE543A32E054} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7DAF1596-B9BD-4665-8F6D-EC9D0BA42875} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {A21943FA-A74F-4B00-BE24-2D6724B29AB8} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6F39602-FFE5-47FC-B965-F82F100CBB07} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {BE512346-C621-4C5D-B01F-F69E3E5C2C27} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {CC8A0C4D-1DD5-4E01-AD9C-90C46F1EF6EC} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8FE12B8-350D-407F-8F6A-55AFFFEEBE97} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {ED59F6C5-7CA6-4E33-9639-27F43C97F025} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {FC45D628-5AC5-467B-A34F-B129B5D37981} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2017-09-12] (Google Inc -> Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05305529-8971-4580-aaad-6817b03134f2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ad710f6-e8a9-4b39-928b-88b81512d61f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b3d7379-14ba-4ea5-b100-3eb0c6388ec6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{639c44b8-cb37-455a-a21b-8c38d0935bf8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{64beac21-fcbe-4e0e-9d25-afdefe98f213}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8905caa5-1b4d-44e4-8f23-53c41d2b9cad}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a34b39ce-b34d-45c3-8f10-df0e5cd84d97}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a43d0fbf-8133-4f44-9365-7f2ddbd4ed69}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e26f5c33-46b4-4bdf-b521-b4a01c2469cc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f1374635-2189-4880-910e-ff7ba4d314b5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Sara\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sara\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-19]
Edge HomePage: Default -> hxxp://www.aufeminin.com/bebe/bebes-et-chatons-le-summum-de-la-mignonnerie-n273977.html
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: vv2mpzwq.default-1628270761955
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\vv2mpzwq.default-1628270761955 [2022-09-19]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\vv2mpzwq.default-1628270761955\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-09-19]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
CHR Notifications: Default -> hxxps://plus.google.com; hxxps://twitter.com
CHR HomePage: Default -> hxxp://www.aufeminin.com/bebe/bebes-et-chatons-le-summum-de-la-mignonnerie-n273977.html
CHR StartupUrls: Default -> "hxxp://iron-start.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-31]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-19]
CHR Extension: (Google Hangouts) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-19]
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-19]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8765464 2022-09-19] (Malwarebytes Inc. -> Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-05] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-05] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-08-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-09-19] (Malwarebytes Inc. -> Malwarebytes)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [Fichier non signé]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-21 19:45 - 2022-09-21 19:48 - 000020907 _____ C:\Users\Sara\Desktop\FRST.txt
2022-09-21 19:42 - 2022-09-21 19:47 - 000000000 ____D C:\FRST
2022-09-21 19:37 - 2022-09-21 19:37 - 000306639 _____ C:\Users\Sara\Desktop\ZHPDiag.txt
2022-09-21 19:30 - 2022-09-21 19:30 - 002371072 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2022-09-21 19:22 - 2022-09-21 19:22 - 000000868 _____ C:\Users\Sara\Desktop\ZHPSuite.lnk
2022-09-21 19:22 - 2022-09-21 19:22 - 000000000 ____D C:\Users\Sara\AppData\Local\ZHP
2022-09-21 19:19 - 2022-09-21 19:19 - 003508424 _____ (Nicolas Coolman) C:\Users\Sara\Desktop\ZHPSuite.exe
2022-09-20 19:31 - 2022-09-21 19:06 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\IGDump
2022-09-19 22:00 - 2022-09-19 22:00 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-09-19 21:59 - 2022-09-19 21:59 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-09-19 21:59 - 2022-09-19 21:59 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-09-19 21:57 - 2022-09-19 21:57 - 000000000 ____D C:\WINDOWS\Panther
