Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2022
Exécuté par Sandrine (administrateur) sur SANDRINE-PC (HP-Pavilion RY922AA-ABF s3040.fr) (31-12-2022 13:26:48)
Exécuté depuis C:\Users\Sandrine\Downloads
Profils chargés: Sandrine
Plate-forme: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe
(explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe <2>
(explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\vkise.exe
(explorer.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe <17>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(IObit CO., LTD -> IObit) C:\Program Files\IObit\Driver Booster\10.1.0\Pub\PubPlatform.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\isesrv.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(taskeng.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [18296096 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleanerBrowserAutoLaunch_FEADC1B1F85D0A69178DA670B9DF0B89] => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppwn7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [28552 2007-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 3630 series): C:\Windows\system32\HPDiscoPME311.dll [658848 2019-03-19] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [314880 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\Windows\system32\hpzllwn7.dll [37888 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\Windows\system32\mdimon.dll [28040 2007-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\108.0.19666.127\Installer\chrmstp.exe [2022-12-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-09] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0CB678F8-29B2-445E-972E-65F37C5706BC} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {1556A33E-407B-48DB-8932-70981258A508} - System32\Tasks\CCleanerSkipUAC - Sandrine => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {16D29A24-EC04-47B9-83C4-A6F9DE69FE2F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {3C241A63-F1EA-4818-9435-550BC61567E8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {5777B1AA-EEAF-49B9-B509-508A4AA57743} - System32\Tasks\Driver Booster SkipUAC (Sandrine) => C:\Program Files\IObit\Driver Booster\10.1.0\DriverBooster.exe [9001448 2022-11-21] (IObit CO., LTD -> IObit)
Task: {5C108BB4-457F-4D1B-9CBD-D90FF63575BB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4208464 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d7e717e0-bb9a-414a-b4a3-63aa3eee3f98" --version "6.07.10191" --silent
Task: {61566206-45C7-4FC1-B8D8-D471261B94F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {6787C61E-8BBD-4461-B84B-ABA4951DFBBF} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7A69102D-AE00-4571-B356-BBE22F08CAAA} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {8A866512-6751-47DB-9175-9C4E18455E2F} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\10.1.0\AutoUpdate.exe [2516968 2022-11-14] (IObit CO., LTD -> IObit)
Task: {90DE3AA2-DDEE-4A8B-AB2E-29580CCB6095} - System32\Tasks\Opera scheduled Autoupdate 1639491446 => C:\Users\Sandrine\AppData\Local\Programs\Opera\launcher.exe [1962440 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {9987E2FF-17BA-45B5-BBF8-FF381507AF7C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {BB9C6134-6787-49A0-9A7F-24504DA5BC3D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C07B7777-C063-443A-A96E-956573147FDD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C0D77605-8D9E-4514-9EA8-C938A0D78290} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {D038C985-822A-405F-9D66-521F669E2F84} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D0846659-9DCF-414B-97A3-1D01CF5C471C} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [4422560 2019-03-19] (HP Inc -> HP Inc.)
Task: {D2A518B5-8E02-4131-B3EB-5B1D577A2E4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {FF6928AD-33B7-473A-9D89-B77BCD0DF990} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\10.1.0\Scheduler.exe [157784 2022-10-26] (IObit CO., LTD -> IObit)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1B244CEC-815C-4657-A33A-344BF13E8489}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{4F7D1A70-A489-460A-B67A-B00BB27BB1D7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Sandrine\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-19]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default [2022-12-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-18]
Opera:
=======
OPR Profile: C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable [2022-12-31]
OPR Notifications: Opera Stable -> hxxps://fr.mail.yahoo.com; hxxps://www.aufeminin.com; hxxps://www.femmeactuelle.fr; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-21]
OPR Extension: (Opera Wallet) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-14]
