Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2022
Exécuté par edwar (administrateur) sur LAPTOP-LF3TMEC6 (HP HP Laptop 15-da0xxx) (11-10-2022 21:33:34)
Exécuté depuis C:\Users\edwar\Desktop
Profils chargés: edwar
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1826 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Dism.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Users\edwar\AppData\Local\Temp\D5DA2870-E0E3-45BE-B5DE-0590592FF781\DismHost.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <9>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f043f909bedcd504\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe
(WindowsPowerShell\v1.0\powershell.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f043f909bedcd504\RtkAudUService64.exe [1361000 2021-10-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4125408 2022-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\...\Policies\Explorer: [AllowOnlineTips] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {84ff2dfd-2f42-11ed-9876-d89c67d0ae36} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {cb67d866-c408-11ea-9530-84a93ea5d46e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {e2b5b425-d053-11ec-9842-84a93ea5d46e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\106.1.44.108\Installer\chrmstp.exe [2022-10-08] (Brave Software, Inc. -> Brave Software, Inc.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0956353E-2E2E-4B4E-ABC7-8927BE9C919A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -SmartCheckError (Pas de fichier)
Task: {0E0B4FC9-EC3A-4B39-A394-18243C3026CF} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6803168 2022-09-06] (Avast Software s.r.o. -> Avast Software)
Task: {10CD6E30-D254-42A1-BF78-45C68F7B6D75} - System32\Tasks\HPPrintMonitorService => C:\Program Files (x86)\HP\Diagnostics\PrintMonitorService\HPPrintMonitorService.exe (Pas de fichier)
Task: {26BD4F7B-27B5-41C9-9564-4927B711EA19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1254648378-2022100744-2433976430-1001Core => C:\Users\edwar\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {27852BC2-0B91-43CC-970C-06615A464EE0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {32EF572F-53FD-4521-AB13-199D9D74A2F1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {344D2545-F89B-4199-8F8B-E83FC3B9FC8D} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {37C01371-FE4B-4304-B4F2-7E61D6AAA689} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38DB4FEF-28DC-4931-BB49-F969EECFCE3E} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /c (Pas de fichier)
Task: {38FA7219-F727-4A17-AABB-CFA7E5DAEFB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BC71312-0569-4E0A-A2A3-329A8B2983AB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {519A9073-4D08-42AC-80EF-544B9768D140} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -ABO (Pas de fichier)
Task: {51AE8922-F9DE-463F-A0DA-30CE3B6AEE7F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\edwar\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (Pas de fichier)
Task: {51FEAC9D-4DDD-487F-AE38-6057B24556B9} - System32\Tasks\CCleanerSkipUAC - edwar => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6CCB5A64-AFF5-4B47-B721-63B8188244BF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe (Pas de fichier)
Task: {7B53FFFC-050F-4532-996F-159476EF4249} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\edwar\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (Pas de fichier)
Task: {7DDDA97B-A75D-45E3-9431-7D8220B1F31D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7EC0CA46-6551-4415-BB05-BDF3088D6015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-31] (Google Inc -> Google LLC)
Task: {8B71E58D-C7D2-4656-A57D-A3228D63A43B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BHM2 (Pas de fichier)
Task: {A9162C13-3163-4A39-B36B-56C60D066D02} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BatteryStatusTest (Pas de fichier)
Task: {B2A057E9-343C-4BF5-9D18-E630AD57F9A1} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4737760 2022-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df9834cb-f7a2-4574-9f1c-b3a0a45e042e
Task: {C16A7CE7-4949-47E9-8451-E11110418B87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-31] (Google Inc -> Google LLC)
Task: {C17DC408-219C-4D59-A62E-5C9FC877FBCB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BCF (Pas de fichier)
Task: {C2AAB087-71F9-435B-AA49-A60281EC2B7A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BHM1 (Pas de fichier)
Task: {C3F4E6E7-0A3D-4D97-99AF-371A0B3FA757} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D14C2283-16E1-4C15-B037-32E0B7EFA35E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -LaunchUI (Pas de fichier)