2022-09-19 19:34 - 2022-09-19 19:34 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-19 19:34 - 2022-09-19 19:34 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-19 19:34 - 2022-09-19 19:34 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-19 19:34 - 2022-09-19 19:34 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-19 19:33 - 2022-09-19 19:30 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-09-19 19:28 - 2022-09-19 19:28 - 002638472 _____ (Malwarebytes) C:\Users\Sara\Downloads\MBSetup.exe
2022-09-17 19:03 - 2022-09-17 19:03 - 008791352 _____ (Malwarebytes) C:\Users\Sara\Desktop\adwcleaner(1).exe
2022-09-15 19:13 - 2022-09-15 19:13 - 000000000 ____D C:\ProgramData\Piriform
2022-09-14 20:15 - 2022-09-14 20:15 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 20:14 - 2022-09-14 20:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-14 20:13 - 2022-09-14 20:13 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 20:13 - 2022-09-14 20:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-14 20:13 - 2022-09-14 20:13 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-14 01:07 - 2022-09-14 01:07 - 000000000 ___HD C:\$WinREAgent
2022-09-07 18:58 - 2022-09-13 23:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-09-02 19:10 - 2022-09-02 19:10 - 000088350 _____ C:\Users\Sara\Downloads\FMD_DUT.pdf
2022-09-01 23:48 - 2022-09-02 19:11 - 000000000 ____D C:\Users\Sara\Desktop\fahd
2022-09-01 23:34 - 2022-09-01 23:34 - 000205663 _____ C:\Users\Sara\Downloads\relevé du note régional bac fahd.pdf
2022-09-01 23:31 - 2022-09-01 23:31 - 000382640 _____ C:\Users\Sara\Downloads\cnie fahd.pdf
2022-09-01 22:52 - 2022-09-01 22:52 - 000757406 _____ C:\Users\Sara\Downloads\relevé des notes bu bac fahd.pdf
2022-08-31 00:29 - 2022-08-31 00:29 - 000267201 _____ C:\Users\Sara\Downloads\PPL0260821.pdf
2022-08-29 19:53 - 2022-08-29 19:53 - 000196780 _____ C:\Users\Sara\Downloads\crlis1654790706687H.pdf
2022-08-24 00:57 - 2022-08-24 00:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2022-08-24 00:57 - 2022-08-24 00:57 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-08-24 00:51 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple Inc
2022-08-24 00:51 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple Computer
2022-08-22 20:03 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Roaming\Apple Computer
2022-08-22 19:54 - 2022-08-22 19:54 - 000000000 ____D C:\ProgramData\Apple Computer
2022-08-22 19:48 - 2022-08-24 00:57 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-08-22 19:48 - 2022-08-22 19:48 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files\Common Files\Apple
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files\Bonjour
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files (x86)\Bonjour
2022-08-19 18:00 - 2022-08-19 18:02 - 199436776 _____ (Apple Inc.) C:\Users\Sara\Downloads\iTunes64Setup.exe
2022-08-12 18:45 - 2022-08-12 18:45 - 000174881 _____ C:\Users\Sara\Downloads\recu_G137671960 (1).pdf
2022-08-12 18:44 - 2022-08-12 18:44 - 000174966 _____ C:\Users\Sara\Downloads\recu_G137671960.pdf
2022-08-11 20:45 - 2022-08-31 00:08 - 000180924 ____H C:\Users\Sara\Desktop\~WRL1210.tmp
2022-08-09 20:59 - 2022-08-09 20:59 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-09 20:59 - 2022-08-09 20:59 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-09 20:56 - 2022-08-09 20:56 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-09 20:56 - 2022-08-09 20:56 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-09 20:56 - 2022-08-09 20:56 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 20:37 - 2022-07-14 20:37 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-14 20:37 - 2022-07-14 20:37 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-14 20:37 - 2022-07-14 20:37 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 20:36 - 2022-07-14 20:36 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-14 20:36 - 2022-07-14 20:36 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-14 20:36 - 2022-07-14 20:36 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-14 20:34 - 2022-07-14 20:34 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-14 20:34 - 2022-07-14 20:34 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-21 19:53 - 2016-04-21 17:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-21 19:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-21 19:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-21 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-21 19:37 - 2016-05-15 17:05 - 000000000 ____D C:\Users\Sara\AppData\Roaming\ZHP
2022-09-21 19:33 - 2016-05-16 00:05 - 000000000 ____D C:\Program Files\CCleaner
2022-09-21 19:18 - 2017-01-17 19:20 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\Mozilla