OPR Extension: (Old Layout for Facebook) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\klgiknehmpglcgkibdodkmjbliggfkch [2022-08-08]
OPR Extension: (Google Traduction) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2022-12-21]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\108.0.19666.127\elevation_service.exe [1473184 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [9017152 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2001512 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S3 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 KSDE5.8; C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [229432 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [99240 2019-10-14] (Alcorlink Corp. -> )
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [25432 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [668488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40440 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [53032 2022-10-13] (AnchorFree Inc -> The OpenVPN Project)
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] (Logitech Inc -> )
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [573440 2009-08-22] (Realtek Semiconductor Corporation) [Fichier non signé]
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-31 13:26 - 2022-12-31 13:29 - 000018089 _____ C:\Users\Sandrine\Downloads\FRST.txt
2022-12-31 13:25 - 2022-12-31 13:27 - 000000000 ____D C:\FRST
2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe
2022-12-31 13:19 - 2022-12-31 13:19 - 000245122 _____ C:\Users\Sandrine\Desktop\ZHPDiag.txt
2022-12-31 12:54 - 2022-12-31 12:54 - 000000000 ____D C:\Users\Sandrine\AppData\Local\ZHP
2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe
2022-12-23 09:04 - 2022-12-23 09:05 - 000125731 _____ C:\Users\Sandrine\Downloads\claude binet.jpeg
2022-12-21 10:40 - 2022-12-21 10:41 - 007930294 _____ C:\Users\Sandrine\Downloads\cheveux-11-12-2022-01-2023.pdf
2022-12-20 18:55 - 2022-12-20 18:55 - 000055633 _____ C:\Users\Sandrine\Downloads\ob_fe8537_nativite.jpeg
2022-12-20 18:44 - 2022-12-20 18:44 - 000102443 _____ C:\Users\Sandrine\Downloads\end-neuvaine-de-noel-1.pdf
2022-12-13 18:42 - 2022-12-13 18:42 - 000185671 _____ C:\Users\Sandrine\Downloads\transits planétaires 2 roland legrand.jpeg
2022-12-13 18:41 - 2022-12-13 18:42 - 000177282 _____ C:\Users\Sandrine\Downloads\transits planétaires roland legrand.jpeg
2022-12-12 16:31 - 2022-12-12 16:31 - 000042653 _____ C:\Users\Sandrine\Downloads\invoice-58699-63974945540ea.pdf
2022-12-11 18:13 - 2022-12-11 18:14 - 001368253 _____ C:\Users\Sandrine\Downloads\medecine-integree.com-Inscrivez vous à notre newsletter .pdf
2022-12-09 17:47 - 2022-12-09 17:47 - 000000923 _____ C:\Users\Sandrine\Documents\sablés des chats bredels.txt
2022-12-02 08:53 - 2022-12-02 08:53 - 000048173 _____ C:\Users\Sandrine\Downloads\Vinted-FR-S612956646.pdf
2022-12-02 08:48 - 2022-12-02 08:50 - 000048173 _____ C:\Users\Sandrine\Downloads\Bordereau-Vinted-4771299968.pdf
2022-12-01 16:11 - 2022-12-01 16:11 - 000100434 _____ C:\Users\Sandrine\Downloads\l'ancre et carte 34 alexandre.jpeg
2022-12-01 16:10 - 2022-12-01 16:10 - 000111721 _____ C:\Users\Sandrine\Downloads\le coeur et l'anneau alexandre.jpeg
2022-12-01 16:09 - 2022-12-01 16:09 - 000114087 _____ C:\Users\Sandrine\Downloads\la faux et la verge Elvira.jpeg
2022-12-01 16:08 - 2022-12-01 16:08 - 000099671 _____ C:\Users\Sandrine\Downloads\le bouquet Elvira.jpeg
2022-11-27 18:22 - 2022-12-13 11:28 - 000000000 ____D C:\Users\Sandrine\Documents\Prophéties
2022-11-27 09:38 - 2022-12-21 09:34 - 000003202 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Sandrine)
2022-11-27 09:38 - 2022-12-21 09:34 - 000003102 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2022-11-27 09:38 - 2022-12-21 09:34 - 000003094 _____ C:\Windows\system32\Tasks\Driver Booster Update
2022-11-27 09:37 - 2022-11-27 09:38 - 000002249 _____ C:\Users\Public\Desktop\Driver Booster 10.lnk
2022-11-27 09:37 - 2022-11-27 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 10
2022-11-24 16:55 - 2022-11-24 16:55 - 000148009 _____ C:\Users\Sandrine\Downloads\8R44363850070.pdf
2022-11-24 11:20 - 2022-11-24 11:20 - 000391648 _____ C:\Users\Sandrine\Downloads\marie-julie-jahenny.pdf
2022-11-24 09:50 - 2022-11-24 09:50 - 001158389 _____ C:\Users\Sandrine\Downloads\Anges-_-Qui-etes-vous.pdf
2022-11-23 09:08 - 2022-11-23 09:10 - 000000000 ____D C:\Users\Sandrine\Documents\Tarot de Marseille
2022-11-14 20:09 - 2022-11-14 20:09 - 000263487 _____ C:\Users\Sandrine\Downloads\bon de réduction le petit basque.pdf
2022-11-11 16:43 - 2022-11-11 16:43 - 000105503 _____ C:\Users\Sandrine\Downloads\1667479770.jpeg