Task: {DC2FEAF1-7E3E-4D69-8244-6DF58DA796CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1254648378-2022100744-2433976430-1001UA => C:\Users\edwar\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {E434CB07-EB6B-4BA6-8E0C-B7FA5A5531DB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -SmartCheckTest (Pas de fichier)
Task: {EC5AEA0F-0449-4676-AF6B-3E431771645F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BatteryStatusError (Pas de fichier)
Task: {F3A8B4B7-F7DF-4F39-B431-F505EC460450} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d9b64449-54fb-45d7-8464-adb5eb77525e" --version "6.04.10044" --silent
Task: {FB4AE725-A391-43D8-A822-CF233F967274} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7125e60d-418b-400d-a72d-4e25308a3b50}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c926b38-f8a3-400a-802f-087cda068196}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a96caac2-693c-4328-94a9-1748742777e8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc456674-4de5-4c3b-9607-fe1e280b64f0}: [DhcpNameServer] 10.0.0.1
Edge:
=======
DownloadDir: C:\Users\edwar\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-10]
Edge Notifications: Default -> hxxps://www.easeus.fr
Edge DefaultSearchURL: Default -> hxxps://www.chainethermale.fr/android-chrome-v2-192x192.png
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-30]
Edge Extension: (Chaine Thermale du Soleil) - C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mildfemlpecnkancgnmjbaklnmpifmib [2021-03-18]
Edge HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: inyj26nt.default
FF ProfilePath: C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\inyj26nt.default [2021-08-13]
FF ProfilePath: C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\zmd5vt9p.default-release-1662623308488 [2022-10-05]
FF Extension: (Français Language Pack) - C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\zmd5vt9p.default-release-1662623308488\Extensions\langpack-fr@firefox.mozilla.org.xpi [2022-09-08]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default [2022-10-05]
CHR StartupUrls: Default -> "hxxps://mail.yahoo.com/"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-01]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-09-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-01]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-12]
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-05]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-10-11]
BRA Extension: (Google Translate) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
BRA Extension: (AdBlock — best ad blocker) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-11]
BRA Extension: (Smallpdf - Edit, Compress and Convert PDF) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-19]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-10-05]
BRA Extension: (Brave NTP background images) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-12]
BRA Extension: (Brave Ads Resources) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2022-07-13]
BRA Extension: (Wallet Data Files Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-09-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-10-11]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-07-16]
BRA Extension: (Brave User Model Installer) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2020-12-10]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-05-02]
BRA Extension: (Brave Ads Resources) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2022-06-04]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave NTP sponsored images) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-10-11]
BRA Extension: (Crypto Wallets) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-08-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-10-05]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2021-09-25] (Microsoft Windows -> )
S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15464160 2022-09-07] (Avast Software s.r.o. -> AVAST Software)
S2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-25] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-10-08] (Malwarebytes Inc. -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108992 2018-04-27] (Alcorlink Corp. -> )
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslc5e5df81; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1C787AE-1F82-40BA-A6BA-E195E4B20C58}\MpKslDrv.sys [228632 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2020-09-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-11 21:33 - 2022-10-11 21:40 - 000025150 _____ C:\Users\edwar\Desktop\FRST.txt
2022-10-11 19:49 - 2022-10-11 21:18 - 000000000 ____D C:\Users\edwar\Desktop\Nouveau dossier
2022-10-11 18:26 - 2022-10-11 18:26 - 000000000 ___HD C:\$WinREAgent
2022-10-11 17:10 - 2022-10-11 17:11 - 092216136 _____ (LuckyDog Software, Inc. ) C:\Users\edwar\Downloads\itubego.exe
2022-10-11 14:13 - 2022-10-11 14:13 - 000011691 _____ C:\Users\edwar\Downloads\ReleveIdentiteBancaire.pdf