2022-09-21 19:17 - 2017-11-22 15:20 - 000000000 ____D C:\Users\Sara\AppData\Local\CrashDumps
2022-09-21 18:51 - 2016-04-21 14:56 - 000000000 __SHD C:\Users\Sara\IntelGraphicsProfiles
2022-09-20 23:31 - 2022-04-10 22:32 - 000000000 ____D C:\Program Files (x86)\ROK
2022-09-20 22:13 - 2021-11-29 22:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-20 21:01 - 2022-04-10 22:50 - 000000000 ____D C:\Users\Sara\.lim
2022-09-20 20:59 - 2018-12-18 21:43 - 000001788 _____ C:\Users\Sara\Desktop\new.txt
2022-09-20 20:09 - 2020-02-23 16:48 - 000000000 ____D C:\Users\Sara\AppData\Roaming\Fusion_ld
2022-09-20 19:25 - 2021-11-29 23:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-20 19:25 - 2021-11-29 22:58 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-19 22:06 - 2018-06-10 17:29 - 000000000 ____D C:\Users\Sara\AppData\Local\D3DSCache
2022-09-19 21:55 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-19 19:35 - 2022-04-24 18:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-19 19:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-19 19:31 - 2022-04-13 19:11 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-19 19:29 - 2016-12-17 17:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-19 19:29 - 2016-12-17 17:48 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-18 19:01 - 2021-11-29 23:39 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-09-16 19:16 - 2020-06-05 17:08 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-16 19:16 - 2020-06-05 17:08 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-15 19:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-15 19:03 - 2021-11-29 23:24 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-15 19:03 - 2019-12-07 16:06 - 000780740 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-15 19:03 - 2019-12-07 16:06 - 000149406 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-14 22:10 - 2021-11-29 22:58 - 000480512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 21:51 - 2016-04-30 17:44 - 000000000 ____D C:\Users\Sara\AppData\Local\ElevatedDiagnostics
2022-09-14 20:50 - 2021-12-12 18:17 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2470235092-2696277341-3793261883-1001
2022-09-14 20:50 - 2021-11-29 23:39 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2470235092-2696277341-3793261883-1001
2022-09-14 20:50 - 2021-11-29 22:00 - 000002384 _____ C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-14 20:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 20:13 - 2021-11-29 23:03 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-13 23:43 - 2016-05-20 18:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-13 20:09 - 2016-04-21 17:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 19:55 - 2016-04-21 17:33 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-08 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-07 23:31 - 2022-02-11 00:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-07 23:31 - 2016-05-20 18:26 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-07 19:02 - 2018-02-21 15:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-06 19:03 - 2017-12-01 01:07 - 000000000 ____D C:\Users\Sara\AppData\Local\Packages
2022-09-05 23:16 - 2021-11-29 22:00 - 000000000 ____D C:\Users\Sara
2022-08-30 18:36 - 2021-11-29 23:39 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 18:36 - 2021-11-29 23:39 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-29 18:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-24 13:49 - 2016-04-21 15:35 - 000000000 ____D C:\Users\Sara\AppData\Local\Comms
2022-08-22 19:47 - 2017-11-13 15:24 - 000000000 ____D C:\ProgramData\Apple
==================== Fichiers à la racine de certains dossiers ========
2020-02-23 17:06 - 2020-02-23 17:06 - 000000068 _____ () C:\Users\Sara\AppData\Roaming\changzhi_leidian.data
2020-05-17 20:23 - 2020-05-17 20:23 - 000000068 _____ () C:\Users\Sara\AppData\Roaming\changzhi_mplayer.data
2018-11-05 16:38 - 2018-11-05 16:38 - 000000410 _____ () C:\Users\Sara\AppData\Local\oobelibMkey.log
2016-05-19 22:33 - 2017-01-01 21:30 - 000007601 _____ () C:\Users\Sara\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2006-12-02 00:37 - 2006-12-02 00:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-07-13 17:49 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-11 20:06 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2015-09-24 01:59 - 2015-09-05 16:16 - 000206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4279.dll
