Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Exécuté par user (administrateur) sur DESKTOP-BBIGLHA (Hewlett-Packard HP ProBook 4530s) (10-03-2023 13:31:20)
Exécuté depuis C:\Users\user\Desktop
Profils chargés: user
Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.2364 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCopyAccelerator.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe
(services.exe ->) (Pioneer DJ Corporation -> Pioneer DJ Corporation.) C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.50501.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [44288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.64\Installer\chrmstp.exe [2023-03-10] (Google LLC -> Google LLC)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk /m /P \Device\HarddiskVolume9autocheck autochk *
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03F4438F-2223-47D8-B7B6-27E6AC4BF7FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28B9D32C-8078-40A0-942F-083429A99F20} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3FA00554-0CE5-4B1D-82B5-53A5DBDA9479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5368FB94-BFAA-4C83-846D-5C6096170E5E} - System32\Tasks\ESTsoft RunAsStdUser 55367343Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.)
Task: {6F2A45F5-D6A1-464F-A368-66342BD09361} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90A5D270-8E67-4E10-9FB8-B68B30214921} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {90BB9212-CEF7-4FF7-AAB5-25B9BAB0720A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9375461E-C299-4A86-A213-53B570D4A75C} - System32\Tasks\GoogleUpdateTaskMachineUA{0D157ECA-A216-4F0A-A111-B6307373A63B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC)
Task: {B424FA88-7BB7-4594-8A2C-0D74AE5C0EDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9276752-E1FE-4F52-92EB-2069C1B71998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CEF21E0A-8D87-4D00-ABFB-4D0540B73A8F} - System32\Tasks\ESTsoft RunAsStdUser 14778000Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.)
Task: {D7DC7F85-E9DD-4299-A9B9-A369AD75A23F} - System32\Tasks\GoogleUpdateTaskMachineCore{6E927482-D7B3-44C3-AB85-177E799C4AC5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC)
Task: {EBB4E606-C7AF-4A8C-A5DE-BBAA2D55C9FD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c664a6cf-2796-443a-ba91-08ff0a44cfda" --version "6.09.10300" --silent
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{148f463d-9f0a-487d-9166-6403ad302327}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4aaae619-3444-477e-97cd-cb971bf86e91}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-10]
Edge Notifications: Default -> hxxps://www.porngo.com
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: iz4j2vb2.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\iz4j2vb2.default [2022-03-02]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release [2023-03-10]
FF Notifications: Mozilla\Firefox\Profiles\0xdh51cj.default-release -> hxxps://www.castorama.fr; hxxps://www.youtube.com; hxxps://novoma.com
FF Extension: (uBlock Origin) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-03-09]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-02-10]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-03-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-02-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-03]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DDJ-SX3_AutoSetup; C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe [114600 2018-04-10] (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 DDJ-SX3Audio; C:\Windows\system32\drivers\DDJ-SX3Audio64.sys [56328 2018-04-09] (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2022-12-23] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6f9350cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3F062634-2C7C-4906-AEE3-A5CE13CCDFCA}\MpKslDrv.sys [211208 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2621128 2015-07-15] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-10 13:31 - 2023-03-10 13:32 - 000016066 _____ C:\Users\user\Desktop\FRST.txt
2023-03-10 13:29 - 2023-03-10 13:31 - 000000000 ____D C:\FRST
