Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2023 01
Exécuté par Utilisateur (administrateur) sur UTILISATEUR-PC (Dell Inc. OptiPlex 780) (19-08-2023 14:30:43)
Exécuté depuis C:\Users\Utilisateur\Desktop\FRST64.exe
Profils chargés: Utilisateur
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe ->) (ANTECO SYSTEMS S.L. -> AnyTech365) C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.dns.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <24>
(explorer.exe ->) (Softdeluxe) [Fichier non signé] C:\Users\Utilisateur\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ANTECO SYSTEMS S.L. -> AnyTech365) C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012024 2021-06-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [Free Download Manager] => C:\Users\Utilisateur\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe [5691904 2022-11-11] (Softdeluxe) [Fichier non signé]
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\WINDOWS\system32\hpinkstsa011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.96\Installer\chrmstp.exe [2023-08-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\Installer\chrmstp.exe [2023-08-18] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\alpemix.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\AnyDesk.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Aweray_Remote_2.0.0.45399_Win32.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Aweray_Remote_2.0.0.45399_x64.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\AweSun.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\DONOTNEEDPROCESS.EXE: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\g2comm.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\GoTo Opener.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\GoToMyPC Installer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\gotomypc.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Iperius Remote PB.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Iperius Remote.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\IperiusRemote.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\irpb.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\LMI_Rescue.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\LMI_RescueRC.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Lmi_Rescue_srv.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\quickassist.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePC.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCDesktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCLauncher.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCPerformance.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCUIU.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePC_installer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rfusclient.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RPCDownloader.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RPCPerfViewer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rustdesk-1.1.9.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RustDesk.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rutserv.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRAgent.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRAppPB.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRFeature.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRManager.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRServer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRService.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\ssrangagent.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\ssrangserver.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SSUService.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\strwinclt.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\strwincmpt.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Support-LogMeInRescue.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Supremo.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SupremoHelper.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SupremoSystem.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewerQS.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Setup.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Setup_x64.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer Setup.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer_Desktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer_setup_6.5_en.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {009BADFE-E040-4FF2-8F2B-CA4B84F89C98} - pas de chemin du fichier. <==== ATTENTION
Task: {085278B5-6886-4D77-BD11-AB1B8D3695FF} - pas de chemin du fichier. <==== ATTENTION
Task: {1275B0C6-B948-45A8-B598-5685D6EA5BD0} - pas de chemin du fichier. <==== ATTENTION
Task: {17021426-5D06-4638-8329-83C0786A6A2A} - pas de chemin du fichier. <==== ATTENTION
Task: {172D11D5-6791-46FC-B81E-E840ADBE61C4} - pas de chemin du fichier. <==== ATTENTION
Task: {179313B7-70F8-4619-9242-C1B03BAEE2E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {1BB6C5FC-E0FC-43E7-932C-BA31140AD87E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {1F0ED7CF-BF58-43B6-8423-D06A4AA595A5} - pas de chemin du fichier. <==== ATTENTION
Task: {2400054C-B50C-42DB-9DE3-5564716E17EC} - pas de chemin du fichier. <==== ATTENTION
Task: {2505766A-3F1A-4652-833B-1CD9356B561F} - pas de chemin du fichier. <==== ATTENTION
Task: {27E0FCC8-299C-43CE-BE1A-48A058CABC63} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {29903646-8B95-441C-AE59-CC43C0C76FF5} - pas de chemin du fichier. <==== ATTENTION
Task: {2E285014-E865-4B0E-8254-689401A5926D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - pas de chemin du fichier. <==== ATTENTION
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - \Microsoft\Windows\Autochk\Proxy -> Pas de fichier <==== ATTENTION
Task: {39F55813-68FF-4B75-83F0-4AB8B89A7CD2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {3A92573F-61C5-4F73-AB0F-0A9B791545CB} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Pas de fichier <==== ATTENTION
Task: {3ED85B19-C71A-4CFC-BDFD-9ACA2A306507} - pas de chemin du fichier. <==== ATTENTION
Task: {473BE735-CA1A-4275-8E0E-614A91457EB5} - pas de chemin du fichier. <==== ATTENTION
Task: {493D513A-9112-42A9-9865-DD53683E3829} - pas de chemin du fichier. <==== ATTENTION
Task: {51EEDBF0-84EC-4860-AC32-E7754FCD135A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {5317DEF5-F04A-4E60-A388-2131AE586802} - pas de chemin du fichier. <==== ATTENTION
Task: {5605B450-5BD5-4434-8D13-64E3DBD6295A} - pas de chemin du fichier. <==== ATTENTION
Task: {62B75C23-0936-4E63-B017-0A10DAF63627} - pas de chemin du fichier. <==== ATTENTION
Task: {6317C7DF-831E-45D8-AACC-65F81D6C7A1E} - pas de chemin du fichier. <==== ATTENTION
Task: {64204593-9167-4035-BAA1-4F85F5A3B26B} - pas de chemin du fichier. <==== ATTENTION
Task: {663E9E36-0D8A-42FC-B29D-92ABDF2F2331} - pas de chemin du fichier. <==== ATTENTION
Task: {6C9207B1-42CB-4182-9D1D-A9555944B5C9} - pas de chemin du fichier. <==== ATTENTION
Task: {6F1F91A1-9F8F-490D-BE34-A09B20DAE2B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {73785B3D-115F-4088-BBE9-F6A590AB89B8} - pas de chemin du fichier. <==== ATTENTION
Task: {77D3DFE7-86E5-40A3-913C-D7E8C2CADC7D} - pas de chemin du fichier. <==== ATTENTION
Task: {786462D0-0915-46BC-8314-22451F242D43} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> Pas de fichier <==== ATTENTION
Task: {78E96733-DDEF-4FB9-AD45-FC553EFC4CFD} - pas de chemin du fichier. <==== ATTENTION