2022-11-10 09:22 - 2022-12-31 10:49 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-10 09:22 - 2022-12-15 14:40 - 000003364 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-08 17:21 - 2022-11-08 17:21 - 000001161 _____ C:\Users\Sandrine\Documents\parfaits cookies de Christophe Bau.txt
2022-11-06 11:58 - 2022-11-06 11:58 - 000126140 _____ C:\Users\Sandrine\Downloads\affiche Natacha Marilyn Monroe.jpeg
2022-11-01 09:18 - 2022-12-28 20:44 - 000000000 ____D C:\Users\Sandrine\Documents\Oracle Gé
2022-10-31 17:35 - 2022-10-31 17:35 - 000112800 _____ C:\Users\Sandrine\Downloads\cadrans-radiesthesie-pour-tout-le-monde.pdf
2022-10-30 13:31 - 2022-10-30 13:31 - 000029543 _____ C:\Users\Sandrine\Downloads\vocabulaire_anglais brittany ferry.pdf
2022-10-30 10:02 - 2022-10-30 10:05 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-10-30 10:02 - 2022-10-30 10:05 - 000001062 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-10-25 20:57 - 2022-12-31 13:08 - 000005234 _____ C:\Windows\system32\Drivers\fvstore.dat
2022-10-25 20:57 - 2022-10-25 20:57 - 000000000 ___HD C:\VTRoot
2022-10-14 18:48 - 2022-10-14 20:05 - 000001200 _____ C:\Users\Sandrine\Documents\Muffins légers avec un yaourt.txt
2022-10-13 14:08 - 2022-10-13 14:08 - 000053032 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\kltap.sys
2022-10-05 17:09 - 2022-10-05 17:10 - 000256064 _____ C:\Users\Sandrine\Downloads\sels de schuessler.pdf
2022-10-05 11:25 - 2022-12-19 18:12 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Telegram Desktop
2022-10-05 11:25 - 2022-10-05 11:25 - 000001007 _____ C:\Users\Sandrine\Desktop\Telegram.lnk
2022-10-05 11:25 - 2022-10-05 11:25 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-10-05 11:22 - 2022-10-05 11:24 - 033965464 _____ (Telegram FZ-LLC ) C:\Users\Sandrine\Downloads\tsetup.4.2.4.exe
2022-10-05 08:55 - 2022-10-05 08:55 - 000499891 _____ C:\Users\Sandrine\Downloads\Le programme de formation 2023-2024 (5).pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-31 13:30 - 2022-01-11 12:01 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2022-12-31 13:19 - 2016-05-11 10:43 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\ZHP
2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-31 10:45 - 2022-09-15 10:08 - 000003446 _____ C:\Windows\system32\pubfreeware.ini
2022-12-31 10:30 - 2020-10-02 11:13 - 000000000 ____D C:\Program Files\CCleaner
2022-12-31 10:00 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-30 20:32 - 2015-10-11 17:48 - 000000000 ____D C:\Users\Sandrine\Documents\Astrologie
2022-12-28 20:46 - 2014-08-10 17:25 - 000000000 ____D C:\Users\Sandrine\Documents\Esotérisme
2022-12-23 11:37 - 2022-01-03 15:25 - 000004122 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639491446
2022-12-22 10:10 - 2019-10-14 17:03 - 000000000 ____D C:\ProgramData\ProductData
2022-12-21 09:03 - 2022-04-14 09:42 - 000000000 ____D C:\Program Files\CCleaner Browser
2022-12-20 15:58 - 2022-08-08 18:39 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-12-18 09:22 - 2014-08-10 16:38 - 000000000 ____D C:\Users\Sandrine\Documents\patisseries
2022-12-15 14:40 - 2021-12-15 10:24 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-13 17:38 - 2015-04-06 14:56 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\vlc
2022-12-13 14:43 - 2022-04-14 09:42 - 000003542 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-12-13 14:43 - 2022-04-14 09:42 - 000003414 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-12-13 11:28 - 2014-08-10 17:01 - 000000000 ____D C:\Users\Sandrine\Documents\cuisine
2022-12-08 10:29 - 2009-07-14 05:53 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Fichiers à la racine de certains dossiers ========
2014-02-11 15:31 - 2014-02-11 15:31 - 000000043 _____ () C:\Users\Sandrine\AppData\Roaming\WB.CFG
2016-05-11 11:05 - 2016-05-15 19:15 - 000007601 _____ () C:\Users\Sandrine\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2013-12-17 03:15 - 2013-12-17 03:15 - 000019008 _____ (Un4seen Developments) C:\Windows\system32\basscd.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000025152 _____ (Un4seen Developments) C:\Windows\system32\bassflac.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000054328 _____ (Un4seen Developments) C:\Windows\system32\bassopus.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000025664 _____ (Un4seen Developments) C:\Windows\system32\basswv.dll
1998-07-12 22:00 - 1998-07-12 22:00 - 000028672 _____ (Microsoft Corporation ) C:\Windows\system32\Cmct3FR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\CmDlgFR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\DBLstFR.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000024576 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbmiapi.dll
2010-07-23 08:55 - 2010-07-23 08:55 - 000025600 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboid.dll
