Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Exécuté par User (administrateur) sur PC-LENOVO-STÉPH (LENOVO ChiefRiver Platform) (28-09-2023 11:38:23)
Exécuté depuis C:\Users\User\Desktop\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3448 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\User\Desktop\ZHPSuite.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <21>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Proton Technologies AG -> ) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.WireGuardService.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-05-12] (Open-Shell) [Fichier non signé]
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2020-08-12] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\Installer\setup.exe [3796520 2023-09-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-08-23] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210112 2023-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwCP.dll [2012-07-30] (Broadcom Corporation -> Broadcom Corporation.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C47B3952-D67F-4038-86B2-DA7C38A8834C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B520E0C3-2FF7-4888-AA5B-1A636470C2D6} - System32\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1B7FE57F-2B37-4CBC-9B31-4A8A151C3D7C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A983F8CE-B187-4ABD-B455-883155B973D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A5D50D0-BDF5-470C-9218-106469EF570F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124496 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {90649A46-0E10-41B0-853F-FD77D261D6F9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124496 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE5F6402-16FA-4D04-A779-99F695A76263} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [834680 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {A3DF0BD7-5AEC-4F4F-8F2C-778AD6816398} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2021-01-15] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C30BCD0C-A15A-4FC4-8368-8D84A74CA38E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45208ED4-7C4F-45D5-BB31-A5876B5EB8F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBDA0E03-61CA-42FB-B59E-B4FA1E4923B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06D645E1-C5D0-4193-AA3A-EC9D3157A96E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {76DA94C1-978B-4A68-9AAF-79C949324411} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-09-27] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DD1707CC-F96D-4236-A9AA-64FEC836A862} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {FB1460CC-8BF0-4947-977C-EE4C001D0B76} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 ] (Synaptics Incorporated -> Synaptics Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{07e5b248-3456-42d9-b3f1-1681055429eb}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cdd9aa6a-c17f-4a9e-b56f-63ed7ea59cec}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-28]
Edge Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: sdcf5m94.default-1449679278495-1622248414203
FF DefaultProfile: bjcbl64y.default
FF ProfilePath: C:\Users\User\AppData\Roaming\TomTom\HOME\Profiles\2xvvmal5.default [2019-07-16]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-07-16] [] [non signé]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 [2023-09-28]
FF Homepage: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.google.fr/
FF Session Restore: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.gametwist.com; hxxps://odysee.com; hxxps://www.piecesauto.fr; hxxps://twitter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bookmark search plus 2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\bookmarksearchplus2@aafn.org.xpi [2023-09-24]
FF Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\firefox@online-convert.com.xpi [2021-05-29]
FF Extension: (I don't care about cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-09-26]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-09-15]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\uBlock0@raymondhill.net.xpi [2023-09-26]
FF Extension: (Reverse Image Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2023-02-22]
FF Extension: (Tab Suspender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{29780561-0607-49f3-aba9-fb8806d2f22d}.xpi [2021-05-29]
FF Extension: (Privacy Pass) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{48748554-4c01-49e8-94af-79662bf34d50}.xpi [2023-09-04]
FF Extension: (New Tab Homepage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2021-05-29]
FF Extension: (Flash and Video Download) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2021-05-29]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-25]
FF Extension: (Auto Tab Discard) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-12-20]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default [2023-02-03]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF NewTab: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF Session Restore: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> est activé.