Task: {7E301D48-9E2B-4943-8A45-3E47F4C2CA51} - pas de chemin du fichier. <==== ATTENTION
Task: {7E68C89A-72C2-4E01-8CC3-569CA87F77E2} - pas de chemin du fichier. <==== ATTENTION
Task: {7F0DEA87-6141-4E17-9F83-17C930B74113} - pas de chemin du fichier. <==== ATTENTION
Task: {804EF56D-CD34-4DAB-9DD9-70AFB26F115B} - pas de chemin du fichier. <==== ATTENTION
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - pas de chemin du fichier. <==== ATTENTION
Task: {8D2633BB-C5E8-43DF-8D21-22E828F2E6F7} - pas de chemin du fichier. <==== ATTENTION
Task: {907B8E98-BFCC-4464-AB8E-7F91AFDE4736} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> Pas de fichier <==== ATTENTION
Task: {B0BEC3AE-ADB1-433C-A992-FF43437A9D16} - pas de chemin du fichier. <==== ATTENTION
Task: {B1B9D751-4D43-4AE1-825C-2980107466B2} - pas de chemin du fichier. <==== ATTENTION
Task: {B33C9594-F4B8-4541-90A4-D713E303FE3B} - pas de chemin du fichier. <==== ATTENTION
Task: {BA07B5D9-A28B-4696-8DDC-5FA56E90D159} - pas de chemin du fichier. <==== ATTENTION
Task: {C68D5F78-E222-45F8-8A47-3B059E940412} - pas de chemin du fichier. <==== ATTENTION
Task: {CA400950-C969-4156-A90B-3E75FD03A210} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {CE6C4396-92AA-4F67-AF29-90E15C235DA9} - pas de chemin du fichier. <==== ATTENTION
Task: {D4FCC2AE-96BA-45BF-9BC1-28399E2ABA37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {D7A43D61-50EF-4852-B0E8-02CD33629761} - pas de chemin du fichier. <==== ATTENTION
Task: {DEFE42B5-A5F1-45E3-BF69-1D5F7F05DC68} - pas de chemin du fichier. <==== ATTENTION
Task: {E1426B75-011E-4D85-91B5-9316AF904D6A} - pas de chemin du fichier. <==== ATTENTION
Task: {EA6BDB8E-98BD-4824-95DC-561D01C78774} - pas de chemin du fichier. <==== ATTENTION
Task: {F093C61A-D046-4D25-A8C1-026866216402} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {F5D752E3-1AFE-49AD-92D7-ADFED9E3E6B7} - pas de chemin du fichier. <==== ATTENTION
Task: {F7D510E0-032D-40B1-BF70-595290EADE4F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {FD3CB5C1-A27C-4B73-9FF2-7229A2AE758D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {E65DAAA0-37EC-420A-85A0-3EB2293432C4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {404B5969-8EA2-4F04-99CB-D622684E5963} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4bb51da5-f2f4-41ff-bdac-905173795250" --version "6.15.10623" --silent
Task: {F701D228-A271-4774-AF54-B5A506E1C340} - System32\Tasks\CCleanerSkipUAC - Utilisateur => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {08C6DAC8-3EFA-423B-BF6F-AC8937010BF0} - System32\Tasks\cmdhelper => C:\WINDOWS\system32\cmd.exe [289792 2022-06-05] (Microsoft Windows -> Microsoft Corporation) ->
Task: {7E59D0EB-4ADE-45C4-B8AF-497673B8D6BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {41690AF1-0FD8-4A08-ACDD-251E37191442} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {46829289-9230-4E71-B83F-6C4D90B52C8E} - System32\Tasks\HPCustParticipation HP DeskJet 2700 series => C:\Program Files\HP\HP DeskJet 2700 series\Bin\HPCustPartic.exe [6732192 2020-03-04] (HP Inc -> HP Inc.)
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {9B97F1CA-FF8B-4ED4-BB5F-F7BCC366EE05} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {73825C67-B4AD-421E-9B7F-C1DB7806B04F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {1EC5ED94-1344-4108-8E3F-5F87D9D5FD1A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0B95E445-5803-452D-A7E4-3BACB1E50756} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {B203A931-F0A8-4BF2-B774-501E0CAFFA50} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9EBF7009-6154-43C3-8821-7377878E06B5} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {62323F4F-D0A4-46B7-AE6D-C500BC558AC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96266424-1466-4177-83DF-F5B226EA84AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A8A4A41-4BAB-48C6-9ADA-8907C18855DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF1A5BAF-DE41-49B7-A274-F2ABF44A6902} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\antiscam.check.job => C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.check.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{76aafba1-9290-41c5-b205-54177e6aee69}: [NameServer] 127.0.0.1,8.8.8.8
Tcpip\..\Interfaces\{76aafba1-9290-41c5-b205-54177e6aee69}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
DownloadDir: C:\Users\Utilisateur\Downloads
Edge Notifications: HKU\S-1-5-21-1149874187-2923396571-3211608067-1000 -> hxxps://www.rustica.fr; hxxps://www.conforama.fr
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-19]
Edge DownloadDir: Default -> C:\Users\Utilisateur\Downloads
Edge Notifications: Default -> hxxps://immobilier.mitula.fr; hxxps://www.conforama.fr; hxxps://www.rustica.fr
Edge Extension: (Blur.live Ultimate) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfkfcpaiggoahgkdmakiaeiogebpcdbk [2023-06-03]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-03]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-07-25]
Edge Extension: (Edge relevant text changes) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2023-08-18]
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://elfhgaheiifomcjlchhhkfhkplhnkepl/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBSTT&FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Microsoft Bing Search & Trending Topics) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2023-08-18]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-18]
CHR Extension: (uBlock Origin) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-08-18]
CHR Extension: (Blur.live Ultimate) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\elfhgaheiifomcjlchhhkfhkplhnkepl [2023-07-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-18]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
Brave:
=======
BRA Profile: C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-18]
BRA DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBSTT&FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
BRA DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
BRA Extension: (Microsoft Bing Search & Trending Topics) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-08-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-08-17]
BRA Extension: (Brave NTP background images) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-08-17]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-08-17]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-06-01]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-06-01]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-08-17]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-04-17]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-08-17]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-04-17]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-08-17]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-08-17]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyTech365 AntiScam Module; C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe [59784 2023-07-24] (ANTECO SYSTEMS S.L. -> AnyTech365)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\brave_vpn_helper.exe [3170328 2023-08-17] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-08-17] (Brave Software, Inc. -> Brave Software, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-07] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService1d9d1da502aa4cc; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-07-17] (EnigmaSoft Limited -> EnigmaSoft Limited)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-19 14:30 - 2023-08-19 14:32 - 000034035 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2023-08-19 14:30 - 2023-08-19 14:31 - 000000000 ____D C:\FRST