2010-07-23 08:55 - 2010-07-23 08:55 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboidps.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000041472 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbpro.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbprops.dll
2010-01-19 14:10 - 2010-01-19 14:10 - 000063488 _____ (Hewlett-Packard) C:\Windows\system32\HPBWSDR.DLL
2009-11-27 11:16 - 2009-11-27 11:16 - 000180224 _____ (hp) C:\Windows\system32\hplbddrv.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000050688 _____ (Hewlett-Packard) C:\Windows\system32\HPZidr12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000044032 _____ (Hewlett-Packard) C:\Windows\system32\HPZinw12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000053760 _____ (Hewlett-Packard) C:\Windows\system32\HPZipm12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000034816 _____ (Hewlett-Packard) C:\Windows\system32\HPZipr12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000029696 _____ (Hewlett-Packard) C:\Windows\system32\hpzipt12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000020480 _____ (Hewlett-Packard) C:\Windows\system32\hpzisn12.dll
2009-09-23 19:27 - 2009-09-23 19:27 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1930.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\InetFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\JETCOMP.exe
1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\MFC42FRA.DLL
2022-01-11 16:09 - 2022-01-11 16:09 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\MSCc2FR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCmCFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msexch35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000252688 _____ (Microsoft Corporation) C:\Windows\system32\msexcl35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 001050896 _____ (Microsoft Corporation) C:\Windows\system32\msjet35.dll
2000-04-26 12:35 - 2000-04-26 12:35 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\msjint35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 001238288 _____ (Microsoft Corporation) C:\Windows\system32\msjt4jlt.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000024848 _____ (Microsoft Corporation) C:\Windows\system32\msjter35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000168720 _____ (Microsoft Corporation) C:\Windows\system32\msltus35.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\MSMskFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000250128 _____ (Microsoft Corporation) C:\Windows\system32\mspdox35.dll
1999-04-06 17:06 - 1999-04-06 17:06 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MSPRPFR.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x35.dll
2000-05-11 13:06 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\MSRDO20.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000415504 _____ (Microsoft Corporation) C:\Windows\system32\msrepl35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000044304 _____ (Microsoft Corporation) C:\Windows\system32\msrpfs35.dll
2000-04-03 19:05 - 2000-04-03 19:05 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\MSSTKPRP.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000166672 _____ (Microsoft Corporation) C:\Windows\system32\mstext35.dll
2009-05-21 19:21 - 2009-05-21 19:21 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\msxbse35.dll
2009-05-14 06:22 - 2009-05-14 06:22 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\RchTxFR.dll
2000-04-03 17:52 - 2000-04-03 17:52 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\RDOCURS.DLL
1998-03-25 05:54 - 1998-03-25 05:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\SCP32.DLL
1998-06-17 23:00 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\Windows\system32\VB5DB.DLL
2000-10-01 22:00 - 2000-10-01 22:00 - 000119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
1999-11-25 02:40 - 1999-11-25 02:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\VBAME.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000368912 _____ (Microsoft Corporation) C:\Windows\system32\VBAR332.DLL
2022-01-06 13:40 - 2022-01-06 13:41 - 000836478 _____ (Philippe GEORGES ) C:\Users\Sandrine\Downloads\assetup.exe
2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe
2022-03-18 12:38 - 2022-04-14 09:47 - 026411008 _____ C:\Users\Sandrine\Downloads\iobit-driver-booster_9-2-0-178_fr_430351.exe
2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30}
device ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\boot.sdi
LastRegBack: 2022-12-23 09:39
==================== Fin de FRST.txt ========================
Exécuté par Sandrine (administrateur) sur SANDRINE-PC (HP-Pavilion RY922AA-ABF s3040.fr) (31-12-2022 13:26:48)