FF Extension: (Français (FR) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default\Extensions\langpack-fr@palemoon.org.xpi [2022-06-15] [] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11879392 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-20] (Malwarebytes Inc. -> Malwarebytes)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPNService.exe [472168 2023-08-23] (Proton Technologies AG -> ProtonVPN)
R3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.WireGuardService.exe [471656 2023-08-23] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl73342e35; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{408BA1BB-CEF0-4E8C-83B7-561035E043B3}\MpKslDrv.sys [222464 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.1\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-28 11:38 - 2023-09-28 11:40 - 000024679 _____ C:\Users\User\Desktop\FRST.txt
2023-09-28 11:37 - 2023-09-28 11:40 - 000000000 ____D C:\FRST
2023-09-28 11:36 - 2023-09-28 11:36 - 002382848 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-09-28 11:21 - 2023-09-28 11:21 - 000186290 _____ C:\Users\User\Desktop\ZHPDiag.txt
2023-09-28 11:03 - 2023-09-28 11:03 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2023-09-28 04:36 - 2023-09-28 04:39 - 000000000 ____D C:\AdwCleaner
2023-09-28 04:34 - 2023-09-28 04:34 - 008791352 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner.exe
2023-09-28 02:43 - 2023-09-28 02:43 - 000036266 _____ C:\Users\User\Desktop\ZHPCleaner (R).html
2023-09-28 02:43 - 2023-09-28 02:43 - 000021555 _____ C:\Users\User\Desktop\ZHPCleaner (R).txt
2023-09-28 02:30 - 2023-09-28 02:30 - 000036283 _____ C:\Users\User\Desktop\ZHPCleaner (S).html
2023-09-28 02:30 - 2023-09-28 02:30 - 000021601 _____ C:\Users\User\Desktop\ZHPCleaner (S).txt
2023-09-28 01:10 - 2023-09-28 11:04 - 000000000 ____D C:\Users\User\AppData\Local\ZHP
2023-09-28 01:10 - 2023-09-28 01:12 - 000000931 _____ C:\Users\User\Desktop\ZHPCleaner.lnk
2023-09-28 01:08 - 2023-09-28 01:08 - 003343008 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPCleaner.exe
2023-09-21 17:43 - 2023-09-21 17:43 - 000180663 _____ C:\Users\User\Downloads\Invitation JOB DATING GROUPE LA POSTE CHAIX .pdf
2023-09-20 16:45 - 2023-09-20 16:45 - 000143224 _____ C:\Users\User\Downloads\RIB Caav SC.pdf
2023-09-20 16:44 - 2023-09-20 16:44 - 000760462 _____ C:\Users\User\Downloads\Auto de prlvt NGE.pdf
2023-09-13 12:36 - 2023-09-13 12:36 - 000000000 ___HD C:\$WinREAgent
2023-09-13 02:23 - 2023-09-28 02:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-09-09 21:45 - 2023-09-09 21:45 - 000005285 _____ C:\Users\User\Downloads\CA20230909_214531.xlsx
2023-09-08 12:18 - 2023-09-08 12:18 - 000102539 _____ C:\Users\User\Downloads\Attestation pmt de juillet 2022 à juillet 2023.pdf
2023-08-31 22:46 - 2023-08-31 22:46 - 009261782 _____ C:\Users\User\Downloads\stationnement-payant.pdf
2023-08-29 15:01 - 2023-09-28 02:58 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-08-29 15:00 - 2023-08-29 15:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-07-08 22:18 - 2023-07-08 22:19 - 000000000 ____D C:\ProgramData\ProtonVPN
2023-07-08 22:17 - 2023-09-04 21:00 - 000000992 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-07-08 22:17 - 2023-09-04 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-07-08 22:16 - 2023-07-08 22:16 - 000000000 ____D C:\Program Files\Proton
2023-07-02 23:47 - 2023-07-02 23:47 - 000073202 _____ C:\Users\User\Downloads\Bulletins de Paie du 06 2023 (1).pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-28 11:32 - 2020-08-12 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-28 11:21 - 2018-05-01 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\ZHP
2023-09-28 04:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-28 04:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-28 04:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-28 03:12 - 2022-02-10 11:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-28 02:55 - 2020-08-12 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-28 02:55 - 2020-08-12 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-28 02:55 - 2015-10-23 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-28 02:54 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-28 02:53 - 2021-06-05 00:47 - 000000000 ____D C:\Users\User\AppData\Local\OpenShell
2023-09-27 17:52 - 2015-10-23 16:34 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 02:25 - 2020-06-22 02:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-27 02:24 - 2020-06-22 02:40 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-26 15:29 - 2018-07-11 14:39 - 000000000 ____D C:\ProgramData\Packages