2017-03-16 19:54 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2017-03-16 19:54 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-05-22 10:00 - 2015-05-22 10:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
1998-06-17 17:08 - 1998-06-17 17:08 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42ENU.DLL
2015-10-30 08:19 - 2016-09-14 18:11 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2016-09-14 18:11 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2000-05-11 11:06 - 2000-05-11 11:06 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
2000-04-03 15:52 - 2000-04-03 15:52 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
2016-12-12 13:06 - 2016-12-12 13:06 - 000252416 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec32.dll
2016-12-12 13:06 - 2016-12-12 13:06 - 000306688 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec64.dll
2018-06-13 09:04 - 2018-06-13 09:04 - 000458752 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid.dll
2018-06-13 09:05 - 2018-06-13 09:05 - 000570368 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid64.dll
2022-09-21 19:30 - 2022-09-21 19:30 - 002371072 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2022-09-21 19:19 - 2022-09-21 19:19 - 003508424 _____ (Nicolas Coolman) C:\Users\Sara\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{c90adc61-c2d3-11ea-9c93-806e6f6e6963}
{c90adc62-c2d3-11ea-9c93-806e6f6e6963}
{c90adc63-c2d3-11ea-9c93-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-CA
inherit {globalsettings}
default {current}
resumeobject {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc61-c2d3-11ea-9c93-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc62-c2d3-11ea-9c93-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc63-c2d3-11ea-9c93-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {aecec90a-515f-11ec-9cde-db6a55753d3d}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{aecec90b-515f-11ec-9cde-db6a55753d3d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-CA
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{aecec90b-515f-11ec-9cde-db6a55753d3d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-CA
inherit {bootloadersettings}
recoverysequence {aecec90a-515f-11ec-9cde-db6a55753d3d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-CA
inherit {resumeloadersettings}
recoverysequence {aecec90a-515f-11ec-9cde-db6a55753d3d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-CA
inherit {globalsettings}
badmemoryaccess Yes
Paramٹtres EMS
--------------
identificateur {emssettings}
bootems No
Paramٹtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
Paramٹtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramٹtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramٹtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramٹtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {aecec90b-515f-11ec-9cde-db6a55753d3d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Sara (administrateur) sur LAPTOP-3NFGGI5Q (Acer Aspire V3-575T) (21-09-2022 19:45:28)
Exécuté depuis C:\Users\Sara\Desktop
Profils chargés: Sara
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2006 (X64) Langue: Français (Canada)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxEM.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(svchost.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2470235092-2696277341-3793261883-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-17] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0BD73142-0F6D-45EC-8F86-FCBDEA80CABB} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2770688 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {0D3E1F3C-0C4B-4B8D-AA23-8C12EF4C9C5E} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-01-20] (Acer Incorporated -> )
Task: {197680AB-B80A-4A89-856D-E66CF42E3061} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {1984DBF1-5929-445B-805F-8E99D599EA06} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {2418823E-6F77-4B59-8638-65F6C3A49D4B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-01-20] (Acer Incorporated -> )
Task: {30BD5247-65CF-45DB-BACD-EB35373233A6} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [383840 2015-09-05] (Acer Incorporated -> Acer Incorporated)
Task: {3F982350-FCD4-43D5-AE0E-E367BCDC8662} - System32\Tasks\CCleanerSkipUAC - Sara => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {42214903-EDCE-4497-A610-A7493E7C7F76} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-07] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {47D24B09-C608-4A3F-A508-793C9DF62FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2017-09-12] (Google Inc -> Google Inc.)