2023-08-19 14:28 - 2023-08-19 14:28 - 000148321 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.txt
2023-08-19 14:11 - 2023-08-19 14:28 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\ZHP
2023-08-19 14:11 - 2023-08-19 14:12 - 027701432 _____ (TeamViewer) C:\Users\Utilisateur\Desktop\TeamViewerQS.exe
2023-08-19 14:11 - 2023-08-19 14:11 - 000000871 _____ C:\Users\Utilisateur\Desktop\ZHPSuite.lnk
2023-08-19 14:11 - 2023-08-19 14:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ZHP
2023-08-19 14:08 - 2023-08-19 14:08 - 002385408 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2023-08-19 14:00 - 2023-08-19 14:00 - 003511456 _____ (Nicolas Coolman) C:\Users\Utilisateur\Desktop\ZHPSuite.exe
2023-08-19 13:03 - 2023-08-19 13:04 - 359796340 _____ C:\Users\Utilisateur\Desktop\Pierre.reg
2023-08-17 19:37 - 2023-08-17 19:37 - 000374832 __RSH C:\ProgramData\ntuser.pol
2023-08-17 19:36 - 2023-08-17 19:38 - 000000000 ____D C:\ProgramData\TEMP
2023-08-17 19:36 - 2023-08-17 19:37 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2023-08-17 19:36 - 2023-08-17 19:36 - 000001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster.lnk
2023-08-17 19:02 - 2023-08-19 13:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Malwarebytes
2023-08-17 19:02 - 2023-08-17 19:02 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-17 19:02 - 2023-08-17 19:02 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-17 19:02 - 2023-08-17 19:02 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\mbam
2023-08-17 18:59 - 2023-08-18 16:03 - 000000000 ____D C:\Utilitaires Pierre
2023-08-17 18:58 - 2023-08-17 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-17 18:58 - 2023-08-17 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-17 18:50 - 2023-08-17 18:50 - 000058892 _____ C:\Users\Utilisateur\Documents\cc_20230817_185011.reg
2023-08-17 18:09 - 2023-08-17 18:09 - 000000388 _____ C:\WINDOWS\Tasks\antiscam.check.job
2023-08-17 17:29 - 2023-08-17 17:31 - 000000000 ____D C:\AdwCleaner
2023-08-17 17:04 - 2023-08-17 17:04 - 000000872 _____ C:\Users\Utilisateur\Desktop\Programmes_portables.lnk
2023-08-17 06:47 - 2023-08-17 06:47 - 000000000 ____D C:\ProgramData\Avast Software
2023-08-17 06:47 - 2023-08-17 06:47 - 000000000 ____D C:\Program Files\Avast Software
2023-08-17 06:40 - 2023-08-17 06:40 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-12 21:15 - 2023-08-12 21:15 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{D70EBD6E-1FDD-43A0-9EAA-57CF039B60FA}
2023-08-12 21:15 - 2023-08-12 21:15 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{42A5EC1E-2C8D-4792-A6F4-F33521CCBA70}
2023-08-12 16:40 - 2023-08-12 16:40 - 000000000 ___HD C:\$WinREAgent
2023-08-11 18:41 - 2023-08-17 17:33 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-11 18:41 - 2023-08-17 06:40 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-03 18:09 - 2023-08-03 18:09 - 001764158 _____ C:\Users\Utilisateur\Downloads\recettes courgettes tomates - Recherche.html
2023-08-03 18:09 - 2023-08-03 18:09 - 000000000 ____D C:\Users\Utilisateur\Downloads\recettes courgettes tomates - Recherche_files
2023-08-02 16:03 - 2023-08-02 16:03 - 000000017 _____ C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg
2023-07-25 11:49 - 2023-07-25 11:49 - 001946276 _____ C:\Users\Utilisateur\Downloads\doc20230725101316.pdf
2023-07-25 11:47 - 2023-07-25 11:47 - 001952410 _____ C:\Users\Utilisateur\Downloads\doc20230725085506.pdf
2023-07-25 11:40 - 2023-07-25 11:40 - 000581147 _____ C:\Users\Utilisateur\Downloads\doc20230725085414.pdf
2023-07-25 11:40 - 2023-07-25 11:40 - 000581147 _____ C:\Users\Utilisateur\Downloads\doc20230725085414 (1).pdf
2023-07-25 11:39 - 2023-07-25 11:39 - 000508284 _____ C:\Users\Utilisateur\Downloads\Non confirmé 511261.crdownload
2023-07-24 12:05 - 2023-07-24 12:05 - 000026561 _____ C:\Users\Utilisateur\Desktop\PV Liquidation.odt
2023-07-13 19:34 - 2023-07-13 19:34 - 000000000 ____D C:\Users\Public\cdh
2023-07-07 16:34 - 2023-07-07 16:34 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\cdh
2023-07-01 16:21 - 2023-06-17 05:49 - 000002280 _____ C:\Users\Utilisateur\Documents\Microsoft Edge.lnk
2023-06-29 22:28 - 2023-06-29 22:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-06-18 04:47 - 2023-06-18 04:47 - 000179191 _____ C:\Users\Utilisateur\Downloads\Comptes _ Espace Client _ Banque Populaire.html
2023-06-16 09:55 - 2023-06-18 04:47 - 000000000 ____D C:\Users\Utilisateur\Downloads\Comptes _ Espace Client _ Banque Populaire_files
2023-05-21 08:50 - 2023-03-20 05:48 - 001350600 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2023-05-21 08:50 - 2023-03-20 05:47 - 005375952 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2023-05-21 08:50 - 2023-03-20 05:47 - 000992208 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-19 14:28 - 2022-06-05 22:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-19 14:28 - 2015-05-20 09:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-19 13:26 - 2023-02-28 20:20 - 000000000 ____D C:\Program Files\CCleaner
2023-08-19 13:24 - 2022-06-05 21:37 - 000296912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-19 13:23 - 2022-06-05 22:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-19 13:23 - 2022-06-05 21:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-19 13:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-19 12:36 - 2019-03-07 19:35 - 000000000 ____D C:\Programmes portables
2023-08-18 15:45 - 2021-04-17 17:45 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-08-18 15:19 - 2015-05-20 09:46 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-18 15:19 - 2015-05-20 09:46 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-17 19:37 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-08-17 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-08-17 19:33 - 2022-06-05 21:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-17 19:01 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-17 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-08-17 18:23 - 2018-02-19 19:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-17 17:53 - 2021-07-17 18:08 - 000000000 ____D C:\ProgramData\Panda Security
2023-08-17 17:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-17 17:51 - 2015-05-20 09:14 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-08-16 22:18 - 2022-06-05 21:43 - 000000000 ____D C:\Users\Utilisateur
2023-08-16 17:49 - 2022-04-05 15:06 - 000000000 ____D C:\Temp
2023-08-12 21:18 - 2022-06-05 21:54 - 001770970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-12 21:18 - 2019-12-07 16:50 - 000791718 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-12 21:18 - 2019-12-07 16:50 - 000149884 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-12 21:10 - 2018-12-07 17:37 - 000037552 _____ C:\url_setting_definitions.txt
2023-08-12 21:08 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-12 21:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-12 21:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-12 13:39 - 2022-06-05 21:42 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-12 13:21 - 2020-07-08 17:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-12 13:21 - 2020-07-08 17:17 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-09 16:42 - 2015-05-20 09:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 16:31 - 2015-05-20 09:15 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-09 07:30 - 2022-10-14 06:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-08-04 15:50 - 2015-08-30 11:05 - 000000000 ___RD C:\Users\Utilisateur\OneDrive