2023-09-26 15:27 - 2021-12-13 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-09-26 15:27 - 2020-08-12 23:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-09-26 15:27 - 2020-08-12 23:09 - 000002475 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-22 22:11 - 2017-12-30 22:41 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2023-09-22 22:10 - 2018-05-29 23:09 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2023-09-16 22:14 - 2017-02-04 04:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-09-14 17:10 - 2020-08-12 23:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-14 17:10 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-14 17:10 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-14 17:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-14 17:03 - 2021-06-10 04:46 - 000466872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 15:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 15:01 - 2020-08-12 23:10 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 12:24 - 2015-10-24 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 12:09 - 2015-10-24 04:06 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-08 14:17 - 2017-08-08 19:29 - 000000000 ____D C:\Users\User\Documents\CAF
2023-09-08 13:49 - 2015-12-23 22:16 - 000000000 ____D C:\Users\User\Documents\H
2023-09-07 08:43 - 2016-11-16 21:04 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2023-09-05 13:00 - 2021-07-01 17:23 - 000000000 ____D C:\Users\User\AppData\Local\ProtonVPN
2023-08-31 14:40 - 2021-06-28 12:08 - 000000000 ____D C:\KPRM
2023-08-31 12:37 - 2016-02-18 17:07 - 000000000 ____D C:\Users\User\Documents\Impôts
2023-08-30 22:20 - 2015-10-26 17:02 - 000000000 ____D C:\Users\User\AppData\LocalLow\Temp
2023-08-30 18:13 - 2020-08-12 23:09 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows
2023-08-30 13:18 - 2018-05-29 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-30 13:14 - 2021-01-22 08:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-29 21:33 - 2020-08-12 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2023-08-29 21:33 - 2020-08-12 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-08-29 17:06 - 2018-06-20 01:47 - 000000000 ____D C:\Users\User\Documents\Désinfection
2023-08-29 15:00 - 2023-02-05 19:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-29 14:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-29 14:54 - 2017-10-22 17:01 - 000000000 ____D C:\Program Files\Malwarebytes
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-08-22 13:45 - 2013-08-22 13:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 13:43 - 2013-08-22 13:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
2016-07-13 16:40 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-12 14:55 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2014-11-21 01:20 - 2014-11-21 01:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-11-21 01:20 - 2014-11-21 01:20 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2012-08-27 08:15 - 2012-08-23 10:08 - 000116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v2843.dll
2017-05-10 20:19 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-10-19 09:36 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-11-21 06:34 - 2014-11-21 06:34 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2022-05-12 18:56 - 2022-05-12 18:56 - 000407552 _____ (Open-Shell) C:\WINDOWS\system32\StartMenuHelper64.dll
2015-10-26 18:29 - 2015-10-26 18:29 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-10-26 18:22 - 2015-10-26 18:22 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000409600 _____ (Complementary Colors) C:\WINDOWS\SysWOW64\Achroma.dll
2013-08-22 06:17 - 2013-08-22 06:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000094208 _____ (aaa) C:\WINDOWS\SysWOW64\CMDLGD6.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-19 09:35 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2017-11-08 16:42 - 2016-02-03 11:18 - 000348160 _____ C:\WINDOWS\SysWOW64\FiltreAlpha.dll
2017-11-08 16:43 - 2008-05-02 15:27 - 000393216 _____ (NiceFeather Software Solutions Corporation) C:\WINDOWS\SysWOW64\FontCombo.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000057344 _____ (Hallé) C:\WINDOWS\SysWOW64\FreeThreader.dll
2017-03-14 23:59 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-10-19 09:36 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000028672 _____ (Sologiciel) C:\WINDOWS\SysWOW64\IntelTextFileOperation.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll
2012-04-20 13:59 - 2012-04-20 13:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe
2016-05-18 14:49 - 2016-05-18 14:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll
2015-10-30 09:19 - 2016-09-14 14:10 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 14:10 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2FR.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 001046288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL
2017-11-08 16:42 - 2001-08-24 17:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2015-10-19 09:51 - 2012-03-23 19:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll
2017-11-08 16:43 - 2017-11-08 16:43 - 000003584 _____ C:\WINDOWS\SysWOW64\multit.dll
2017-11-08 16:42 - 2005-07-27 12:43 - 000765952 _____ (Polar) C:\WINDOWS\SysWOW64\PolarSpellChecker.dll