Task: {485CE262-54BD-4CB8-920F-6C202DFB76A6} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4EE15F97-3315-4387-8698-2B619346B542} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Sara\Downloads\adwcleaner_7.2.4.0.exe /r (Pas de fichier)
Task: {70E3503C-9B6A-4532-97D6-AE543A32E054} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7DAF1596-B9BD-4665-8F6D-EC9D0BA42875} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {A21943FA-A74F-4B00-BE24-2D6724B29AB8} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {B6F39602-FFE5-47FC-B965-F82F100CBB07} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {BE512346-C621-4C5D-B01F-F69E3E5C2C27} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {CC8A0C4D-1DD5-4E01-AD9C-90C46F1EF6EC} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8FE12B8-350D-407F-8F6A-55AFFFEEBE97} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {ED59F6C5-7CA6-4E33-9639-27F43C97F025} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {FC45D628-5AC5-467B-A34F-B129B5D37981} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2017-09-12] (Google Inc -> Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05305529-8971-4580-aaad-6817b03134f2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ad710f6-e8a9-4b39-928b-88b81512d61f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b3d7379-14ba-4ea5-b100-3eb0c6388ec6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{639c44b8-cb37-455a-a21b-8c38d0935bf8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{64beac21-fcbe-4e0e-9d25-afdefe98f213}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8905caa5-1b4d-44e4-8f23-53c41d2b9cad}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a34b39ce-b34d-45c3-8f10-df0e5cd84d97}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a43d0fbf-8133-4f44-9365-7f2ddbd4ed69}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e26f5c33-46b4-4bdf-b521-b4a01c2469cc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f1374635-2189-4880-910e-ff7ba4d314b5}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Sara\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sara\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-19]
Edge HomePage: Default -> hxxp://www.aufeminin.com/bebe/bebes-et-chatons-le-summum-de-la-mignonnerie-n273977.html
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: vv2mpzwq.default-1628270761955
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\vv2mpzwq.default-1628270761955 [2022-09-19]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\vv2mpzwq.default-1628270761955\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-09-19]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default [2022-09-21]
CHR Notifications: Default -> hxxps://plus.google.com; hxxps://twitter.com
CHR HomePage: Default -> hxxp://www.aufeminin.com/bebe/bebes-et-chatons-le-summum-de-la-mignonnerie-n273977.html
CHR StartupUrls: Default -> "hxxp://iron-start.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-31]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-19]
CHR Extension: (Google Hangouts) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-19]
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-19]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8765464 2022-09-19] (Malwarebytes Inc. -> Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-05] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-05] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-08-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-09-19] (Malwarebytes Inc. -> Malwarebytes)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [Fichier non signé]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-21 19:45 - 2022-09-21 19:48 - 000020907 _____ C:\Users\Sara\Desktop\FRST.txt
2022-09-21 19:42 - 2022-09-21 19:47 - 000000000 ____D C:\FRST
2022-09-21 19:37 - 2022-09-21 19:37 - 000306639 _____ C:\Users\Sara\Desktop\ZHPDiag.txt
2022-09-21 19:30 - 2022-09-21 19:30 - 002371072 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2022-09-21 19:22 - 2022-09-21 19:22 - 000000868 _____ C:\Users\Sara\Desktop\ZHPSuite.lnk
2022-09-21 19:22 - 2022-09-21 19:22 - 000000000 ____D C:\Users\Sara\AppData\Local\ZHP
2022-09-21 19:19 - 2022-09-21 19:19 - 003508424 _____ (Nicolas Coolman) C:\Users\Sara\Desktop\ZHPSuite.exe
2022-09-20 19:31 - 2022-09-21 19:06 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\IGDump