2023-08-02 16:22 - 2022-06-05 22:11 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 16:22 - 2022-06-05 22:11 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-26 18:30 - 2022-06-05 21:43 - 000002439 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-24 12:21 - 2022-09-19 15:00 - 000000000 ____D C:\Program Files (x86)\AnyTech365 AntiScam
2023-07-20 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers ========
2022-08-27 07:12 - 2023-07-10 16:00 - 000000053 _____ () C:\ProgramData\shell.dat
2021-07-17 14:09 - 2021-07-17 14:12 - 000000022 _____ () C:\Users\Utilisateur\AppData\Roaming\client_email.txt
2023-08-02 16:03 - 2023-08-02 16:03 - 000000017 _____ () C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg
2021-02-24 17:20 - 2021-02-24 17:20 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{0A44DB94-5F1E-476E-A123-4EA3646748D3}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{17614851-0D54-47D3-84D1-988D439093DD}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{19194848-A146-4148-ACE3-5229E6125055}
2021-04-04 09:17 - 2021-04-04 09:17 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{199E1B2F-824A-42F8-A0AE-9CED4B694995}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{1B18CAA6-4D19-4D63-B50D-52E195B96FB3}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{32CCEAC4-8FA9-4DC6-B482-8BD02527EA5F}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3B3DFF82-2DA7-4065-B908-FE3D7DFA53E6}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3DD13487-2A85-463D-B5E3-701ADFCDD274}
2021-02-24 17:20 - 2021-02-24 17:20 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3EE43912-39CF-4D1B-A5E1-F9868C14EBD6}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{4D947B00-6170-4723-896B-367EC7CD5F3F}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{55E9F57E-D22A-4844-9320-3DD7BF267F4F}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{5AF01E7A-03BE-496F-ADF7-7F0225A4E67B}
2021-04-04 09:17 - 2021-04-04 09:17 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{857FE816-5BC2-4509-B060-9251A2CB59C1}
2020-10-18 19:34 - 2020-10-18 19:35 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{94F71DB9-8C08-4F7C-9E10-F1D944F2D709}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{993A59F2-75BC-4E77-A6E5-C44D8D1D19DE}
2020-11-24 15:21 - 2020-11-24 15:21 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{9B6E6FC4-1A1F-45FF-98EC-73EC6044E0B2}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{A5277EEA-34E3-4B9C-8831-09E1ABB1ABB4}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{A9C317EF-A8DB-449B-A447-30387CA8DE57}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{BE08C5DA-1409-4FD2-9BE7-B4C426463429}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{CA932CC2-E3AC-4191-9652-BC6B43170F8A}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{DC815779-0BD4-4F80-90FB-C750B5C55665}
2020-11-24 15:22 - 2020-11-24 15:22 - 000000372 _____ () C:\Users\Utilisateur\AppData\Local\{E3DD748D-BD96-4514-8426-CC844380B445}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{E98C2383-A421-4FC9-B607-1452FF88CE73}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{FD87CC70-BA08-4502-9DAE-89269F7CE4C5}
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-13 16:51 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-13 19:17 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-05-12 13:02 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-08-13 02:49 - 2015-07-16 21:33 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2020-09-09 13:49 - 2023-01-23 19:39 - 000012710 _____ C:\WINDOWS\system32\Native.exe
2015-05-21 16:53 - 2012-08-21 23:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2015-05-21 17:16 - 2015-01-09 05:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2015-05-20 10:23 - 2010-11-20 15:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushPrinterConnections.exe
2015-05-21 16:07 - 2012-04-26 07:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe
2015-06-10 17:24 - 2015-05-25 19:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-21 16:55 - 2012-11-29 00:56 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-08-12 17:45 - 2015-07-20 20:12 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2017-03-16 08:04 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:46 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-05-21 20:36 - 2015-05-21 20:36 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2015-10-30 09:19 - 2016-09-13 22:41 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-13 22:41 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-13 02:49 - 2015-07-16 21:05 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-05-20 10:23 - 2009-07-14 03:16 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pmcsnap.dll
2015-05-20 10:23 - 2009-07-14 03:16 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ppcsnap.dll
2015-05-20 10:23 - 2010-11-20 14:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PushPrinterConnections.exe
2023-08-19 14:08 - 2023-08-19 14:08 - 002385408 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2023-08-19 14:00 - 2023-08-19 14:00 - 003511456 _____ (Nicolas Coolman) C:\Users\Utilisateur\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {2c44eb52-e50f-11ec-a2a6-a453485d731f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {1bb1e801-e507-11ec-a361-abd736050ac6}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{1bb1e802-e507-11ec-a361-abd736050ac6}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{1bb1e802-e507-11ec-a361-abd736050ac6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {1bb1e801-e507-11ec-a361-abd736050ac6}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {2c44eb52-e50f-11ec-a2a6-a453485d731f}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {51253b60-39b9-11e9-a90e-963b833ae863}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{51253b61-39b9-11e9-a90e-963b833ae863}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{51253b61-39b9-11e9-a90e-963b833ae863}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {561dbfd5-fec6-11e4-8519-e60bef2a6fb8}
device ramdisk=[C:]\Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\Winre.wim,{561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\Winre.wim,{561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
systemroot \windows
nx OptIn
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {2c44eb52-e50f-11ec-a2a6-a453485d731f}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {1bb1e801-e507-11ec-a361-abd736050ac6}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {1bb1e802-e507-11ec-a361-abd736050ac6}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Utilisateur (administrateur) sur UTILISATEUR-PC (Dell Inc. OptiPlex 780) (19-08-2023 14:30:43)
Exécuté depuis C:\Users\Utilisateur\Desktop\FRST64.exe
Profils chargés: Utilisateur
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe ->) (ANTECO SYSTEMS S.L. -> AnyTech365) C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.dns.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <24>