2023-03-10 13:28 - 2023-03-10 13:28 - 002378752 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-03-10 13:09 - 2023-03-10 13:09 - 000248282 _____ C:\Users\user\Desktop\ZHPDiag.txt
2023-03-10 13:01 - 2023-03-10 13:01 - 000000864 _____ C:\Users\user\Desktop\ZHPSuite.lnk
2023-03-10 13:00 - 2023-03-10 13:00 - 003513544 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite.exe
2023-03-09 09:29 - 2023-03-09 09:29 - 000126634 _____ C:\Users\user\Downloads\MR-69371240.pdf
2023-03-07 22:38 - 2023-03-07 22:42 - 400040422 _____ C:\Users\user\Downloads\Gomorra.S01E03.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-07 21:28 - 2023-03-07 21:32 - 401887196 _____ C:\Users\user\Downloads\Gomorra.S01E02.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-07 20:59 - 2023-03-07 21:03 - 380777080 _____ C:\Users\user\Downloads\Gomorra.S01E01.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-06 23:44 - 2023-03-06 23:44 - 000000000 ____D C:\ProgramData\PLUG
2023-03-06 22:02 - 2023-03-06 22:11 - 861373167 _____ C:\Users\user\Downloads\Gomorra.S01E03.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-06 13:10 - 2023-03-06 13:30 - 1012106251 _____ C:\Users\user\Downloads\Gomorra.S01E02.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-06 13:07 - 2023-03-06 13:25 - 941838477 _____ C:\Users\user\Downloads\Gomorra.S01E01.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-05 11:31 - 2023-03-05 11:31 - 000172502 _____ C:\Users\user\Downloads\RELEVES_0076938210_20220104.pdf
2023-03-03 20:43 - 2023-03-03 21:12 - 2251300767 _____ C:\Users\user\Downloads\Le.Parrain.1.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-03 18:02 - 2023-03-03 18:17 - 1466708226 _____ C:\Users\user\Downloads\The.Godfather.Coda.The.Death.of.Michael.Corleone.1990.FRENCH.BDRip.XviD-Wawacity.vip.avi
2023-03-03 17:02 - 2023-03-03 17:22 - 2163672854 _____ C:\Users\user\Downloads\Le.Parrain.3.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-03 16:17 - 2023-03-03 16:45 - 2568410363 _____ C:\Users\user\Downloads\Le.Parrain.2.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-01 17:55 - 2023-03-01 20:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-27 23:59 - 2023-02-27 23:59 - 000170172 _____ C:\Users\user\Downloads\TROISIEME-PARTIE groupe-B.pdf
2023-02-27 23:57 - 2023-02-27 23:57 - 000160126 _____ C:\Users\user\Downloads\DEUXIEME-PARTIE groupe-O.pdf
2023-02-23 02:12 - 2023-02-23 02:12 - 000042631 _____ C:\Users\user\Downloads\bram 02 2023.pdf
2023-02-23 02:11 - 2023-02-23 02:11 - 000043137 _____ C:\Users\user\Downloads\ophtalmologue.pdf
2023-02-23 02:11 - 2023-02-23 02:11 - 000042573 _____ C:\Users\user\Downloads\kiné 2023.pdf
2023-02-23 02:10 - 2023-02-23 02:10 - 000042634 _____ C:\Users\user\Downloads\bram 01 2023.pdf
2023-02-22 22:34 - 2023-02-22 22:49 - 967656729 _____ C:\Users\user\Downloads\Allegiant.2016.TRUEFRENCH.BDRip.x264-Wawacity.top.mkv
2023-02-22 22:32 - 2023-02-22 22:45 - 735407456 _____ C:\Users\user\Downloads\l_ours__xvid-Wawacity.ec.avi
2023-02-22 21:21 - 2023-02-22 21:28 - 727889950 _____ C:\Users\user\Downloads\Gomorra.FRENCH.DVDRip.XviD-Wawacity.ec.avi
2023-02-22 14:36 - 2023-02-22 14:36 - 000000000 ____D C:\Users\user\Documents\HARMONIE MUTUELLE
2023-02-09 22:15 - 2023-02-09 22:15 - 000337789 _____ C:\Users\user\Downloads\Votre relevé de compte - 01_2023.pdf
2023-02-09 22:07 - 2023-02-09 22:07 - 000054997 _____ C:\Users\user\Downloads\621231385174-1.pdf
2023-02-09 21:59 - 2023-02-09 21:59 - 000054997 _____ C:\Users\user\Downloads\621231385174.pdf
2023-01-18 12:59 - 2023-01-18 12:59 - 000449423 _____ C:\Users\user\Downloads\BulletionAdhesionSigne.pdf
2023-01-18 01:40 - 2023-01-18 01:40 - 000126013 _____ C:\Users\user\Downloads\MR-68268471.pdf
2023-01-17 01:11 - 2023-03-04 00:23 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-12 23:38 - 2023-01-12 23:38 - 000025408 _____ C:\Users\user\Downloads\Expedition-68133659.pdf
2023-01-12 23:38 - 2023-01-12 23:38 - 000022766 _____ C:\Users\user\Downloads\Expedition-68133660.pdf
2022-12-30 15:38 - 2022-12-30 15:38 - 000097640 _____ C:\Users\user\Downloads\nouveau système d'accès. pdf
2022-12-30 09:41 - 2022-12-30 09:41 - 000000072 _____ C:\Windows\system32\AdsInfoCls
2022-12-26 02:42 - 2022-12-26 02:42 - 006110640 _____ C:\Users\user\Downloads\Dessin animé - Les mondes engloutis (choeurs) [BDFab karaoke].mp4