2022-09-19 22:00 - 2022-09-19 22:00 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-09-19 21:59 - 2022-09-19 21:59 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-09-19 21:59 - 2022-09-19 21:59 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-09-19 21:57 - 2022-09-19 21:57 - 000000000 ____D C:\WINDOWS\Panther
2022-09-19 19:34 - 2022-09-19 19:34 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-19 19:34 - 2022-09-19 19:34 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-19 19:34 - 2022-09-19 19:34 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-19 19:34 - 2022-09-19 19:34 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-19 19:33 - 2022-09-19 19:30 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-09-19 19:28 - 2022-09-19 19:28 - 002638472 _____ (Malwarebytes) C:\Users\Sara\Downloads\MBSetup.exe
2022-09-17 19:03 - 2022-09-17 19:03 - 008791352 _____ (Malwarebytes) C:\Users\Sara\Desktop\adwcleaner(1).exe
2022-09-15 19:13 - 2022-09-15 19:13 - 000000000 ____D C:\ProgramData\Piriform
2022-09-14 20:15 - 2022-09-14 20:15 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 20:14 - 2022-09-14 20:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-14 20:13 - 2022-09-14 20:13 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 20:13 - 2022-09-14 20:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-14 20:13 - 2022-09-14 20:13 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-14 01:07 - 2022-09-14 01:07 - 000000000 ___HD C:\$WinREAgent
2022-09-07 18:58 - 2022-09-13 23:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-09-02 19:10 - 2022-09-02 19:10 - 000088350 _____ C:\Users\Sara\Downloads\FMD_DUT.pdf
2022-09-01 23:48 - 2022-09-02 19:11 - 000000000 ____D C:\Users\Sara\Desktop\fahd
2022-09-01 23:34 - 2022-09-01 23:34 - 000205663 _____ C:\Users\Sara\Downloads\relevé du note régional bac fahd.pdf
2022-09-01 23:31 - 2022-09-01 23:31 - 000382640 _____ C:\Users\Sara\Downloads\cnie fahd.pdf
2022-09-01 22:52 - 2022-09-01 22:52 - 000757406 _____ C:\Users\Sara\Downloads\relevé des notes bu bac fahd.pdf
2022-08-31 00:29 - 2022-08-31 00:29 - 000267201 _____ C:\Users\Sara\Downloads\PPL0260821.pdf
2022-08-29 19:53 - 2022-08-29 19:53 - 000196780 _____ C:\Users\Sara\Downloads\crlis1654790706687H.pdf
2022-08-24 00:57 - 2022-08-24 00:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2022-08-24 00:57 - 2022-08-24 00:57 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-08-24 00:51 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple Inc
2022-08-24 00:51 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple Computer
2022-08-22 20:03 - 2022-08-24 00:51 - 000000000 ____D C:\Users\Sara\AppData\Roaming\Apple Computer
2022-08-22 19:54 - 2022-08-22 19:54 - 000000000 ____D C:\ProgramData\Apple Computer
2022-08-22 19:48 - 2022-08-24 00:57 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-08-22 19:48 - 2022-08-22 19:48 - 000000000 ____D C:\Users\Sara\AppData\Local\Apple
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files\Common Files\Apple
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files\Bonjour
2022-08-22 19:47 - 2022-08-22 19:47 - 000000000 ____D C:\Program Files (x86)\Bonjour
2022-08-19 18:00 - 2022-08-19 18:02 - 199436776 _____ (Apple Inc.) C:\Users\Sara\Downloads\iTunes64Setup.exe
2022-08-12 18:45 - 2022-08-12 18:45 - 000174881 _____ C:\Users\Sara\Downloads\recu_G137671960 (1).pdf
2022-08-12 18:44 - 2022-08-12 18:44 - 000174966 _____ C:\Users\Sara\Downloads\recu_G137671960.pdf
2022-08-11 20:45 - 2022-08-31 00:08 - 000180924 ____H C:\Users\Sara\Desktop\~WRL1210.tmp
2022-08-09 20:59 - 2022-08-09 20:59 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-09 20:59 - 2022-08-09 20:59 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-09 20:56 - 2022-08-09 20:56 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-09 20:56 - 2022-08-09 20:56 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-09 20:56 - 2022-08-09 20:56 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 20:37 - 2022-07-14 20:37 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-14 20:37 - 2022-07-14 20:37 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-14 20:37 - 2022-07-14 20:37 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-14 20:37 - 2022-07-14 20:37 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 