(explorer.exe ->) (Softdeluxe) [Fichier non signé] C:\Users\Utilisateur\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ANTECO SYSTEMS S.L. -> AnyTech365) C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012024 2021-06-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [Free Download Manager] => C:\Users\Utilisateur\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe [5691904 2022-11-11] (Softdeluxe) [Fichier non signé]
HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\WINDOWS\system32\hpinkstsa011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.96\Installer\chrmstp.exe [2023-08-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\Installer\chrmstp.exe [2023-08-18] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\alpemix.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\AnyDesk.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Aweray_Remote_2.0.0.45399_Win32.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Aweray_Remote_2.0.0.45399_x64.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\AweSun.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\DONOTNEEDPROCESS.EXE: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\g2comm.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\GoTo Opener.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\GoToMyPC Installer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\gotomypc.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Iperius Remote PB.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Iperius Remote.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\IperiusRemote.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\irpb.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\LMI_Rescue.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\LMI_RescueRC.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Lmi_Rescue_srv.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\quickassist.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePC.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCDesktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCLauncher.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCPerformance.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePCUIU.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RemotePC_installer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rfusclient.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RPCDownloader.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RPCPerfViewer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rustdesk-1.1.9.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\RustDesk.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\rutserv.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRAgent.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRAppPB.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRFeature.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRManager.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRServer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SRService.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\ssrangagent.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\ssrangserver.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SSUService.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\strwinclt.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\strwincmpt.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Support-LogMeInRescue.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\Supremo.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SupremoHelper.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\SupremoSystem.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewerQS.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Setup.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\TeamViewer_Setup_x64.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer Setup.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer_Desktop.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
IFEO\UltraViewer_setup_6.5_en.exe: [Debugger] C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.notify.exe
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {009BADFE-E040-4FF2-8F2B-CA4B84F89C98} - pas de chemin du fichier. <==== ATTENTION
Task: {085278B5-6886-4D77-BD11-AB1B8D3695FF} - pas de chemin du fichier. <==== ATTENTION
Task: {1275B0C6-B948-45A8-B598-5685D6EA5BD0} - pas de chemin du fichier. <==== ATTENTION
Task: {17021426-5D06-4638-8329-83C0786A6A2A} - pas de chemin du fichier. <==== ATTENTION
Task: {172D11D5-6791-46FC-B81E-E840ADBE61C4} - pas de chemin du fichier. <==== ATTENTION
Task: {179313B7-70F8-4619-9242-C1B03BAEE2E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {1BB6C5FC-E0FC-43E7-932C-BA31140AD87E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {1F0ED7CF-BF58-43B6-8423-D06A4AA595A5} - pas de chemin du fichier. <==== ATTENTION
Task: {2400054C-B50C-42DB-9DE3-5564716E17EC} - pas de chemin du fichier. <==== ATTENTION
Task: {2505766A-3F1A-4652-833B-1CD9356B561F} - pas de chemin du fichier. <==== ATTENTION
Task: {27E0FCC8-299C-43CE-BE1A-48A058CABC63} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {29903646-8B95-441C-AE59-CC43C0C76FF5} - pas de chemin du fichier. <==== ATTENTION
Task: {2E285014-E865-4B0E-8254-689401A5926D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - pas de chemin du fichier. <==== ATTENTION
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - \Microsoft\Windows\Autochk\Proxy -> Pas de fichier <==== ATTENTION
Task: {39F55813-68FF-4B75-83F0-4AB8B89A7CD2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {3A92573F-61C5-4F73-AB0F-0A9B791545CB} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> Pas de fichier <==== ATTENTION
Task: {3ED85B19-C71A-4CFC-BDFD-9ACA2A306507} - pas de chemin du fichier. <==== ATTENTION
Task: {473BE735-CA1A-4275-8E0E-614A91457EB5} - pas de chemin du fichier. <==== ATTENTION
Task: {493D513A-9112-42A9-9865-DD53683E3829} - pas de chemin du fichier. <==== ATTENTION
Task: {51EEDBF0-84EC-4860-AC32-E7754FCD135A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {5317DEF5-F04A-4E60-A388-2131AE586802} - pas de chemin du fichier. <==== ATTENTION
Task: {5605B450-5BD5-4434-8D13-64E3DBD6295A} - pas de chemin du fichier. <==== ATTENTION
Task: {62B75C23-0936-4E63-B017-0A10DAF63627} - pas de chemin du fichier. <==== ATTENTION
Task: {6317C7DF-831E-45D8-AACC-65F81D6C7A1E} - pas de chemin du fichier. <==== ATTENTION
Task: {64204593-9167-4035-BAA1-4F85F5A3B26B} - pas de chemin du fichier. <==== ATTENTION
Task: {663E9E36-0D8A-42FC-B29D-92ABDF2F2331} - pas de chemin du fichier. <==== ATTENTION
Task: {6C9207B1-42CB-4182-9D1D-A9555944B5C9} - pas de chemin du fichier. <==== ATTENTION
Task: {6F1F91A1-9F8F-490D-BE34-A09B20DAE2B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {73785B3D-115F-4088-BBE9-F6A590AB89B8} - pas de chemin du fichier. <==== ATTENTION
Task: {77D3DFE7-86E5-40A3-913C-D7E8C2CADC7D} - pas de chemin du fichier. <==== ATTENTION
Task: {786462D0-0915-46BC-8314-22451F242D43} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> Pas de fichier <==== ATTENTION
Task: {78E96733-DDEF-4FB9-AD45-FC553EFC4CFD} - pas de chemin du fichier. <==== ATTENTION
Task: {7E301D48-9E2B-4943-8A45-3E47F4C2CA51} - pas de chemin du fichier. <==== ATTENTION
Task: {7E68C89A-72C2-4E01-8CC3-569CA87F77E2} - pas de chemin du fichier. <==== ATTENTION
Task: {7F0DEA87-6141-4E17-9F83-17C930B74113} - pas de chemin du fichier. <==== ATTENTION
Task: {804EF56D-CD34-4DAB-9DD9-70AFB26F115B} - pas de chemin du fichier. <==== ATTENTION
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - pas de chemin du fichier. <==== ATTENTION