2022-10-09 20:37 - 2022-10-11 18:21 - 002373120 _____ (Farbar) C:\Users\edwar\Desktop\FRST64.exe
2022-10-09 20:32 - 2022-10-09 20:32 - 002372096 _____ (Farbar) C:\Users\edwar\Downloads\FRST64.exe
2022-10-09 17:14 - 2022-10-09 17:14 - 000000918 _____ C:\Users\edwar\Desktop\ZHPDiag.lnk
2022-10-09 17:13 - 2022-10-09 17:13 - 003310792 _____ (Nicolas Coolman) C:\Users\edwar\Downloads\ZHPDiag3.exe
2022-10-09 12:33 - 2022-10-11 20:03 - 000002458 _____ C:\Users\edwar\Desktop\Brave.lnk
2022-10-09 07:58 - 2022-10-09 07:58 - 000000000 ____D C:\Users\edwar\Documents\CDS
2022-10-08 09:11 - 2022-10-10 16:05 - 000000000 ____D C:\Users\edwar\AppData\LocalLow\IGDump
2022-10-08 07:58 - 2022-10-08 07:58 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-08 07:58 - 2022-10-08 07:58 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-08 07:58 - 2022-10-08 07:58 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-08 07:58 - 2022-10-08 07:56 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-08 07:57 - 2022-10-08 07:56 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-08 07:55 - 2022-10-08 07:55 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-07 23:18 - 2022-10-07 23:20 - 001980452 _____ C:\WINDOWS\Minidump\100722-45906-01.dmp
2022-10-07 23:18 - 2022-10-07 23:18 - 1104980389 _____ C:\WINDOWS\MEMORY.DMP
2022-10-07 21:32 - 2022-10-07 21:37 - 000429159 _____ C:\Users\edwar\Documents\bookmarks_10_7_22.html
2022-10-06 19:13 - 2022-10-09 18:00 - 088080384 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-10-06 19:12 - 2022-10-06 19:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-10-06 18:14 - 2022-10-06 18:15 - 000534992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-01 14:41 - 2022-10-11 15:21 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-01 14:40 - 2022-10-11 15:21 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-09-27 15:28 - 2022-10-09 07:49 - 000000000 ____D C:\Users\edwar\Documents\Telegram Desktop
2022-09-27 12:04 - 2022-09-27 12:11 - 000000000 ___HD C:\$WINDOWS.~BT
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-11 21:39 - 2020-06-24 11:16 - 000000000 ____D C:\FRST
2022-10-11 21:34 - 2020-07-16 21:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-11 21:21 - 2019-08-31 00:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-11 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-11 20:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-11 19:46 - 2022-06-01 07:48 - 000000000 ____D C:\Users\edwar\AppData\Local\iTubeGo
2022-10-11 19:42 - 2022-07-14 12:50 - 000000804 _____ C:\Users\Public\Desktop\iTubeGo.lnk
2022-10-11 19:42 - 2022-06-01 07:48 - 000000816 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTubeGo.lnk
2022-10-11 19:42 - 2022-06-01 07:48 - 000000000 ____D C:\Program Files\iTubeGo
2022-10-11 19:27 - 2020-06-21 05:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-11 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-10-11 18:24 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-10-11 15:21 - 2022-08-12 11:05 - 000000000 ____D C:\Program Files\CCleaner
2022-10-11 13:43 - 2021-05-14 09:28 - 000001085 _____ C:\Users\edwar\Desktop\Telegram.lnk
2022-10-11 13:43 - 2021-05-14 09:27 - 000000000 ____D C:\Users\edwar\AppData\Roaming\Telegram Desktop
2022-10-11 13:43 - 2020-03-18 16:58 - 000000000 ____D C:\Users\edwar\AppData\Roaming\WhatsApp
2022-10-11 13:38 - 2022-01-28 20:44 - 000002254 _____ C:\Users\edwar\Desktop\WhatsApp.lnk
2022-10-11 13:17 - 2019-08-30 21:25 - 000000000 __SHD C:\Users\edwar\IntelGraphicsProfiles
2022-10-11 10:19 - 2020-06-25 22:18 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-10 16:01 - 2022-03-12 02:21 - 000000000 ____D C:\Intel
2022-10-10 16:01 - 2020-06-21 05:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-10 16:01 - 2020-06-21 05:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-10 16:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-10 12:51 - 2020-06-21 05:12 - 000000000 ____D C:\Users\edwar
2022-10-10 10:54 - 2019-09-05 19:11 - 000000000 ____D C:\Users\edwar\AppData\Roaming\ZHP
2022-10-09 18:03 - 2020-03-26 11:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-09 18:00 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-09 17:14 - 2019-12-22 09:54 - 000000000 ____D C:\Users\edwar\AppData\Local\ZHP
2022-10-09 08:02 - 2021-12-03 20:30 - 000000000 ___RD C:\Users\edwar\Documents\Archives 2022
2022-10-08 21:45 - 2020-05-02 10:03 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-10-08 20:53 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-08 20:04 - 2022-06-07 00:09 - 000000000 ____D C:\Users\edwar\Documents\esseniens
2022-10-08 18:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 18:31 - 2021-12-03 14:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 10:31 - 2020-06-21 05:25 - 001925678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-08 10:31 - 2019-12-07 16:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2022-10-08 10:31 - 2019-12-07 16:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2022-10-08 07:59 - 2021-04-26 23:03 - 000000928 _____ C:\Users\edwar\Desktop\ZHPCleaner.lnk