20:36 - 2022-07-14 20:36 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-14 20:36 - 2022-07-14 20:36 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-14 20:36 - 2022-07-14 20:36 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-14 20:36 - 2022-07-14 20:36 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-14 20:34 - 2022-07-14 20:34 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-14 20:34 - 2022-07-14 20:34 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-14 20:32 - 2022-07-14 20:32 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-21 19:53 - 2016-04-21 17:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-21 19:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-21 19:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-21 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-21 19:37 - 2016-05-15 17:05 - 000000000 ____D C:\Users\Sara\AppData\Roaming\ZHP
2022-09-21 19:33 - 2016-05-16 00:05 - 000000000 ____D C:\Program Files\CCleaner
2022-09-21 19:18 - 2017-01-17 19:20 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\Mozilla
2022-09-21 19:17 - 2017-11-22 15:20 - 000000000 ____D C:\Users\Sara\AppData\Local\CrashDumps
2022-09-21 18:51 - 2016-04-21 14:56 - 000000000 __SHD C:\Users\Sara\IntelGraphicsProfiles
2022-09-20 23:31 - 2022-04-10 22:32 - 000000000 ____D C:\Program Files (x86)\ROK
2022-09-20 22:13 - 2021-11-29 22:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-20 21:01 - 2022-04-10 22:50 - 000000000 ____D C:\Users\Sara\.lim
2022-09-20 20:59 - 2018-12-18 21:43 - 000001788 _____ C:\Users\Sara\Desktop\new.txt
2022-09-20 20:09 - 2020-02-23 16:48 - 000000000 ____D C:\Users\Sara\AppData\Roaming\Fusion_ld
2022-09-20 19:25 - 2021-11-29 23:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-20 19:25 - 2021-11-29 22:58 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-19 22:06 - 2018-06-10 17:29 - 000000000 ____D C:\Users\Sara\AppData\Local\D3DSCache
2022-09-19 21:55 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-19 19:35 - 2022-04-24 18:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-19 19:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-19 19:31 - 2022-04-13 19:11 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-19 19:29 - 2016-12-17 17:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-19 19:29 - 2016-12-17 17:48 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-18 19:01 - 2021-11-29 23:39 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-09-16 19:16 - 2020-06-05 17:08 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-16 19:16 - 2020-06-05 17:08 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-15 19:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-15 19:03 - 2021-11-29 23:24 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-15 19:03 - 2019-12-07 16:06 - 000780740 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-15 19:03 - 2019-12-07 16:06 - 000149406 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-14 22:10 - 2021-11-29 22:58 - 000480512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-14 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 21:51 - 2016-04-30 17:44 - 000000000 ____D C:\Users\Sara\AppData\Local\ElevatedDiagnostics
2022-09-14 20:50 - 2021-12-12 18:17 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2470235092-2696277341-3793261883-1001
2022-09-14 20:50 - 2021-11-29 23:39 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2470235092-2696277341-3793261883-1001
2022-09-14 20:50 - 2021-11-29 22:00 - 000002384 _____ C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-14 20:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 20:13 - 2021-11-29 23:03 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-13 23:43 - 2016-05-20 18:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-13 20:09 - 2016-04-21 17:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-13 19:55 - 2016-04-21 17:33 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-08 18:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-07 23:31 - 2022-02-11 00:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-07 23:31 - 2016-05-20 18:26 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-07 19:02 - 2018-02-21 15:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-06 19:03 - 2017-12-01 01:07 - 000000000 ____D C:\Users\Sara\AppData\Local\Packages