2022-12-23 22:03 - 2022-12-24 11:41 - 000000000 ____D C:\Users\user\.Ld9VirtualBox
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ C:\Users\user\AppData\Roaming\changzhi_mplayer.data
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ C:\Users\user\AppData\Roaming\changzhi_leidian.data
2022-12-23 22:02 - 2022-12-23 22:02 - 000000000 ____D C:\Users\user\Documents\XuanZhi9
2022-12-23 22:02 - 2022-12-23 22:02 - 000000000 ____D C:\Program Files\ldplayer9box
2022-12-23 22:00 - 2022-12-23 22:03 - 000000000 ____D C:\Users\user\AppData\Roaming\XuanZhi9
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\Users\user\AppData\Roaming\lddownloader
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\Users\user\AppData\Roaming\ChangZhi2
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\LDPlayer
2022-12-14 08:37 - 2022-12-14 08:37 - 000000000 ___HD C:\$WinREAgent
2022-12-11 10:27 - 2022-12-11 13:38 - 000000000 ____D C:\Users\user\Documents\new MP3
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-10 13:25 - 2022-02-03 15:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-10 13:23 - 2022-02-03 16:25 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-10 13:22 - 2022-02-03 16:26 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-10 13:22 - 2022-02-03 16:26 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-10 13:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-10 13:09 - 2022-06-26 11:40 - 000000000 ____D C:\Users\user\AppData\Roaming\ZHP
2023-03-10 13:01 - 2022-08-07 09:01 - 000000000 ____D C:\Users\user\AppData\Local\ZHP
2023-03-10 12:59 - 2022-02-09 10:04 - 000000000 ____D C:\Users\user\Documents\divers
2023-03-10 12:33 - 2022-02-09 10:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-10 12:32 - 2022-02-06 13:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-03-10 12:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-10 12:26 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-10 12:25 - 2022-02-03 15:23 - 001771490 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-10 12:25 - 2019-12-07 15:50 - 000793152 _____ C:\Windows\system32\perfh00C.dat
2023-03-10 12:25 - 2019-12-07 15:50 - 000150282 _____ C:\Windows\system32\perfc00C.dat
2023-03-10 12:25 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-10 12:22 - 2022-02-09 11:23 - 000000000 ____D C:\Program Files\CCleaner
2023-03-10 12:22 - 2022-02-03 15:23 - 000000000 ___RD C:\Users\user\OneDrive
2023-03-10 12:20 - 2022-02-03 15:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-10 12:20 - 2022-02-03 15:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-10 00:49 - 2022-02-04 23:52 - 000000000 ____D C:\Users\user\AppData\Local\ClassicShell
2023-03-10 00:49 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-08 21:33 - 2022-07-15 14:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-03-08 20:46 - 2022-02-03 16:13 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1107094190-2299827454-724418502-1001
2023-03-08 20:46 - 2022-02-03 15:23 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1107094190-2299827454-724418502-1001
2023-03-08 20:46 - 2022-02-03 15:19 - 000002414 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-07 23:23 - 2022-02-03 15:16 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-07 23:23 - 2022-02-03 15:16 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-07 10:39 - 2022-02-03 15:16 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-06 23:42 - 2022-11-16 23:31 - 000000000 ____D C:\Program Files\RUXIM
2023-03-06 22:24 - 2022-02-05 21:07 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2023-03-04 13:37 - 2022-02-09 11:23 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-04 00:23 - 2022-02-03 15:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-03 22:17 - 2022-04-26 19:50 - 000000000 ____D C:\Users\user\Documents\music repas douceur
2023-03-03 20:41 - 2022-03-27 20:00 - 000000000 ____D C:\Users\user\AppData\Roaming\audacity
2023-03-03 20:41 - 2022-02-09 10:43 - 000000000 ____D C:\Users\user\Documents\Audacity
2023-03-01 20:47 - 2022-02-06 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-01 20:33 - 2022-02-06 13:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-01 20:33 - 2022-02-06 13:13 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-01 04:51 - 2022-02-09 10:43 - 000000000 ____D C:\Users\user\Documents\ACTUELLEMENT