2022-10-08 07:58 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-08 07:55 - 2020-10-19 23:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-07 23:25 - 2022-01-28 20:43 - 000000000 ____D C:\Users\edwar\AppData\Local\WhatsApp
2022-10-07 23:21 - 2020-12-31 21:54 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 20:11 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-07 18:22 - 2018-04-28 08:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-06 06:03 - 2019-10-28 21:46 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-10-04 20:53 - 2022-08-18 13:29 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A4026484-D6BC-452A-8DCF-55D9FF80C066}
2022-10-04 08:28 - 2019-09-07 17:36 - 000000000 ____D C:\Users\edwar\AppData\Local\ElevatedDiagnostics
2022-10-04 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2022-10-01 23:16 - 2020-10-20 23:14 - 000000000 ____D C:\Users\edwar\AppData\Local\CrashDumps
2022-09-30 23:24 - 2022-08-12 11:06 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-09-30 17:27 - 2022-08-18 17:40 - 000000000 ____D C:\Program Files\ESET
2022-09-29 22:54 - 2020-11-03 10:58 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-09-27 19:52 - 2019-10-21 23:22 - 000000000 ___HD C:\Program Files\~WordPress.com
2022-09-27 12:11 - 2020-06-21 05:56 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2022-09-27 12:11 - 2020-06-21 05:56 - 000001908 _____ C:\WINDOWS\diagerr.xml
2022-09-26 09:23 - 2019-09-05 14:23 - 000000000 ____D C:\Users\edwar\AppData\Local\D3DSCache
2022-09-22 11:20 - 2019-08-30 21:30 - 000000000 ____D C:\Users\edwar\AppData\Local\PlaceholderTileLogoFolder
2022-09-22 10:43 - 2019-08-30 21:25 - 000000000 ____D C:\Users\edwar\AppData\Local\Packages
2022-09-18 20:20 - 2022-09-08 09:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-14 21:53 - 2019-08-30 22:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 18:35 - 2019-08-30 22:39 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-11 09:28 - 2020-03-31 10:25 - 000000000 ____D C:\Users\edwar\AppData\LocalLow\Mozilla
2022-09-11 09:14 - 2022-09-07 16:17 - 000001784 _____ C:\Users\edwar\Desktop\Gilets jaunes le clip qui pourrait valoir deux ans de prison ferme à Alain Soral - Raccourci.lnk
==================== Fichiers à la racine de certains dossiers ========
2019-08-31 10:09 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall578868.exe
2019-08-31 10:10 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall609501.exe
2019-08-31 10:10 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall648691.exe
2020-11-03 10:58 - 2022-09-29 22:54 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-04-14 00:12 - 2022-04-14 00:12 - 000000015 _____ () C:\Users\edwar\AppData\Roaming\obs-virtualcam.txt
2020-12-05 14:40 - 2020-12-05 14:40 - 000000048 _____ () C:\Users\edwar\AppData\Local\computerid
2020-02-07 00:57 - 2020-02-07 00:57 - 000008817 _____ () C:\Users\edwar\AppData\Local\dump.log
2019-10-11 22:07 - 2020-05-06 00:00 - 000007605 _____ () C:\Users\edwar\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2010-07-23 09:55 - 2010-07-23 09:55 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 15:12 - 2010-01-19 15:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2009-11-27 12:15 - 2009-11-27 12:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2018-11-08 20:00 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\rtl8723de.dll
2018-11-08 20:04 - 2016-09-20 20:00 - 000001156 _____ C:\WINDOWS\PidVid_List.dll
2001-01-30 04:33 - 2001-01-30 04:33 - 000028944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20ESP.DLL
2010-08-06 11:13 - 2010-08-06 11:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2018-11-08 20:00 - 2010-12-01 10:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2019-09-06 19:30 - 2010-05-11 13:17 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2011-04-29 16:41 - 2011-04-29 16:41 - 001230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2011-04-29 16:41 - 2011-04-29 16:41 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2020-11-03 10:58 - 2022-09-29 22:54 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-10-09 20:37 - 2022-10-11 18:21 - 002373120 _____ (Farbar) C:\Users\edwar\Desktop\FRST64.exe
2022-10-09 20:32 - 2022-10-09 20:32 - 002372096 _____ (Farbar) C:\Users\edwar\Downloads\FRST64.exe
2022-10-09 17:13 - 2022-10-09 17:13 - 003310792 _____ (Nicolas Coolman) C:\Users\edwar\Downloads\ZHPDiag3.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par edwar (administrateur) sur LAPTOP-LF3TMEC6 (HP HP Laptop 15-da0xxx) (11-10-2022 21:33:34)
Exécuté depuis C:\Users\edwar\Desktop
Profils chargés: edwar