2010-01-27 04:09 - 2010-01-27 04:09 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2017-11-08 16:43 - 2013-08-05 21:44 - 000416768 _____ C:\WINDOWS\SysWOW64\QRCodeLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL
2017-05-10 18:40 - 2016-05-18 14:49 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnfr.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000040960 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\SSubTmr6.dll
2022-05-12 18:59 - 2022-05-12 18:59 - 000334336 _____ (Open-Shell) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2017-11-08 16:43 - 2011-06-29 23:03 - 001314816 _____ C:\WINDOWS\SysWOW64\TIFF2PDF.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2017-11-08 16:43 - 2010-07-27 17:02 - 000245815 _____ (GreenReaper Studios) C:\WINDOWS\SysWOW64\VBTablet.dll
2017-11-08 16:43 - 2012-02-01 18:59 - 000792064 _____ C:\WINDOWS\SysWOW64\viscomdocx.dll
2017-11-08 16:43 - 2008-05-13 08:27 - 000172032 _____ C:\WINDOWS\SysWOW64\viscomgifenc.dll
2017-11-08 16:43 - 2007-01-27 04:45 - 000520192 _____ C:\WINDOWS\SysWOW64\viscompdf.dll
2017-11-08 16:43 - 2011-10-04 13:08 - 000282624 _____ C:\WINDOWS\SysWOW64\viscompsd.dll
2016-08-17 13:28 - 2010-07-25 22:23 - 000002272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\W95INF16.DLL
2016-08-17 13:28 - 2010-07-25 22:23 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\W95INF32.DLL
2018-01-10 18:59 - 2018-01-10 18:59 - 001110564 _____ (Igor Pavlov) C:\Users\User\Desktop\7z1604.exe
2017-03-29 16:53 - 2017-03-29 16:54 - 024982849 _____ C:\Users\User\Desktop\avidemux_2-6-14_win32.exe
2017-03-21 15:49 - 2017-03-21 15:55 - 065712928 _____ (Online Media Technologies Ltd. ) C:\Users\User\Desktop\AVSVideoConverter.exe
2023-09-28 11:36 - 2023-09-28 11:36 - 002382848 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-03-15 19:12 - 2019-03-15 19:13 - 022590695 _____ (IVCSOFT, Anh NGUYEN ) C:\Users\User\Desktop\internet_video_converter_hd_5.50_fr_std_setup.exe
2017-11-08 16:36 - 2017-11-08 16:40 - 108884406 _____ (Axpha ) C:\Users\User\Desktop\labography.exe
2017-11-08 19:01 - 2017-11-08 19:02 - 005202180 _____ C:\Users\User\Desktop\pf7-setup-fr-7.2.1.exe
2023-09-28 01:08 - 2023-09-28 01:08 - 003343008 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPCleaner.exe
2023-09-28 11:03 - 2023-09-28 11:03 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2020-10-31 21:38 - 2020-10-31 21:38 - 001540456 _____ (Igor Pavlov) C:\Users\User\Downloads\7z2002-arm64.exe
2015-10-24 02:49 - 2015-10-24 03:04 - 132488258 _____ C:\Users\User\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
2020-08-10 01:13 - 2020-08-10 01:15 - 043467824 _____ (DownloadHelper ) C:\Users\User\Downloads\Appli Compagnon.exe
2015-10-23 16:48 - 2015-10-23 16:49 - 002469272 _____ (Vincent Brévart ) C:\Users\User\Downloads\belatout530.exe
2021-06-05 00:17 - 2021-06-05 00:17 - 007571456 _____ (Open-Shell) C:\Users\User\Downloads\OpenShellSetup_4_4_160.exe
2022-06-12 19:06 - 2022-06-12 19:06 - 007380480 _____ (Open-Shell) C:\Users\User\Downloads\OpenShellSetup_4_4_170.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {58a94e70-7685-11e5-a71f-806e6f6e6963}
{58a94e77-7685-11e5-a71f-806e6f6e6963}
{58a94e71-7685-11e5-a71f-806e6f6e6963}
{bootmgr}
{58a94e76-7685-11e5-a71f-806e6f6e6963}
{58a94e78-7685-11e5-a71f-806e6f6e6963}
{58a94e73-7685-11e5-a71f-806e6f6e6963}
{58a94e74-7685-11e5-a71f-806e6f6e6963}
{58a94e75-7685-11e5-a71f-806e6f6e6963}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6d-7685-11e5-a71f-806e6f6e6963}
description Setup
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6e-7685-11e5-a71f-806e6f6e6963}
description Boot Menu
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6f-7685-11e5-a71f-806e6f6e6963}
description Diagnostic Splash
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e70-7685-11e5-a71f-806e6f6e6963}
description USB FDD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e71-7685-11e5-a71f-806e6f6e6963}
description USB CD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e72-7685-11e5-a71f-806e6f6e6963}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\lrsBootMgr.efi
description Lenovo Recovery System
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e73-7685-11e5-a71f-806e6f6e6963}
description ATAPI CD: PLDS DVD-RW DS8A8SH
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e74-7685-11e5-a71f-806e6f6e6963}
description PCI LAN: EFI Network (IPv4)
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e75-7685-11e5-a71f-806e6f6e6963}
description PCI LAN: EFI Network (IPv6)
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e76-7685-11e5-a71f-806e6f6e6963}
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e77-7685-11e5-a71f-806e6f6e6963}
description USB HDD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e78-7685-11e5-a71f-806e6f6e6963}
description ATA HDD: WDC WD10JPVT-24A1YT0
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
device ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume8
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par User (administrateur) sur PC-LENOVO-STÉPH (LENOVO ChiefRiver Platform) (28-09-2023 11:38:23)