2023-02-22 12:09 - 2022-02-09 10:36 - 000000000 ____D C:\Users\user\Documents\recettes
2023-02-22 11:49 - 2022-02-09 10:37 - 000000000 ____D C:\Users\user\Documents\sorties, balades, restaurants
2023-02-15 15:27 - 2022-09-20 21:03 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-15 12:51 - 2022-02-03 15:28 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-15 12:51 - 2022-02-03 15:28 - 000000000 ____D C:\Windows\system32\MRT
2023-02-15 12:06 - 2022-09-20 21:03 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-13 21:18 - 2022-02-09 10:36 - 000000000 ____D C:\Users\user\Documents\MUSIC DOUCEUR
==================== Fichiers à la racine de certains dossiers ========
2022-06-27 21:20 - 2022-06-27 21:20 - 003487984 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_leidian.data
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_mplayer.data
==================== SigCheckExt =========================
2015-12-16 20:07 - 2015-12-16 20:07 - 000083952 _____ C:\Windows\system32\atig6pxx.dll
2022-03-23 21:42 - 2018-04-10 12:11 - 000236032 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_ASIO64.dll
2022-03-23 21:42 - 2018-04-10 12:24 - 000246272 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_Setup64.dll
2016-05-03 09:17 - 2016-05-03 09:17 - 000184832 _____ (Pioneer DJ Corporation.) C:\Windows\system32\Pioneer_DDJ_SX_ASIO.dll
2015-08-09 09:32 - 2015-08-09 09:32 - 000289216 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 039720944 _____ C:\Windows\SysWOW64\amdocl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 001004032 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 000807424 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 000150512 _____ C:\Windows\SysWOW64\atigktxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 000078320 _____ C:\Windows\SysWOW64\atiglpxx.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 000112360 _____ C:\Windows\SysWOW64\atiu9pag.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 000143056 _____ C:\Windows\SysWOW64\atiuxpag.dll
2022-03-23 21:42 - 2018-04-10 12:05 - 000214016 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_ASIO.dll
2022-03-23 21:42 - 2018-04-10 12:24 - 000210944 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_Setup.dll
2016-04-29 04:20 - 2016-04-29 04:20 - 000130560 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\Pioneer_DDJ_SX_ASIO.dll
2015-08-09 09:32 - 2015-08-09 09:32 - 000247744 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2022-06-27 21:20 - 2022-06-27 21:20 - 003487984 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe
2023-03-10 13:28 - 2023-03-10 13:28 - 002378752 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-03-10 13:00 - 2023-03-10 13:00 - 003513544 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=D:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=D:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par user (administrateur) sur DESKTOP-BBIGLHA (Hewlett-Packard HP ProBook 4530s) (10-03-2023 13:31:20)
Exécuté depuis C:\Users\user\Desktop
Profils chargés: user
Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.2364 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCopyAccelerator.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe
(services.exe ->) (Pioneer DJ Corporation -> Pioneer DJ Corporation.) C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.50501.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [44288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.64\Installer\chrmstp.exe [2023-03-10] (Google LLC -> Google LLC)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume12autocheck autochk /m /P \Device\HarddiskVolume9autocheck autochk *
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03F4438F-2223-47D8-B7B6-27E6AC4BF7FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {28B9D32C-8078-40A0-942F-083429A99F20} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3FA00554-0CE5-4B1D-82B5-53A5DBDA9479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5368FB94-BFAA-4C83-846D-5C6096170E5E} - System32\Tasks\ESTsoft RunAsStdUser 55367343Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.)