Task: {8D2633BB-C5E8-43DF-8D21-22E828F2E6F7} - pas de chemin du fichier. <==== ATTENTION
Task: {907B8E98-BFCC-4464-AB8E-7F91AFDE4736} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> Pas de fichier <==== ATTENTION
Task: {B0BEC3AE-ADB1-433C-A992-FF43437A9D16} - pas de chemin du fichier. <==== ATTENTION
Task: {B1B9D751-4D43-4AE1-825C-2980107466B2} - pas de chemin du fichier. <==== ATTENTION
Task: {B33C9594-F4B8-4541-90A4-D713E303FE3B} - pas de chemin du fichier. <==== ATTENTION
Task: {BA07B5D9-A28B-4696-8DDC-5FA56E90D159} - pas de chemin du fichier. <==== ATTENTION
Task: {C68D5F78-E222-45F8-8A47-3B059E940412} - pas de chemin du fichier. <==== ATTENTION
Task: {CA400950-C969-4156-A90B-3E75FD03A210} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {CE6C4396-92AA-4F67-AF29-90E15C235DA9} - pas de chemin du fichier. <==== ATTENTION
Task: {D4FCC2AE-96BA-45BF-9BC1-28399E2ABA37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {D7A43D61-50EF-4852-B0E8-02CD33629761} - pas de chemin du fichier. <==== ATTENTION
Task: {DEFE42B5-A5F1-45E3-BF69-1D5F7F05DC68} - pas de chemin du fichier. <==== ATTENTION
Task: {E1426B75-011E-4D85-91B5-9316AF904D6A} - pas de chemin du fichier. <==== ATTENTION
Task: {EA6BDB8E-98BD-4824-95DC-561D01C78774} - pas de chemin du fichier. <==== ATTENTION
Task: {F093C61A-D046-4D25-A8C1-026866216402} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {F5D752E3-1AFE-49AD-92D7-ADFED9E3E6B7} - pas de chemin du fichier. <==== ATTENTION
Task: {F7D510E0-032D-40B1-BF70-595290EADE4F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {FD3CB5C1-A27C-4B73-9FF2-7229A2AE758D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {E65DAAA0-37EC-420A-85A0-3EB2293432C4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {404B5969-8EA2-4F04-99CB-D622684E5963} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4bb51da5-f2f4-41ff-bdac-905173795250" --version "6.15.10623" --silent
Task: {F701D228-A271-4774-AF54-B5A506E1C340} - System32\Tasks\CCleanerSkipUAC - Utilisateur => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {08C6DAC8-3EFA-423B-BF6F-AC8937010BF0} - System32\Tasks\cmdhelper => C:\WINDOWS\system32\cmd.exe [289792 2022-06-05] (Microsoft Windows -> Microsoft Corporation) ->
Task: {7E59D0EB-4ADE-45C4-B8AF-497673B8D6BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {41690AF1-0FD8-4A08-ACDD-251E37191442} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {46829289-9230-4E71-B83F-6C4D90B52C8E} - System32\Tasks\HPCustParticipation HP DeskJet 2700 series => C:\Program Files\HP\HP DeskJet 2700 series\Bin\HPCustPartic.exe [6732192 2020-03-04] (HP Inc -> HP Inc.)
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {CBD98982-5253-40B1-B776-CA3D239A9354} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {9B97F1CA-FF8B-4ED4-BB5F-F7BCC366EE05} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {73825C67-B4AD-421E-9B7F-C1DB7806B04F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {1EC5ED94-1344-4108-8E3F-5F87D9D5FD1A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0B95E445-5803-452D-A7E4-3BACB1E50756} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {B203A931-F0A8-4BF2-B774-501E0CAFFA50} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9EBF7009-6154-43C3-8821-7377878E06B5} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {62323F4F-D0A4-46B7-AE6D-C500BC558AC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96266424-1466-4177-83DF-F5B226EA84AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A8A4A41-4BAB-48C6-9ADA-8907C18855DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF1A5BAF-DE41-49B7-A274-F2ABF44A6902} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\antiscam.check.job => C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.check.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{76aafba1-9290-41c5-b205-54177e6aee69}: [NameServer] 127.0.0.1,8.8.8.8
Tcpip\..\Interfaces\{76aafba1-9290-41c5-b205-54177e6aee69}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
DownloadDir: C:\Users\Utilisateur\Downloads
Edge Notifications: HKU\S-1-5-21-1149874187-2923396571-3211608067-1000 -> hxxps://www.rustica.fr; hxxps://www.conforama.fr
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-19]
Edge DownloadDir: Default -> C:\Users\Utilisateur\Downloads
Edge Notifications: Default -> hxxps://immobilier.mitula.fr; hxxps://www.conforama.fr; hxxps://www.rustica.fr
Edge Extension: (Blur.live Ultimate) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfkfcpaiggoahgkdmakiaeiogebpcdbk [2023-06-03]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-03]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-07-25]
Edge Extension: (Edge relevant text changes) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2023-08-18]
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://elfhgaheiifomcjlchhhkfhkplhnkepl/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBSTT&FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Microsoft Bing Search & Trending Topics) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2023-08-18]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-18]
CHR Extension: (uBlock Origin) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-08-18]
CHR Extension: (Blur.live Ultimate) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\elfhgaheiifomcjlchhhkfhkplhnkepl [2023-07-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-18]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-04-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-1149874187-2923396571-3211608067-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
Brave:
=======
BRA Profile: C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-18]
BRA DefaultSearchURL: Default -> hxxps://www.bing.com/search?EID=MBSTT&FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
BRA DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
BRA Extension: (Microsoft Bing Search & Trending Topics) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-08-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-08-17]
BRA Extension: (Brave NTP background images) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-08-17]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-08-17]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-06-01]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-06-01]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-08-17]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-04-17]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-08-17]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-04-17]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-08-17]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-08-17]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Utilisateur\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-08-17]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyTech365 AntiScam Module; C:\Program Files (x86)\AnyTech365 AntiScam\antiscam.service.exe [59784 2023-07-24] (ANTECO SYSTEMS S.L. -> AnyTech365)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\brave_vpn_helper.exe [3170328 2023-08-17] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-08-17] (Brave Software, Inc. -> Brave Software, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-07] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService1d9d1da502aa4cc; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.49\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-07-17] (EnigmaSoft Limited -> EnigmaSoft Limited)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-19 14:30 - 2023-08-19 14:32 - 000034035 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2023-08-19 14:30 - 2023-08-19 14:31 - 000000000 ____D C:\FRST