Exécuté depuis C:\Users\User\Desktop\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3448 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\User\Desktop\ZHPSuite.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <21>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Proton Technologies AG -> ) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.WireGuardService.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.1\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-05-12] (Open-Shell) [Fichier non signé]
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2020-08-12] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.43\Installer\setup.exe [3796520 2023-09-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-08-23] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210112 2023-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwCP.dll [2012-07-30] (Broadcom Corporation -> Broadcom Corporation.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C47B3952-D67F-4038-86B2-DA7C38A8834C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B520E0C3-2FF7-4888-AA5B-1A636470C2D6} - System32\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1B7FE57F-2B37-4CBC-9B31-4A8A151C3D7C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A983F8CE-B187-4ABD-B455-883155B973D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A5D50D0-BDF5-470C-9218-106469EF570F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124496 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {90649A46-0E10-41B0-853F-FD77D261D6F9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124496 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE5F6402-16FA-4D04-A779-99F695A76263} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [834680 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {A3DF0BD7-5AEC-4F4F-8F2C-778AD6816398} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2021-01-15] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C30BCD0C-A15A-4FC4-8368-8D84A74CA38E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {45208ED4-7C4F-45D5-BB31-A5876B5EB8F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBDA0E03-61CA-42FB-B59E-B4FA1E4923B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06D645E1-C5D0-4193-AA3A-EC9D3157A96E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {76DA94C1-978B-4A68-9AAF-79C949324411} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-09-27] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DD1707CC-F96D-4236-A9AA-64FEC836A862} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {FB1460CC-8BF0-4947-977C-EE4C001D0B76} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 ] (Synaptics Incorporated -> Synaptics Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{07e5b248-3456-42d9-b3f1-1681055429eb}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cdd9aa6a-c17f-4a9e-b56f-63ed7ea59cec}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-28]
Edge Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: sdcf5m94.default-1449679278495-1622248414203
FF DefaultProfile: bjcbl64y.default
FF ProfilePath: C:\Users\User\AppData\Roaming\TomTom\HOME\Profiles\2xvvmal5.default [2019-07-16]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-07-16] [] [non signé]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 [2023-09-28]
FF Homepage: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.google.fr/
FF Session Restore: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.gametwist.com; hxxps://odysee.com; hxxps://www.piecesauto.fr; hxxps://twitter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bookmark search plus 2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\bookmarksearchplus2@aafn.org.xpi [2023-09-24]
FF Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\firefox@online-convert.com.xpi [2021-05-29]
FF Extension: (I don't care about cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-09-26]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-09-15]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\uBlock0@raymondhill.net.xpi [2023-09-26]
FF Extension: (Reverse Image Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2023-02-22]
FF Extension: (Tab Suspender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{29780561-0607-49f3-aba9-fb8806d2f22d}.xpi [2021-05-29]
FF Extension: (Privacy Pass) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{48748554-4c01-49e8-94af-79662bf34d50}.xpi [2023-09-04]
FF Extension: (New Tab Homepage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2021-05-29]
FF Extension: (Flash and Video Download) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2021-05-29]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-25]
FF Extension: (Auto Tab Discard) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-12-20]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default [2023-02-03]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF NewTab: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF Session Restore: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> est activé.