Task: {6F2A45F5-D6A1-464F-A368-66342BD09361} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90A5D270-8E67-4E10-9FB8-B68B30214921} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {90BB9212-CEF7-4FF7-AAB5-25B9BAB0720A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9375461E-C299-4A86-A213-53B570D4A75C} - System32\Tasks\GoogleUpdateTaskMachineUA{0D157ECA-A216-4F0A-A111-B6307373A63B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC)
Task: {B424FA88-7BB7-4594-8A2C-0D74AE5C0EDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9276752-E1FE-4F52-92EB-2069C1B71998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CEF21E0A-8D87-4D00-ABFB-4D0540B73A8F} - System32\Tasks\ESTsoft RunAsStdUser 14778000Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.)
Task: {D7DC7F85-E9DD-4299-A9B9-A369AD75A23F} - System32\Tasks\GoogleUpdateTaskMachineCore{6E927482-D7B3-44C3-AB85-177E799C4AC5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC)
Task: {EBB4E606-C7AF-4A8C-A5DE-BBAA2D55C9FD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c664a6cf-2796-443a-ba91-08ff0a44cfda" --version "6.09.10300" --silent
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{148f463d-9f0a-487d-9166-6403ad302327}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4aaae619-3444-477e-97cd-cb971bf86e91}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-10]
Edge Notifications: Default -> hxxps://www.porngo.com
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: iz4j2vb2.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\iz4j2vb2.default [2022-03-02]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release [2023-03-10]
FF Notifications: Mozilla\Firefox\Profiles\0xdh51cj.default-release -> hxxps://www.castorama.fr; hxxps://www.youtube.com; hxxps://novoma.com
FF Extension: (uBlock Origin) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-03-09]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-02-10]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-03-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-02-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-03]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DDJ-SX3_AutoSetup; C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe [114600 2018-04-10] (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 DDJ-SX3Audio; C:\Windows\system32\drivers\DDJ-SX3Audio64.sys [56328 2018-04-09] (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2022-12-23] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6f9350cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3F062634-2C7C-4906-AEE3-A5CE13CCDFCA}\MpKslDrv.sys [211208 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2621128 2015-07-15] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-10 13:31 - 2023-03-10 13:32 - 000016066 _____ C:\Users\user\Desktop\FRST.txt
2023-03-10 13:29 - 2023-03-10 13:31 - 000000000 ____D C:\FRST
2023-03-10 13:28 - 2023-03-10 13:28 - 002378752 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-03-10 13:09 - 2023-03-10 13:09 - 000248282 _____ C:\Users\user\Desktop\ZHPDiag.txt
2023-03-10 13:01 - 2023-03-10 13:01 - 000000864 _____ C:\Users\user\Desktop\ZHPSuite.lnk
2023-03-10 13:00 - 2023-03-10 13:00 - 003513544 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite.exe
2023-03-09 09:29 - 2023-03-09 09:29 - 000126634 _____ C:\Users\user\Downloads\MR-69371240.pdf
2023-03-07 22:38 - 2023-03-07 22:42 - 400040422 _____ C:\Users\user\Downloads\Gomorra.S01E03.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-07 21:28 - 2023-03-07 21:32 - 401887196 _____ C:\Users\user\Downloads\Gomorra.S01E02.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-07 20:59 - 2023-03-07 21:03 - 380777080 _____ C:\Users\user\Downloads\Gomorra.S01E01.FRENCH.HDTV.x264-Wawacity.work.mp4