Exécuté depuis C:\Users\Sandrine\Downloads
Profils chargés: Sandrine
Plate-forme: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe
(explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe <2>
(explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\vkise.exe
(explorer.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe <17>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(IObit CO., LTD -> IObit) C:\Program Files\IObit\Driver Booster\10.1.0\Pub\PubPlatform.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\isesrv.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(taskeng.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [18296096 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleanerBrowserAutoLaunch_FEADC1B1F85D0A69178DA670B9DF0B89] => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppwn7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [28552 2007-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 3630 series): C:\Windows\system32\HPDiscoPME311.dll [658848 2019-03-19] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [314880 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\Windows\system32\hpzllwn7.dll [37888 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\Windows\system32\mdimon.dll [28040 2007-04-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\108.0.19666.127\Installer\chrmstp.exe [2022-12-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-09] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0CB678F8-29B2-445E-972E-65F37C5706BC} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {1556A33E-407B-48DB-8932-70981258A508} - System32\Tasks\CCleanerSkipUAC - Sandrine => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {16D29A24-EC04-47B9-83C4-A6F9DE69FE2F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {3C241A63-F1EA-4818-9435-550BC61567E8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {5777B1AA-EEAF-49B9-B509-508A4AA57743} - System32\Tasks\Driver Booster SkipUAC (Sandrine) => C:\Program Files\IObit\Driver Booster\10.1.0\DriverBooster.exe [9001448 2022-11-21] (IObit CO., LTD -> IObit)
Task: {5C108BB4-457F-4D1B-9CBD-D90FF63575BB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4208464 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d7e717e0-bb9a-414a-b4a3-63aa3eee3f98" --version "6.07.10191" --silent
Task: {61566206-45C7-4FC1-B8D8-D471261B94F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {6787C61E-8BBD-4461-B84B-ABA4951DFBBF} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {7A69102D-AE00-4571-B356-BBE22F08CAAA} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {8A866512-6751-47DB-9175-9C4E18455E2F} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\10.1.0\AutoUpdate.exe [2516968 2022-11-14] (IObit CO., LTD -> IObit)
Task: {90DE3AA2-DDEE-4A8B-AB2E-29580CCB6095} - System32\Tasks\Opera scheduled Autoupdate 1639491446 => C:\Users\Sandrine\AppData\Local\Programs\Opera\launcher.exe [1962440 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {9987E2FF-17BA-45B5-BBF8-FF381507AF7C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {BB9C6134-6787-49A0-9A7F-24504DA5BC3D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C07B7777-C063-443A-A96E-956573147FDD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C0D77605-8D9E-4514-9EA8-C938A0D78290} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {D038C985-822A-405F-9D66-521F669E2F84} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D0846659-9DCF-414B-97A3-1D01CF5C471C} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [4422560 2019-03-19] (HP Inc -> HP Inc.)
Task: {D2A518B5-8E02-4131-B3EB-5B1D577A2E4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {FF6928AD-33B7-473A-9D89-B77BCD0DF990} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\10.1.0\Scheduler.exe [157784 2022-10-26] (IObit CO., LTD -> IObit)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1B244CEC-815C-4657-A33A-344BF13E8489}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{4F7D1A70-A489-460A-B67A-B00BB27BB1D7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Sandrine\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-19]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default [2022-12-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-18]
Opera:
=======
OPR Profile: C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable [2022-12-31]
OPR Notifications: Opera Stable -> hxxps://fr.mail.yahoo.com; hxxps://www.aufeminin.com; hxxps://www.femmeactuelle.fr; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-21]
OPR Extension: (Opera Wallet) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-14]
OPR Extension: (Old Layout for Facebook) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\klgiknehmpglcgkibdodkmjbliggfkch [2022-08-08]