2023-08-19 14:28 - 2023-08-19 14:28 - 000148321 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.txt
2023-08-19 14:11 - 2023-08-19 14:28 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\ZHP
2023-08-19 14:11 - 2023-08-19 14:12 - 027701432 _____ (TeamViewer) C:\Users\Utilisateur\Desktop\TeamViewerQS.exe
2023-08-19 14:11 - 2023-08-19 14:11 - 000000871 _____ C:\Users\Utilisateur\Desktop\ZHPSuite.lnk
2023-08-19 14:11 - 2023-08-19 14:11 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ZHP
2023-08-19 14:08 - 2023-08-19 14:08 - 002385408 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2023-08-19 14:00 - 2023-08-19 14:00 - 003511456 _____ (Nicolas Coolman) C:\Users\Utilisateur\Desktop\ZHPSuite.exe
2023-08-19 13:03 - 2023-08-19 13:04 - 359796340 _____ C:\Users\Utilisateur\Desktop\Pierre.reg
2023-08-17 19:37 - 2023-08-17 19:37 - 000374832 __RSH C:\ProgramData\ntuser.pol
2023-08-17 19:36 - 2023-08-17 19:38 - 000000000 ____D C:\ProgramData\TEMP
2023-08-17 19:36 - 2023-08-17 19:37 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2023-08-17 19:36 - 2023-08-17 19:36 - 000001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster.lnk
2023-08-17 19:02 - 2023-08-19 13:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Malwarebytes
2023-08-17 19:02 - 2023-08-17 19:02 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-17 19:02 - 2023-08-17 19:02 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-17 19:02 - 2023-08-17 19:02 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\mbam
2023-08-17 18:59 - 2023-08-18 16:03 - 000000000 ____D C:\Utilitaires Pierre
2023-08-17 18:58 - 2023-08-17 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-17 18:58 - 2023-08-17 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-17 18:50 - 2023-08-17 18:50 - 000058892 _____ C:\Users\Utilisateur\Documents\cc_20230817_185011.reg
2023-08-17 18:09 - 2023-08-17 18:09 - 000000388 _____ C:\WINDOWS\Tasks\antiscam.check.job
2023-08-17 17:29 - 2023-08-17 17:31 - 000000000 ____D C:\AdwCleaner
2023-08-17 17:04 - 2023-08-17 17:04 - 000000872 _____ C:\Users\Utilisateur\Desktop\Programmes_portables.lnk
2023-08-17 06:47 - 2023-08-17 06:47 - 000000000 ____D C:\ProgramData\Avast Software
2023-08-17 06:47 - 2023-08-17 06:47 - 000000000 ____D C:\Program Files\Avast Software
2023-08-17 06:40 - 2023-08-17 06:40 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-12 21:15 - 2023-08-12 21:15 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{D70EBD6E-1FDD-43A0-9EAA-57CF039B60FA}
2023-08-12 21:15 - 2023-08-12 21:15 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{42A5EC1E-2C8D-4792-A6F4-F33521CCBA70}
2023-08-12 16:40 - 2023-08-12 16:40 - 000000000 ___HD C:\$WinREAgent
2023-08-11 18:41 - 2023-08-17 17:33 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-11 18:41 - 2023-08-17 06:40 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-03 18:09 - 2023-08-03 18:09 - 001764158 _____ C:\Users\Utilisateur\Downloads\recettes courgettes tomates - Recherche.html
2023-08-03 18:09 - 2023-08-03 18:09 - 000000000 ____D C:\Users\Utilisateur\Downloads\recettes courgettes tomates - Recherche_files
2023-08-02 16:03 - 2023-08-02 16:03 - 000000017 _____ C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg
2023-07-25 11:49 - 2023-07-25 11:49 - 001946276 _____ C:\Users\Utilisateur\Downloads\doc20230725101316.pdf
2023-07-25 11:47 - 2023-07-25 11:47 - 001952410 _____ C:\Users\Utilisateur\Downloads\doc20230725085506.pdf
2023-07-25 11:40 - 2023-07-25 11:40 - 000581147 _____ C:\Users\Utilisateur\Downloads\doc20230725085414.pdf
2023-07-25 11:40 - 2023-07-25 11:40 - 000581147 _____ C:\Users\Utilisateur\Downloads\doc20230725085414 (1).pdf
2023-07-25 11:39 - 2023-07-25 11:39 - 000508284 _____ C:\Users\Utilisateur\Downloads\Non confirmé 511261.crdownload
2023-07-24 12:05 - 2023-07-24 12:05 - 000026561 _____ C:\Users\Utilisateur\Desktop\PV Liquidation.odt
2023-07-13 19:34 - 2023-07-13 19:34 - 000000000 ____D C:\Users\Public\cdh
2023-07-07 16:34 - 2023-07-07 16:34 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\cdh
2023-07-01 16:21 - 2023-06-17 05:49 - 000002280 _____ C:\Users\Utilisateur\Documents\Microsoft Edge.lnk
2023-06-29 22:28 - 2023-06-29 22:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-06-18 04:47 - 2023-06-18 04:47 - 000179191 _____ C:\Users\Utilisateur\Downloads\Comptes _ Espace Client _ Banque Populaire.html
2023-06-16 09:55 - 2023-06-18 04:47 - 000000000 ____D C:\Users\Utilisateur\Downloads\Comptes _ Espace Client _ Banque Populaire_files
2023-05-21 08:50 - 2023-03-20 05:48 - 001350600 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2023-05-21 08:50 - 2023-03-20 05:47 - 005375952 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2023-05-21 08:50 - 2023-03-20 05:47 - 000992208 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-19 14:28 - 2022-06-05 22:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-19 14:28 - 2015-05-20 09:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-19 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-19 13:26 - 2023-02-28 20:20 - 000000000 ____D C:\Program Files\CCleaner
2023-08-19 13:24 - 2022-06-05 21:37 - 000296912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-19 13:23 - 2022-06-05 22:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-19 13:23 - 2022-06-05 21:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-19 13:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-19 12:36 - 2019-03-07 19:35 - 000000000 ____D C:\Programmes portables
2023-08-18 15:45 - 2021-04-17 17:45 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-08-18 15:19 - 2015-05-20 09:46 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-18 15:19 - 2015-05-20 09:46 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-17 19:37 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-08-17 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-08-17 19:33 - 2022-06-05 21:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-17 19:01 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-17 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-08-17 18:23 - 2018-02-19 19:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-17 17:53 - 2021-07-17 18:08 - 000000000 ____D C:\ProgramData\Panda Security
2023-08-17 17:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-17 17:51 - 2015-05-20 09:14 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-08-16 22:18 - 2022-06-05 21:43 - 000000000 ____D C:\Users\Utilisateur
2023-08-16 17:49 - 2022-04-05 15:06 - 000000000 ____D C:\Temp
2023-08-12 21:18 - 2022-06-05 21:54 - 001770970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-12 21:18 - 2019-12-07 16:50 - 000791718 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-12 21:18 - 2019-12-07 16:50 - 000149884 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-12 21:10 - 2018-12-07 17:37 - 000037552 _____ C:\url_setting_definitions.txt
2023-08-12 21:08 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-12 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-12 21:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-12 21:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-12 13:39 - 2022-06-05 21:42 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-12 13:21 - 2020-07-08 17:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-12 13:21 - 2020-07-08 17:17 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-09 16:42 - 2015-05-20 09:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 16:31 - 2015-05-20 09:15 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-09 07:30 - 2022-10-14 06:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-08-04 15:50 - 2015-08-30 11:05 - 000000000 ___RD C:\Users\Utilisateur\OneDrive