2023-03-06 23:44 - 2023-03-06 23:44 - 000000000 ____D C:\ProgramData\PLUG
2023-03-06 22:02 - 2023-03-06 22:11 - 861373167 _____ C:\Users\user\Downloads\Gomorra.S01E03.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-06 13:10 - 2023-03-06 13:30 - 1012106251 _____ C:\Users\user\Downloads\Gomorra.S01E02.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-06 13:07 - 2023-03-06 13:25 - 941838477 _____ C:\Users\user\Downloads\Gomorra.S01E01.FRENCH.1080p.BluRay.x265-Wawacity.work.mkv
2023-03-05 11:31 - 2023-03-05 11:31 - 000172502 _____ C:\Users\user\Downloads\RELEVES_0076938210_20220104.pdf
2023-03-03 20:43 - 2023-03-03 21:12 - 2251300767 _____ C:\Users\user\Downloads\Le.Parrain.1.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-03 18:02 - 2023-03-03 18:17 - 1466708226 _____ C:\Users\user\Downloads\The.Godfather.Coda.The.Death.of.Michael.Corleone.1990.FRENCH.BDRip.XviD-Wawacity.vip.avi
2023-03-03 17:02 - 2023-03-03 17:22 - 2163672854 _____ C:\Users\user\Downloads\Le.Parrain.3.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-03 16:17 - 2023-03-03 16:45 - 2568410363 _____ C:\Users\user\Downloads\Le.Parrain.2.FRENCH.BDRIP.XVID.AC3.Wawacity.ec.avi
2023-03-01 17:55 - 2023-03-01 20:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-27 23:59 - 2023-02-27 23:59 - 000170172 _____ C:\Users\user\Downloads\TROISIEME-PARTIE groupe-B.pdf
2023-02-27 23:57 - 2023-02-27 23:57 - 000160126 _____ C:\Users\user\Downloads\DEUXIEME-PARTIE groupe-O.pdf
2023-02-23 02:12 - 2023-02-23 02:12 - 000042631 _____ C:\Users\user\Downloads\bram 02 2023.pdf
2023-02-23 02:11 - 2023-02-23 02:11 - 000043137 _____ C:\Users\user\Downloads\ophtalmologue.pdf
2023-02-23 02:11 - 2023-02-23 02:11 - 000042573 _____ C:\Users\user\Downloads\kiné 2023.pdf
2023-02-23 02:10 - 2023-02-23 02:10 - 000042634 _____ C:\Users\user\Downloads\bram 01 2023.pdf
2023-02-22 22:34 - 2023-02-22 22:49 - 967656729 _____ C:\Users\user\Downloads\Allegiant.2016.TRUEFRENCH.BDRip.x264-Wawacity.top.mkv
2023-02-22 22:32 - 2023-02-22 22:45 - 735407456 _____ C:\Users\user\Downloads\l_ours__xvid-Wawacity.ec.avi
2023-02-22 21:21 - 2023-02-22 21:28 - 727889950 _____ C:\Users\user\Downloads\Gomorra.FRENCH.DVDRip.XviD-Wawacity.ec.avi
2023-02-22 14:36 - 2023-02-22 14:36 - 000000000 ____D C:\Users\user\Documents\HARMONIE MUTUELLE
2023-02-09 22:15 - 2023-02-09 22:15 - 000337789 _____ C:\Users\user\Downloads\Votre relevé de compte - 01_2023.pdf
2023-02-09 22:07 - 2023-02-09 22:07 - 000054997 _____ C:\Users\user\Downloads\621231385174-1.pdf
2023-02-09 21:59 - 2023-02-09 21:59 - 000054997 _____ C:\Users\user\Downloads\621231385174.pdf
2023-01-18 12:59 - 2023-01-18 12:59 - 000449423 _____ C:\Users\user\Downloads\BulletionAdhesionSigne.pdf
2023-01-18 01:40 - 2023-01-18 01:40 - 000126013 _____ C:\Users\user\Downloads\MR-68268471.pdf
2023-01-17 01:11 - 2023-03-04 00:23 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-12 23:38 - 2023-01-12 23:38 - 000025408 _____ C:\Users\user\Downloads\Expedition-68133659.pdf
2023-01-12 23:38 - 2023-01-12 23:38 - 000022766 _____ C:\Users\user\Downloads\Expedition-68133660.pdf
2022-12-30 15:38 - 2022-12-30 15:38 - 000097640 _____ C:\Users\user\Downloads\nouveau système d'accès. pdf
2022-12-30 09:41 - 2022-12-30 09:41 - 000000072 _____ C:\Windows\system32\AdsInfoCls
2022-12-26 02:42 - 2022-12-26 02:42 - 006110640 _____ C:\Users\user\Downloads\Dessin animé - Les mondes engloutis (choeurs) [BDFab karaoke].mp4
2022-12-23 22:03 - 2022-12-24 11:41 - 000000000 ____D C:\Users\user\.Ld9VirtualBox