OPR Extension: (Google Traduction) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2022-12-21]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\108.0.19666.127\elevation_service.exe [1473184 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [9017152 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2001512 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S3 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé]
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 KSDE5.8; C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [229432 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [99240 2019-10-14] (Alcorlink Corp. -> )
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [25432 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [668488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40440 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [53032 2022-10-13] (AnchorFree Inc -> The OpenVPN Project)
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] (Logitech Inc -> )
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [573440 2009-08-22] (Realtek Semiconductor Corporation) [Fichier non signé]
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-31 13:26 - 2022-12-31 13:29 - 000018089 _____ C:\Users\Sandrine\Downloads\FRST.txt
2022-12-31 13:25 - 2022-12-31 13:27 - 000000000 ____D C:\FRST
2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe
2022-12-31 13:19 - 2022-12-31 13:19 - 000245122 _____ C:\Users\Sandrine\Desktop\ZHPDiag.txt
2022-12-31 12:54 - 2022-12-31 12:54 - 000000000 ____D C:\Users\Sandrine\AppData\Local\ZHP
2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe
2022-12-23 09:04 - 2022-12-23 09:05 - 000125731 _____ C:\Users\Sandrine\Downloads\claude binet.jpeg
2022-12-21 10:40 - 2022-12-21 10:41 - 007930294 _____ C:\Users\Sandrine\Downloads\cheveux-11-12-2022-01-2023.pdf
2022-12-20 18:55 - 2022-12-20 18:55 - 000055633 _____ C:\Users\Sandrine\Downloads\ob_fe8537_nativite.jpeg
2022-12-20 18:44 - 2022-12-20 18:44 - 000102443 _____ C:\Users\Sandrine\Downloads\end-neuvaine-de-noel-1.pdf
2022-12-13 18:42 - 2022-12-13 18:42 - 000185671 _____ C:\Users\Sandrine\Downloads\transits planétaires 2 roland legrand.jpeg
2022-12-13 18:41 - 2022-12-13 18:42 - 000177282 _____ C:\Users\Sandrine\Downloads\transits planétaires roland legrand.jpeg
2022-12-12 16:31 - 2022-12-12 16:31 - 000042653 _____ C:\Users\Sandrine\Downloads\invoice-58699-63974945540ea.pdf
2022-12-11 18:13 - 2022-12-11 18:14 - 001368253 _____ C:\Users\Sandrine\Downloads\medecine-integree.com-Inscrivez vous à notre newsletter .pdf
2022-12-09 17:47 - 2022-12-09 17:47 - 000000923 _____ C:\Users\Sandrine\Documents\sablés des chats bredels.txt
2022-12-02 08:53 - 2022-12-02 08:53 - 000048173 _____ C:\Users\Sandrine\Downloads\Vinted-FR-S612956646.pdf
2022-12-02 08:48 - 2022-12-02 08:50 - 000048173 _____ C:\Users\Sandrine\Downloads\Bordereau-Vinted-4771299968.pdf
2022-12-01 16:11 - 2022-12-01 16:11 - 000100434 _____ C:\Users\Sandrine\Downloads\l'ancre et carte 34 alexandre.jpeg
2022-12-01 16:10 - 2022-12-01 16:10 - 000111721 _____ C:\Users\Sandrine\Downloads\le coeur et l'anneau alexandre.jpeg
2022-12-01 16:09 - 2022-12-01 16:09 - 000114087 _____ C:\Users\Sandrine\Downloads\la faux et la verge Elvira.jpeg
2022-12-01 16:08 - 2022-12-01 16:08 - 000099671 _____ C:\Users\Sandrine\Downloads\le bouquet Elvira.jpeg
2022-11-27 18:22 - 2022-12-13 11:28 - 000000000 ____D C:\Users\Sandrine\Documents\Prophéties
2022-11-27 09:38 - 2022-12-21 09:34 - 000003202 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Sandrine)
2022-11-27 09:38 - 2022-12-21 09:34 - 000003102 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2022-11-27 09:38 - 2022-12-21 09:34 - 000003094 _____ C:\Windows\system32\Tasks\Driver Booster Update
2022-11-27 09:37 - 2022-11-27 09:38 - 000002249 _____ C:\Users\Public\Desktop\Driver Booster 10.lnk
2022-11-27 09:37 - 2022-11-27 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 10
2022-11-24 16:55 - 2022-11-24 16:55 - 000148009 _____ C:\Users\Sandrine\Downloads\8R44363850070.pdf
2022-11-24 11:20 - 2022-11-24 11:20 - 000391648 _____ C:\Users\Sandrine\Downloads\marie-julie-jahenny.pdf
2022-11-24 09:50 - 2022-11-24 09:50 - 001158389 _____ C:\Users\Sandrine\Downloads\Anges-_-Qui-etes-vous.pdf
2022-11-23 09:08 - 2022-11-23 09:10 - 000000000 ____D C:\Users\Sandrine\Documents\Tarot de Marseille
2022-11-14 20:09 - 2022-11-14 20:09 - 000263487 _____ C:\Users\Sandrine\Downloads\bon de réduction le petit basque.pdf
2022-11-11 16:43 - 2022-11-11 16:43 - 000105503 _____ C:\Users\Sandrine\Downloads\1667479770.jpeg
2022-11-10 09:22 - 2022-12-31 10:49 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-10 09:22 - 2022-12-15 14:40 - 000003364 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-08 17:21 - 2022-11-08 17:21 - 000001161 _____ C:\Users\Sandrine\Documents\parfaits cookies de Christophe Bau.txt