2023-08-02 16:22 - 2022-06-05 22:11 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 16:22 - 2022-06-05 22:11 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-26 18:30 - 2022-06-05 21:43 - 000002439 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-24 12:21 - 2022-09-19 15:00 - 000000000 ____D C:\Program Files (x86)\AnyTech365 AntiScam
2023-07-20 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Fichiers à la racine de certains dossiers ========
2022-08-27 07:12 - 2023-07-10 16:00 - 000000053 _____ () C:\ProgramData\shell.dat
2021-07-17 14:09 - 2021-07-17 14:12 - 000000022 _____ () C:\Users\Utilisateur\AppData\Roaming\client_email.txt
2023-08-02 16:03 - 2023-08-02 16:03 - 000000017 _____ () C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg
2021-02-24 17:20 - 2021-02-24 17:20 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{0A44DB94-5F1E-476E-A123-4EA3646748D3}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{17614851-0D54-47D3-84D1-988D439093DD}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{19194848-A146-4148-ACE3-5229E6125055}
2021-04-04 09:17 - 2021-04-04 09:17 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{199E1B2F-824A-42F8-A0AE-9CED4B694995}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{1B18CAA6-4D19-4D63-B50D-52E195B96FB3}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{32CCEAC4-8FA9-4DC6-B482-8BD02527EA5F}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3B3DFF82-2DA7-4065-B908-FE3D7DFA53E6}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3DD13487-2A85-463D-B5E3-701ADFCDD274}
2021-02-24 17:20 - 2021-02-24 17:20 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{3EE43912-39CF-4D1B-A5E1-F9868C14EBD6}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{4D947B00-6170-4723-896B-367EC7CD5F3F}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{55E9F57E-D22A-4844-9320-3DD7BF267F4F}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{5AF01E7A-03BE-496F-ADF7-7F0225A4E67B}
2021-04-04 09:17 - 2021-04-04 09:17 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{857FE816-5BC2-4509-B060-9251A2CB59C1}
2020-10-18 19:34 - 2020-10-18 19:35 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{94F71DB9-8C08-4F7C-9E10-F1D944F2D709}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{993A59F2-75BC-4E77-A6E5-C44D8D1D19DE}
2020-11-24 15:21 - 2020-11-24 15:21 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{9B6E6FC4-1A1F-45FF-98EC-73EC6044E0B2}
2021-03-08 23:07 - 2021-03-08 23:07 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{A5277EEA-34E3-4B9C-8831-09E1ABB1ABB4}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{A9C317EF-A8DB-449B-A447-30387CA8DE57}
2021-06-22 17:57 - 2021-06-22 17:57 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{BE08C5DA-1409-4FD2-9BE7-B4C426463429}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{CA932CC2-E3AC-4191-9652-BC6B43170F8A}
2021-01-19 22:32 - 2021-01-19 22:32 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{DC815779-0BD4-4F80-90FB-C750B5C55665}
2020-11-24 15:22 - 2020-11-24 15:22 - 000000372 _____ () C:\Users\Utilisateur\AppData\Local\{E3DD748D-BD96-4514-8426-CC844380B445}
2021-02-16 16:40 - 2021-02-16 16:40 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{E98C2383-A421-4FC9-B607-1452FF88CE73}
2020-10-29 20:10 - 2020-10-29 20:10 - 000000000 _____ () C:\Users\Utilisateur\AppData\Local\{FD87CC70-BA08-4502-9DAE-89269F7CE4C5}
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-13 16:51 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-13 19:17 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-05-12 13:02 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-08-13 02:49 - 2015-07-16 21:33 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2020-09-09 13:49 - 2023-01-23 19:39 - 000012710 _____ C:\WINDOWS\system32\Native.exe
2015-05-21 16:53 - 2012-08-21 23:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2015-05-21 17:16 - 2015-01-09 05:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2015-05-20 10:23 - 2010-11-20 15:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushPrinterConnections.exe
2015-05-21 16:07 - 2012-04-26 07:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe
2015-06-10 17:24 - 2015-05-25 19:00 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-21 16:55 - 2012-11-29 00:56 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-08-12 17:45 - 2015-07-20 20:12 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-21 20:31 - 2015-05-21 20:31 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2017-03-16 08:04 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:46 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-05-21 20:36 - 2015-05-21 20:36 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll
2015-10-30 09:19 - 2016-09-13 22:41 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-13 22:41 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-13 02:49 - 2015-07-16 21:05 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-05-20 10:23 - 2009-07-14 03:16 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pmcsnap.dll
2015-05-20 10:23 - 2009-07-14 03:16 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ppcsnap.dll
2015-05-20 10:23 - 2010-11-20 14:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PushPrinterConnections.exe
2023-08-19 14:08 - 2023-08-19 14:08 - 002385408 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2023-08-19 14:00 - 2023-08-19 14:00 - 003511456 _____ (Nicolas Coolman) C:\Users\Utilisateur\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {2c44eb52-e50f-11ec-a2a6-a453485d731f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {1bb1e801-e507-11ec-a361-abd736050ac6}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{1bb1e802-e507-11ec-a361-abd736050ac6}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{1bb1e802-e507-11ec-a361-abd736050ac6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {1bb1e801-e507-11ec-a361-abd736050ac6}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {2c44eb52-e50f-11ec-a2a6-a453485d731f}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {51253b60-39b9-11e9-a90e-963b833ae863}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{51253b61-39b9-11e9-a90e-963b833ae863}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{51253b61-39b9-11e9-a90e-963b833ae863}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {561dbfd5-fec6-11e4-8519-e60bef2a6fb8}
device ramdisk=[C:]\Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\Winre.wim,{561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\Winre.wim,{561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
systemroot \windows
nx OptIn
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {2c44eb52-e50f-11ec-a2a6-a453485d731f}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {1bb1e801-e507-11ec-a361-abd736050ac6}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {1bb1e802-e507-11ec-a361-abd736050ac6}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {561dbfd6-fec6-11e4-8519-e60bef2a6fb8}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\561dbfd5-fec6-11e4-8519-e60bef2a6fb8\boot.sdi
==================== Fin de FRST.txt ========================