FF Extension: (Français (FR) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default\Extensions\langpack-fr@palemoon.org.xpi [2022-06-15] [] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11879392 2023-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-20] (Malwarebytes Inc. -> Malwarebytes)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPNService.exe [472168 2023-08-23] (Proton Technologies AG -> ProtonVPN)
R3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.WireGuardService.exe [471656 2023-08-23] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl73342e35; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{408BA1BB-CEF0-4E8C-83B7-561035E043B3}\MpKslDrv.sys [222464 2023-09-28] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.1\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-28 11:38 - 2023-09-28 11:40 - 000024679 _____ C:\Users\User\Desktop\FRST.txt
2023-09-28 11:37 - 2023-09-28 11:40 - 000000000 ____D C:\FRST
2023-09-28 11:36 - 2023-09-28 11:36 - 002382848 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-09-28 11:21 - 2023-09-28 11:21 - 000186290 _____ C:\Users\User\Desktop\ZHPDiag.txt
2023-09-28 11:03 - 2023-09-28 11:03 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2023-09-28 04:36 - 2023-09-28 04:39 - 000000000 ____D C:\AdwCleaner
2023-09-28 04:34 - 2023-09-28 04:34 - 008791352 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner.exe
2023-09-28 02:43 - 2023-09-28 02:43 - 000036266 _____ C:\Users\User\Desktop\ZHPCleaner (R).html
2023-09-28 02:43 - 2023-09-28 02:43 - 000021555 _____ C:\Users\User\Desktop\ZHPCleaner (R).txt
2023-09-28 02:30 - 2023-09-28 02:30 - 000036283 _____ C:\Users\User\Desktop\ZHPCleaner (S).html
2023-09-28 02:30 - 2023-09-28 02:30 - 000021601 _____ C:\Users\User\Desktop\ZHPCleaner (S).txt
2023-09-28 01:10 - 2023-09-28 11:04 - 000000000 ____D C:\Users\User\AppData\Local\ZHP
2023-09-28 01:10 - 2023-09-28 01:12 - 000000931 _____ C:\Users\User\Desktop\ZHPCleaner.lnk
2023-09-28 01:08 - 2023-09-28 01:08 - 003343008 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPCleaner.exe
2023-09-21 17:43 - 2023-09-21 17:43 - 000180663 _____ C:\Users\User\Downloads\Invitation JOB DATING GROUPE LA POSTE CHAIX .pdf
2023-09-20 16:45 - 2023-09-20 16:45 - 000143224 _____ C:\Users\User\Downloads\RIB Caav SC.pdf
2023-09-20 16:44 - 2023-09-20 16:44 - 000760462 _____ C:\Users\User\Downloads\Auto de prlvt NGE.pdf
2023-09-13 12:36 - 2023-09-13 12:36 - 000000000 ___HD C:\$WinREAgent
2023-09-13 02:23 - 2023-09-28 02:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-09-09 21:45 - 2023-09-09 21:45 - 000005285 _____ C:\Users\User\Downloads\CA20230909_214531.xlsx
2023-09-08 12:18 - 2023-09-08 12:18 - 000102539 _____ C:\Users\User\Downloads\Attestation pmt de juillet 2022 à juillet 2023.pdf
2023-08-31 22:46 - 2023-08-31 22:46 - 009261782 _____ C:\Users\User\Downloads\stationnement-payant.pdf
2023-08-29 15:01 - 2023-09-28 02:58 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-08-29 15:00 - 2023-08-29 15:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-07-08 22:18 - 2023-07-08 22:19 - 000000000 ____D C:\ProgramData\ProtonVPN
2023-07-08 22:17 - 2023-09-04 21:00 - 000000992 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-07-08 22:17 - 2023-09-04 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-07-08 22:16 - 2023-07-08 22:16 - 000000000 ____D C:\Program Files\Proton
2023-07-02 23:47 - 2023-07-02 23:47 - 000073202 _____ C:\Users\User\Downloads\Bulletins de Paie du 06 2023 (1).pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-28 11:32 - 2020-08-12 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-28 11:21 - 2018-05-01 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\ZHP