2022-11-06 11:58 - 2022-11-06 11:58 - 000126140 _____ C:\Users\Sandrine\Downloads\affiche Natacha Marilyn Monroe.jpeg
2022-11-01 09:18 - 2022-12-28 20:44 - 000000000 ____D C:\Users\Sandrine\Documents\Oracle Gé
2022-10-31 17:35 - 2022-10-31 17:35 - 000112800 _____ C:\Users\Sandrine\Downloads\cadrans-radiesthesie-pour-tout-le-monde.pdf
2022-10-30 13:31 - 2022-10-30 13:31 - 000029543 _____ C:\Users\Sandrine\Downloads\vocabulaire_anglais brittany ferry.pdf
2022-10-30 10:02 - 2022-10-30 10:05 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-10-30 10:02 - 2022-10-30 10:05 - 000001062 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-10-25 20:57 - 2022-12-31 13:08 - 000005234 _____ C:\Windows\system32\Drivers\fvstore.dat
2022-10-25 20:57 - 2022-10-25 20:57 - 000000000 ___HD C:\VTRoot
2022-10-14 18:48 - 2022-10-14 20:05 - 000001200 _____ C:\Users\Sandrine\Documents\Muffins légers avec un yaourt.txt
2022-10-13 14:08 - 2022-10-13 14:08 - 000053032 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\kltap.sys
2022-10-05 17:09 - 2022-10-05 17:10 - 000256064 _____ C:\Users\Sandrine\Downloads\sels de schuessler.pdf
2022-10-05 11:25 - 2022-12-19 18:12 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Telegram Desktop
2022-10-05 11:25 - 2022-10-05 11:25 - 000001007 _____ C:\Users\Sandrine\Desktop\Telegram.lnk
2022-10-05 11:25 - 2022-10-05 11:25 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2022-10-05 11:22 - 2022-10-05 11:24 - 033965464 _____ (Telegram FZ-LLC ) C:\Users\Sandrine\Downloads\tsetup.4.2.4.exe
2022-10-05 08:55 - 2022-10-05 08:55 - 000499891 _____ C:\Users\Sandrine\Downloads\Le programme de formation 2023-2024 (5).pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-31 13:30 - 2022-01-11 12:01 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2022-12-31 13:19 - 2016-05-11 10:43 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\ZHP
2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-31 10:45 - 2022-09-15 10:08 - 000003446 _____ C:\Windows\system32\pubfreeware.ini
2022-12-31 10:30 - 2020-10-02 11:13 - 000000000 ____D C:\Program Files\CCleaner
2022-12-31 10:00 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-30 20:32 - 2015-10-11 17:48 - 000000000 ____D C:\Users\Sandrine\Documents\Astrologie
2022-12-28 20:46 - 2014-08-10 17:25 - 000000000 ____D C:\Users\Sandrine\Documents\Esotérisme
2022-12-23 11:37 - 2022-01-03 15:25 - 000004122 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639491446
2022-12-22 10:10 - 2019-10-14 17:03 - 000000000 ____D C:\ProgramData\ProductData
2022-12-21 09:03 - 2022-04-14 09:42 - 000000000 ____D C:\Program Files\CCleaner Browser
2022-12-20 15:58 - 2022-08-08 18:39 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2022-12-18 09:22 - 2014-08-10 16:38 - 000000000 ____D C:\Users\Sandrine\Documents\patisseries
2022-12-15 14:40 - 2021-12-15 10:24 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-13 17:38 - 2015-04-06 14:56 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\vlc
2022-12-13 14:43 - 2022-04-14 09:42 - 000003542 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-12-13 14:43 - 2022-04-14 09:42 - 000003414 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-12-13 11:28 - 2014-08-10 17:01 - 000000000 ____D C:\Users\Sandrine\Documents\cuisine
2022-12-08 10:29 - 2009-07-14 05:53 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Fichiers à la racine de certains dossiers ========
2014-02-11 15:31 - 2014-02-11 15:31 - 000000043 _____ () C:\Users\Sandrine\AppData\Roaming\WB.CFG
2016-05-11 11:05 - 2016-05-15 19:15 - 000007601 _____ () C:\Users\Sandrine\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2013-12-17 03:15 - 2013-12-17 03:15 - 000019008 _____ (Un4seen Developments) C:\Windows\system32\basscd.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000025152 _____ (Un4seen Developments) C:\Windows\system32\bassflac.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000054328 _____ (Un4seen Developments) C:\Windows\system32\bassopus.dll
2013-12-17 03:15 - 2013-12-17 03:15 - 000025664 _____ (Un4seen Developments) C:\Windows\system32\basswv.dll
1998-07-12 22:00 - 1998-07-12 22:00 - 000028672 _____ (Microsoft Corporation ) C:\Windows\system32\Cmct3FR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\CmDlgFR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\DBLstFR.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000024576 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbmiapi.dll
2010-07-23 08:55 - 2010-07-23 08:55 - 000025600 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboid.dll