2022-09-05 23:16 - 2021-11-29 22:00 - 000000000 ____D C:\Users\Sara
2022-08-30 18:36 - 2021-11-29 23:39 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 18:36 - 2021-11-29 23:39 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-29 18:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-24 13:49 - 2016-04-21 15:35 - 000000000 ____D C:\Users\Sara\AppData\Local\Comms
2022-08-22 19:47 - 2017-11-13 15:24 - 000000000 ____D C:\ProgramData\Apple
==================== Fichiers à la racine de certains dossiers ========
2020-02-23 17:06 - 2020-02-23 17:06 - 000000068 _____ () C:\Users\Sara\AppData\Roaming\changzhi_leidian.data
2020-05-17 20:23 - 2020-05-17 20:23 - 000000068 _____ () C:\Users\Sara\AppData\Roaming\changzhi_mplayer.data
2018-11-05 16:38 - 2018-11-05 16:38 - 000000410 _____ () C:\Users\Sara\AppData\Local\oobelibMkey.log
2016-05-19 22:33 - 2017-01-01 21:30 - 000007601 _____ () C:\Users\Sara\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2006-12-02 00:37 - 2006-12-02 00:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-07-13 17:49 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-11 20:06 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2015-09-24 01:59 - 2015-09-05 16:16 - 000206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4279.dll
2017-03-16 19:54 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2017-03-16 19:54 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-05-22 10:00 - 2015-05-22 10:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
1998-06-17 17:08 - 1998-06-17 17:08 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42ENU.DLL
2015-10-30 08:19 - 2016-09-14 18:11 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2016-09-14 18:11 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2000-05-11 11:06 - 2000-05-11 11:06 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
2000-04-03 15:52 - 2000-04-03 15:52 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
2016-12-12 13:06 - 2016-12-12 13:06 - 000252416 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec32.dll
2016-12-12 13:06 - 2016-12-12 13:06 - 000306688 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsc2_codec64.dll
2018-06-13 09:04 - 2018-06-13 09:04 - 000458752 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid.dll
2018-06-13 09:05 - 2018-06-13 09:05 - 000570368 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid64.dll
2022-09-21 19:30 - 2022-09-21 19:30 - 002371072 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2022-09-21 19:19 - 2022-09-21 19:19 - 003508424 _____ (Nicolas Coolman) C:\Users\Sara\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{c90adc61-c2d3-11ea-9c93-806e6f6e6963}
{c90adc62-c2d3-11ea-9c93-806e6f6e6963}
{c90adc63-c2d3-11ea-9c93-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-CA
inherit {globalsettings}
default {current}
resumeobject {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc61-c2d3-11ea-9c93-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc62-c2d3-11ea-9c93-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {c90adc63-c2d3-11ea-9c93-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {aecec90a-515f-11ec-9cde-db6a55753d3d}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{aecec90b-515f-11ec-9cde-db6a55753d3d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-CA
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{aecec90b-515f-11ec-9cde-db6a55753d3d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-CA
inherit {bootloadersettings}
recoverysequence {aecec90a-515f-11ec-9cde-db6a55753d3d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {beb2267a-515e-11ec-9cdc-54ab3a2a456e}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-CA
inherit {resumeloadersettings}
recoverysequence {aecec90a-515f-11ec-9cde-db6a55753d3d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-CA
inherit {globalsettings}
badmemoryaccess Yes
Paramٹtres EMS
--------------
identificateur {emssettings}
bootems No
Paramٹtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
Paramٹtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramٹtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramٹtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramٹtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {aecec90b-515f-11ec-9cde-db6a55753d3d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================