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1826 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Dism.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Users\edwar\AppData\Local\Temp\D5DA2870-E0E3-45BE-B5DE-0590592FF781\DismHost.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <9>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f043f909bedcd504\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe
(WindowsPowerShell\v1.0\powershell.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f043f909bedcd504\RtkAudUService64.exe [1361000 2021-10-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4125408 2022-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM\...\Policies\Explorer: [AllowOnlineTips] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {84ff2dfd-2f42-11ed-9876-d89c67d0ae36} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {cb67d866-c408-11ea-9530-84a93ea5d46e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\...\MountPoints2: {e2b5b425-d053-11ec-9842-84a93ea5d46e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\106.1.44.108\Installer\chrmstp.exe [2022-10-08] (Brave Software, Inc. -> Brave Software, Inc.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0956353E-2E2E-4B4E-ABC7-8927BE9C919A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -SmartCheckError (Pas de fichier)
Task: {0E0B4FC9-EC3A-4B39-A394-18243C3026CF} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6803168 2022-09-06] (Avast Software s.r.o. -> Avast Software)
Task: {10CD6E30-D254-42A1-BF78-45C68F7B6D75} - System32\Tasks\HPPrintMonitorService => C:\Program Files (x86)\HP\Diagnostics\PrintMonitorService\HPPrintMonitorService.exe (Pas de fichier)
Task: {26BD4F7B-27B5-41C9-9564-4927B711EA19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1254648378-2022100744-2433976430-1001Core => C:\Users\edwar\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {27852BC2-0B91-43CC-970C-06615A464EE0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {32EF572F-53FD-4521-AB13-199D9D74A2F1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {344D2545-F89B-4199-8F8B-E83FC3B9FC8D} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {37C01371-FE4B-4304-B4F2-7E61D6AAA689} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38DB4FEF-28DC-4931-BB49-F969EECFCE3E} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /c (Pas de fichier)
Task: {38FA7219-F727-4A17-AABB-CFA7E5DAEFB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BC71312-0569-4E0A-A2A3-329A8B2983AB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {519A9073-4D08-42AC-80EF-544B9768D140} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -ABO (Pas de fichier)
Task: {51AE8922-F9DE-463F-A0DA-30CE3B6AEE7F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\edwar\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (Pas de fichier)
Task: {51FEAC9D-4DDD-487F-AE38-6057B24556B9} - System32\Tasks\CCleanerSkipUAC - edwar => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6CCB5A64-AFF5-4B47-B721-63B8188244BF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe (Pas de fichier)
Task: {7B53FFFC-050F-4532-996F-159476EF4249} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\edwar\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (Pas de fichier)
Task: {7DDDA97B-A75D-45E3-9431-7D8220B1F31D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7EC0CA46-6551-4415-BB05-BDF3088D6015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-31] (Google Inc -> Google LLC)
Task: {8B71E58D-C7D2-4656-A57D-A3228D63A43B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BHM2 (Pas de fichier)
Task: {A9162C13-3163-4A39-B36B-56C60D066D02} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BatteryStatusTest (Pas de fichier)
Task: {B2A057E9-343C-4BF5-9D18-E630AD57F9A1} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4737760 2022-09-07] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df9834cb-f7a2-4574-9f1c-b3a0a45e042e
Task: {C16A7CE7-4949-47E9-8451-E11110418B87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-31] (Google Inc -> Google LLC)
Task: {C17DC408-219C-4D59-A62E-5C9FC877FBCB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BCF (Pas de fichier)
Task: {C2AAB087-71F9-435B-AA49-A60281EC2B7A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BHM1 (Pas de fichier)
Task: {C3F4E6E7-0A3D-4D97-99AF-371A0B3FA757} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D14C2283-16E1-4C15-B037-32E0B7EFA35E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -LaunchUI (Pas de fichier)
Task: {DC2FEAF1-7E3E-4D69-8244-6DF58DA796CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1254648378-2022100744-2433976430-1001UA => C:\Users\edwar\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {E434CB07-EB6B-4BA6-8E0C-B7FA5A5531DB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -SmartCheckTest (Pas de fichier)