2010-07-23 08:55 - 2010-07-23 08:55 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboidps.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000041472 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbpro.dll
2010-07-23 08:54 - 2010-07-23 08:54 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbprops.dll
2010-01-19 14:10 - 2010-01-19 14:10 - 000063488 _____ (Hewlett-Packard) C:\Windows\system32\HPBWSDR.DLL
2009-11-27 11:16 - 2009-11-27 11:16 - 000180224 _____ (hp) C:\Windows\system32\hplbddrv.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000050688 _____ (Hewlett-Packard) C:\Windows\system32\HPZidr12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000044032 _____ (Hewlett-Packard) C:\Windows\system32\HPZinw12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000053760 _____ (Hewlett-Packard) C:\Windows\system32\HPZipm12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000034816 _____ (Hewlett-Packard) C:\Windows\system32\HPZipr12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000029696 _____ (Hewlett-Packard) C:\Windows\system32\hpzipt12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000020480 _____ (Hewlett-Packard) C:\Windows\system32\hpzisn12.dll
2009-09-23 19:27 - 2009-09-23 19:27 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1930.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\InetFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\JETCOMP.exe
1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\MFC42FRA.DLL
2022-01-11 16:09 - 2022-01-11 16:09 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\MSCc2FR.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCmCFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msexch35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000252688 _____ (Microsoft Corporation) C:\Windows\system32\msexcl35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 001050896 _____ (Microsoft Corporation) C:\Windows\system32\msjet35.dll
2000-04-26 12:35 - 2000-04-26 12:35 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\msjint35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 001238288 _____ (Microsoft Corporation) C:\Windows\system32\msjt4jlt.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000024848 _____ (Microsoft Corporation) C:\Windows\system32\msjter35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000168720 _____ (Microsoft Corporation) C:\Windows\system32\msltus35.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\MSMskFR.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000250128 _____ (Microsoft Corporation) C:\Windows\system32\mspdox35.dll
1999-04-06 17:06 - 1999-04-06 17:06 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MSPRPFR.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x35.dll
2000-05-11 13:06 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\MSRDO20.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000415504 _____ (Microsoft Corporation) C:\Windows\system32\msrepl35.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000044304 _____ (Microsoft Corporation) C:\Windows\system32\msrpfs35.dll
2000-04-03 19:05 - 2000-04-03 19:05 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\MSSTKPRP.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000166672 _____ (Microsoft Corporation) C:\Windows\system32\mstext35.dll
2009-05-21 19:21 - 2009-05-21 19:21 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2000-04-26 12:34 - 2000-04-26 12:34 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\msxbse35.dll
2009-05-14 06:22 - 2009-05-14 06:22 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\RchTxFR.dll
2000-04-03 17:52 - 2000-04-03 17:52 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\RDOCURS.DLL
1998-03-25 05:54 - 1998-03-25 05:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\SCP32.DLL
1998-06-17 23:00 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\Windows\system32\VB5DB.DLL
2000-10-01 22:00 - 2000-10-01 22:00 - 000119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
1999-11-25 02:40 - 1999-11-25 02:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\VBAME.DLL
2000-04-26 12:34 - 2000-04-26 12:34 - 000368912 _____ (Microsoft Corporation) C:\Windows\system32\VBAR332.DLL
2022-01-06 13:40 - 2022-01-06 13:41 - 000836478 _____ (Philippe GEORGES ) C:\Users\Sandrine\Downloads\assetup.exe
2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe
2022-03-18 12:38 - 2022-04-14 09:47 - 026411008 _____ C:\Users\Sandrine\Downloads\iobit-driver-booster_9-2-0-178_fr_430351.exe
2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30}
device ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3a68da5e-486a-11e2-bcc0-e6cd2df7fb30}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\boot.sdi
LastRegBack: 2022-12-23 09:39
==================== Fin de FRST.txt ========================