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ C:\Users\user\AppData\Roaming\changzhi_mplayer.data
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ C:\Users\user\AppData\Roaming\changzhi_leidian.data
2022-12-23 22:02 - 2022-12-23 22:02 - 000000000 ____D C:\Users\user\Documents\XuanZhi9
2022-12-23 22:02 - 2022-12-23 22:02 - 000000000 ____D C:\Program Files\ldplayer9box
2022-12-23 22:00 - 2022-12-23 22:03 - 000000000 ____D C:\Users\user\AppData\Roaming\XuanZhi9
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\Users\user\AppData\Roaming\lddownloader
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\Users\user\AppData\Roaming\ChangZhi2
2022-12-23 21:53 - 2022-12-23 21:53 - 000000000 ____D C:\LDPlayer
2022-12-14 08:37 - 2022-12-14 08:37 - 000000000 ___HD C:\$WinREAgent
2022-12-11 10:27 - 2022-12-11 13:38 - 000000000 ____D C:\Users\user\Documents\new MP3
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-10 13:25 - 2022-02-03 15:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-10 13:23 - 2022-02-03 16:25 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-10 13:22 - 2022-02-03 16:26 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-10 13:22 - 2022-02-03 16:26 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-10 13:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-10 13:09 - 2022-06-26 11:40 - 000000000 ____D C:\Users\user\AppData\Roaming\ZHP
2023-03-10 13:01 - 2022-08-07 09:01 - 000000000 ____D C:\Users\user\AppData\Local\ZHP
2023-03-10 12:59 - 2022-02-09 10:04 - 000000000 ____D C:\Users\user\Documents\divers
2023-03-10 12:33 - 2022-02-09 10:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-10 12:32 - 2022-02-06 13:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2023-03-10 12:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-10 12:26 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-10 12:25 - 2022-02-03 15:23 - 001771490 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-10 12:25 - 2019-12-07 15:50 - 000793152 _____ C:\Windows\system32\perfh00C.dat
2023-03-10 12:25 - 2019-12-07 15:50 - 000150282 _____ C:\Windows\system32\perfc00C.dat
2023-03-10 12:25 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-10 12:22 - 2022-02-09 11:23 - 000000000 ____D C:\Program Files\CCleaner
2023-03-10 12:22 - 2022-02-03 15:23 - 000000000 ___RD C:\Users\user\OneDrive
2023-03-10 12:20 - 2022-02-03 15:16 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-10 12:20 - 2022-02-03 15:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-10 00:49 - 2022-02-04 23:52 - 000000000 ____D C:\Users\user\AppData\Local\ClassicShell
2023-03-10 00:49 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-08 21:33 - 2022-07-15 14:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2023-03-08 20:46 - 2022-02-03 16:13 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1107094190-2299827454-724418502-1001
2023-03-08 20:46 - 2022-02-03 15:23 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1107094190-2299827454-724418502-1001
2023-03-08 20:46 - 2022-02-03 15:19 - 000002414 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-07 23:23 - 2022-02-03 15:16 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-07 23:23 - 2022-02-03 15:16 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-07 10:39 - 2022-02-03 15:16 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-06 23:42 - 2022-11-16 23:31 - 000000000 ____D C:\Program Files\RUXIM
2023-03-06 22:24 - 2022-02-05 21:07 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc
2023-03-04 13:37 - 2022-02-09 11:23 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-04 00:23 - 2022-02-03 15:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-03 22:17 - 2022-04-26 19:50 - 000000000 ____D C:\Users\user\Documents\music repas douceur