Task: {EC5AEA0F-0449-4676-AF6B-3E431771645F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe -BatteryStatusError (Pas de fichier)
Task: {F3A8B4B7-F7DF-4F39-B431-F505EC460450} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d9b64449-54fb-45d7-8464-adb5eb77525e" --version "6.04.10044" --silent
Task: {FB4AE725-A391-43D8-A822-CF233F967274} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7125e60d-418b-400d-a72d-4e25308a3b50}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c926b38-f8a3-400a-802f-087cda068196}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a96caac2-693c-4328-94a9-1748742777e8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc456674-4de5-4c3b-9607-fe1e280b64f0}: [DhcpNameServer] 10.0.0.1
Edge:
=======
DownloadDir: C:\Users\edwar\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-10]
Edge Notifications: Default -> hxxps://www.easeus.fr
Edge DefaultSearchURL: Default -> hxxps://www.chainethermale.fr/android-chrome-v2-192x192.png
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-30]
Edge Extension: (Chaine Thermale du Soleil) - C:\Users\edwar\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mildfemlpecnkancgnmjbaklnmpifmib [2021-03-18]
Edge HKU\S-1-5-21-1254648378-2022100744-2433976430-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: inyj26nt.default
FF ProfilePath: C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\inyj26nt.default [2021-08-13]
FF ProfilePath: C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\zmd5vt9p.default-release-1662623308488 [2022-10-05]
FF Extension: (Français Language Pack) - C:\Users\edwar\AppData\Roaming\Mozilla\Firefox\Profiles\zmd5vt9p.default-release-1662623308488\Extensions\langpack-fr@firefox.mozilla.org.xpi [2022-09-08]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default [2022-10-05]
CHR StartupUrls: Default -> "hxxps://mail.yahoo.com/"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-01]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-09-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-01]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-12]
CHR Profile: C:\Users\edwar\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-05]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-10-11]
BRA Extension: (Google Translate) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
BRA Extension: (AdBlock — best ad blocker) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-11]
BRA Extension: (Smallpdf - Edit, Compress and Convert PDF) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2022-07-19]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-10-05]
BRA Extension: (Brave NTP background images) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-12]
BRA Extension: (Brave Ads Resources) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2022-07-13]
BRA Extension: (Wallet Data Files Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-09-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-10-11]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-07-16]
BRA Extension: (Brave User Model Installer) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2020-12-10]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-05-02]
BRA Extension: (Brave Ads Resources) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2022-06-04]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave NTP sponsored images) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-10-11]
BRA Extension: (Crypto Wallets) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-08-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\edwar\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-10-05]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-05-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2021-09-25] (Microsoft Windows -> )
S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15464160 2022-09-07] (Avast Software s.r.o. -> AVAST Software)
S2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-25] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-10-08] (Malwarebytes Inc. -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108992 2018-04-27] (Alcorlink Corp. -> )
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslc5e5df81; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1C787AE-1F82-40BA-A6BA-E195E4B20C58}\MpKslDrv.sys [228632 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2020-09-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-11 21:33 - 2022-10-11 21:40 - 000025150 _____ C:\Users\edwar\Desktop\FRST.txt
2022-10-11 19:49 - 2022-10-11 21:18 - 000000000 ____D C:\Users\edwar\Desktop\Nouveau dossier
2022-10-11 18:26 - 2022-10-11 18:26 - 000000000 ___HD C:\$WinREAgent
2022-10-11 17:10 - 2022-10-11 17:11 - 092216136 _____ (LuckyDog Software, Inc. ) C:\Users\edwar\Downloads\itubego.exe
2022-10-11 14:13 - 2022-10-11 14:13 - 000011691 _____ C:\Users\edwar\Downloads\ReleveIdentiteBancaire.pdf
2022-10-09 20:37 - 2022-10-11 18:21 - 002373120 _____ (Farbar) C:\Users\edwar\Desktop\FRST64.exe
2022-10-09 20:32 - 2022-10-09 20:32 - 002372096 _____ (Farbar) C:\Users\edwar\Downloads\FRST64.exe
2022-10-09 17:14 - 2022-10-09 17:14 - 000000918 _____ C:\Users\edwar\Desktop\ZHPDiag.lnk
2022-10-09 17:13 - 2022-10-09 17:13 - 003310792 _____ (Nicolas Coolman) C:\Users\edwar\Downloads\ZHPDiag3.exe
2022-10-09 12:33 - 2022-10-11 20:03 - 000002458 _____ C:\Users\edwar\Desktop\Brave.lnk
2022-10-09 07:58 - 2022-10-09 07:58 - 000000000 ____D C:\Users\edwar\Documents\CDS
2022-10-08 09:11 - 2022-10-10 16:05 - 000000000 ____D C:\Users\edwar\AppData\LocalLow\IGDump
2022-10-08 07:58 - 2022-10-08 07:58 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-08 07:58 - 2022-10-08 07:58 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-08 07:58 - 2022-10-08 07:58 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-08 07:58 - 2022-10-08 07:56 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-08 07:57 - 2022-10-08 07:56 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-08 07:55 - 2022-10-08 07:55 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-07 23:18 - 2022-10-07 23:20 - 001980452 _____ C:\WINDOWS\Minidump\100722-45906-01.dmp
2022-10-07 23:18 - 2022-10-07 23:18 - 1104980389 _____ C:\WINDOWS\MEMORY.DMP
2022-10-07 21:32 - 2022-10-07 21:37 - 000429159 _____ C:\Users\edwar\Documents\bookmarks_10_7_22.html
2022-10-06 19:13 - 2022-10-09 18:00 - 088080384 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-10-06 19:12 - 2022-10-06 19:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-10-06 18:14 - 2022-10-06 18:15 - 000534992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-01 14:41 - 2022-10-11 15:21 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-10-01 14:40 - 2022-10-11 15:21 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-09-27 15:28 - 2022-10-09 07:49 - 000000000 ____D C:\Users\edwar\Documents\Telegram Desktop
2022-09-27 12:04 - 2022-09-27 12:11 - 000000000 ___HD C:\$WINDOWS.~BT
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-11 21:39 - 2020-06-24 11:16 - 000000000 ____D C:\FRST
2022-10-11 21:34 - 2020-07-16 21:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-11 21:21 - 2019-08-31 00:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-11 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-11 20:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-11 19:46 - 2022-06-01 07:48 - 000000000 ____D C:\Users\edwar\AppData\Local\iTubeGo
2022-10-11 19:42 - 2022-07-14 12:50 - 000000804 _____ C:\Users\Public\Desktop\iTubeGo.lnk
2022-10-11 19:42 - 2022-06-01 07:48 - 000000816 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTubeGo.lnk
2022-10-11 19:42 - 2022-06-01 07:48 - 000000000 ____D C:\Program Files\iTubeGo
2022-10-11 19:27 - 2020-06-21 05:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-11 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-10-11 18:24 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-10-11 15:21 - 2022-08-12 11:05 - 000000000 ____D C:\Program Files\CCleaner
2022-10-11 13:43 - 2021-05-14 09:28 - 000001085 _____ C:\Users\edwar\Desktop\Telegram.lnk
2022-10-11 13:43 - 2021-05-14 09:27 - 000000000 ____D C:\Users\edwar\AppData\Roaming\Telegram Desktop
2022-10-11 13:43 - 2020-03-18 16:58 - 000000000 ____D C:\Users\edwar\AppData\Roaming\WhatsApp
2022-10-11 13:38 - 2022-01-28 20:44 - 000002254 _____ C:\Users\edwar\Desktop\WhatsApp.lnk
2022-10-11 13:17 - 2019-08-30 21:25 - 000000000 __SHD C:\Users\edwar\IntelGraphicsProfiles
2022-10-11 10:19 - 2020-06-25 22:18 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-10 16:01 - 2022-03-12 02:21 - 000000000 ____D C:\Intel
2022-10-10 16:01 - 2020-06-21 05:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-10 16:01 - 2020-06-21 05:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-10 16:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-10 12:51 - 2020-06-21 05:12 - 000000000 ____D C:\Users\edwar
2022-10-10 10:54 - 2019-09-05 19:11 - 000000000 ____D C:\Users\edwar\AppData\Roaming\ZHP
2022-10-09 18:03 - 2020-03-26 11:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-09 18:00 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-09 17:14 - 2019-12-22 09:54 - 000000000 ____D C:\Users\edwar\AppData\Local\ZHP
2022-10-09 08:02 - 2021-12-03 20:30 - 000000000 ___RD C:\Users\edwar\Documents\Archives 2022
2022-10-08 21:45 - 2020-05-02 10:03 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-10-08 20:53 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-08 20:04 - 2022-06-07 00:09 - 000000000 ____D C:\Users\edwar\Documents\esseniens
2022-10-08 18:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 18:31 - 2021-12-03 14:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 10:31 - 2020-06-21 05:25 - 001925678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-08 10:31 - 2019-12-07 16:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2022-10-08 10:31 - 2019-12-07 16:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2022-10-08 07:59 - 2021-04-26 23:03 - 000000928 _____ C:\Users\edwar\Desktop\ZHPCleaner.lnk