2023-03-03 20:41 - 2022-03-27 20:00 - 000000000 ____D C:\Users\user\AppData\Roaming\audacity
2023-03-03 20:41 - 2022-02-09 10:43 - 000000000 ____D C:\Users\user\Documents\Audacity
2023-03-01 20:47 - 2022-02-06 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-01 20:33 - 2022-02-06 13:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-01 20:33 - 2022-02-06 13:13 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-01 04:51 - 2022-02-09 10:43 - 000000000 ____D C:\Users\user\Documents\ACTUELLEMENT
2023-02-22 12:09 - 2022-02-09 10:36 - 000000000 ____D C:\Users\user\Documents\recettes
2023-02-22 11:49 - 2022-02-09 10:37 - 000000000 ____D C:\Users\user\Documents\sorties, balades, restaurants
2023-02-15 15:27 - 2022-09-20 21:03 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-15 12:51 - 2022-02-03 15:28 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-15 12:51 - 2022-02-03 15:28 - 000000000 ____D C:\Windows\system32\MRT
2023-02-15 12:06 - 2022-09-20 21:03 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-13 21:18 - 2022-02-09 10:36 - 000000000 ____D C:\Users\user\Documents\MUSIC DOUCEUR
==================== Fichiers à la racine de certains dossiers ========
2022-06-27 21:20 - 2022-06-27 21:20 - 003487984 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_leidian.data
2022-12-23 22:03 - 2022-12-23 22:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_mplayer.data
==================== SigCheckExt =========================
2015-12-16 20:07 - 2015-12-16 20:07 - 000083952 _____ C:\Windows\system32\atig6pxx.dll
2022-03-23 21:42 - 2018-04-10 12:11 - 000236032 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_ASIO64.dll
2022-03-23 21:42 - 2018-04-10 12:24 - 000246272 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_Setup64.dll
2016-05-03 09:17 - 2016-05-03 09:17 - 000184832 _____ (Pioneer DJ Corporation.) C:\Windows\system32\Pioneer_DDJ_SX_ASIO.dll
2015-08-09 09:32 - 2015-08-09 09:32 - 000289216 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 039720944 _____ C:\Windows\SysWOW64\amdocl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 001004032 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 000807424 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 000150512 _____ C:\Windows\SysWOW64\atigktxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 000078320 _____ C:\Windows\SysWOW64\atiglpxx.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 000112360 _____ C:\Windows\SysWOW64\atiu9pag.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 000143056 _____ C:\Windows\SysWOW64\atiuxpag.dll
2022-03-23 21:42 - 2018-04-10 12:05 - 000214016 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_ASIO.dll
2022-03-23 21:42 - 2018-04-10 12:24 - 000210944 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_Setup.dll
2016-04-29 04:20 - 2016-04-29 04:20 - 000130560 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\Pioneer_DDJ_SX_ASIO.dll
2015-08-09 09:32 - 2015-08-09 09:32 - 000247744 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2022-06-27 21:20 - 2022-06-27 21:20 - 003487984 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe
2023-03-10 13:28 - 2023-03-10 13:28 - 002378752 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2023-03-10 13:00 - 2023-03-10 13:00 - 003513544 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=D:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=D:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {c1edbf30-84fb-11ec-b3e2-b50606c8a84a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================