2022-10-08 07:58 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-08 07:55 - 2020-10-19 23:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-07 23:25 - 2022-01-28 20:43 - 000000000 ____D C:\Users\edwar\AppData\Local\WhatsApp
2022-10-07 23:21 - 2020-12-31 21:54 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 20:11 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-07 18:22 - 2018-04-28 08:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-06 06:03 - 2019-10-28 21:46 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-10-04 20:53 - 2022-08-18 13:29 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A4026484-D6BC-452A-8DCF-55D9FF80C066}
2022-10-04 08:28 - 2019-09-07 17:36 - 000000000 ____D C:\Users\edwar\AppData\Local\ElevatedDiagnostics
2022-10-04 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2022-10-01 23:16 - 2020-10-20 23:14 - 000000000 ____D C:\Users\edwar\AppData\Local\CrashDumps
2022-09-30 23:24 - 2022-08-12 11:06 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-09-30 17:27 - 2022-08-18 17:40 - 000000000 ____D C:\Program Files\ESET
2022-09-29 22:54 - 2020-11-03 10:58 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-09-27 19:52 - 2019-10-21 23:22 - 000000000 ___HD C:\Program Files\~WordPress.com
2022-09-27 12:11 - 2020-06-21 05:56 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2022-09-27 12:11 - 2020-06-21 05:56 - 000001908 _____ C:\WINDOWS\diagerr.xml
2022-09-26 09:23 - 2019-09-05 14:23 - 000000000 ____D C:\Users\edwar\AppData\Local\D3DSCache
2022-09-22 11:20 - 2019-08-30 21:30 - 000000000 ____D C:\Users\edwar\AppData\Local\PlaceholderTileLogoFolder
2022-09-22 10:43 - 2019-08-30 21:25 - 000000000 ____D C:\Users\edwar\AppData\Local\Packages
2022-09-18 20:20 - 2022-09-08 09:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-14 21:53 - 2019-08-30 22:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 18:35 - 2019-08-30 22:39 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-11 09:28 - 2020-03-31 10:25 - 000000000 ____D C:\Users\edwar\AppData\LocalLow\Mozilla
2022-09-11 09:14 - 2022-09-07 16:17 - 000001784 _____ C:\Users\edwar\Desktop\Gilets jaunes le clip qui pourrait valoir deux ans de prison ferme à Alain Soral - Raccourci.lnk
==================== Fichiers à la racine de certains dossiers ========
2019-08-31 10:09 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall578868.exe
2019-08-31 10:10 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall609501.exe
2019-08-31 10:10 - 2018-03-08 22:57 - 000665448 _____ (WildTangent, Inc.) C:\ProgramData\uninstall648691.exe
2020-11-03 10:58 - 2022-09-29 22:54 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-04-14 00:12 - 2022-04-14 00:12 - 000000015 _____ () C:\Users\edwar\AppData\Roaming\obs-virtualcam.txt
2020-12-05 14:40 - 2020-12-05 14:40 - 000000048 _____ () C:\Users\edwar\AppData\Local\computerid
2020-02-07 00:57 - 2020-02-07 00:57 - 000008817 _____ () C:\Users\edwar\AppData\Local\dump.log
2019-10-11 22:07 - 2020-05-06 00:00 - 000007605 _____ () C:\Users\edwar\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2010-07-23 09:55 - 2010-07-23 09:55 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll
2010-07-23 09:55 - 2010-07-23 09:55 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll
2010-01-19 15:12 - 2010-01-19 15:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL
2009-11-27 12:15 - 2009-11-27 12:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll
2018-11-08 20:00 - 2013-04-02 00:19 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\rtl8723de.dll
2018-11-08 20:04 - 2016-09-20 20:00 - 000001156 _____ C:\WINDOWS\PidVid_List.dll
2001-01-30 04:33 - 2001-01-30 04:33 - 000028944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20ESP.DLL
2010-08-06 11:13 - 2010-08-06 11:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll
2018-11-08 20:00 - 2010-12-01 10:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2019-09-06 19:30 - 2010-05-11 13:17 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2011-04-29 16:41 - 2011-04-29 16:41 - 001230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2011-04-29 16:41 - 2011-04-29 16:41 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2020-11-03 10:58 - 2022-09-29 22:54 - 003303624 _____ (Nicolas Coolman) C:\Users\edwar\ZHPCleaner.exe
2022-10-09 20:37 - 2022-10-11 18:21 - 002373120 _____ (Farbar) C:\Users\edwar\Desktop\FRST64.exe
2022-10-09 20:32 - 2022-10-09 20:32 - 002372096 _____ (Farbar) C:\Users\edwar\Downloads\FRST64.exe
2022-10-09 17:13 - 2022-10-09 17:13 - 003310792 _____ (Nicolas Coolman) C:\Users\edwar\Downloads\ZHPDiag3.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================