2023-09-28 04:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-28 04:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-28 04:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-28 03:12 - 2022-02-10 11:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-28 02:55 - 2020-08-12 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-28 02:55 - 2020-08-12 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-28 02:55 - 2015-10-23 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-28 02:54 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-28 02:53 - 2021-06-05 00:47 - 000000000 ____D C:\Users\User\AppData\Local\OpenShell
2023-09-27 17:52 - 2015-10-23 16:34 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 02:25 - 2020-06-22 02:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-27 02:24 - 2020-06-22 02:40 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-26 15:29 - 2018-07-11 14:39 - 000000000 ____D C:\ProgramData\Packages
2023-09-26 15:27 - 2021-12-13 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-09-26 15:27 - 2020-08-12 23:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-09-26 15:27 - 2020-08-12 23:09 - 000002475 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-22 22:11 - 2017-12-30 22:41 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2023-09-22 22:10 - 2018-05-29 23:09 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2023-09-16 22:14 - 2017-02-04 04:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-09-14 17:10 - 2020-08-12 23:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-14 17:10 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-14 17:10 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-14 17:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-14 17:03 - 2021-06-10 04:46 - 000466872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-14 02:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-14 02:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 15:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 15:01 - 2020-08-12 23:10 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 12:24 - 2015-10-24 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 12:09 - 2015-10-24 04:06 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-08 14:17 - 2017-08-08 19:29 - 000000000 ____D C:\Users\User\Documents\CAF
2023-09-08 13:49 - 2015-12-23 22:16 - 000000000 ____D C:\Users\User\Documents\H
2023-09-07 08:43 - 2016-11-16 21:04 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2023-09-05 13:00 - 2021-07-01 17:23 - 000000000 ____D C:\Users\User\AppData\Local\ProtonVPN
2023-08-31 14:40 - 2021-06-28 12:08 - 000000000 ____D C:\KPRM
2023-08-31 12:37 - 2016-02-18 17:07 - 000000000 ____D C:\Users\User\Documents\Impôts
2023-08-30 22:20 - 2015-10-26 17:02 - 000000000 ____D C:\Users\User\AppData\LocalLow\Temp
2023-08-30 18:13 - 2020-08-12 23:09 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows
2023-08-30 13:18 - 2018-05-29 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-30 13:14 - 2021-01-22 08:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-29 21:33 - 2020-08-12 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2023-08-29 21:33 - 2020-08-12 23:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-08-29 17:06 - 2018-06-20 01:47 - 000000000 ____D C:\Users\User\Documents\Désinfection
2023-08-29 15:00 - 2023-02-05 19:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-29 14:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-29 14:54 - 2017-10-22 17:01 - 000000000 ____D C:\Program Files\Malwarebytes
==================== SigCheckExt =========================
2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-08-22 13:45 - 2013-08-22 13:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 13:43 - 2013-08-22 13:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
2016-07-13 16:40 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-12 14:55 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2014-11-21 01:20 - 2014-11-21 01:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-11-21 01:20 - 2014-11-21 01:20 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 13:42 - 2013-08-22 13:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2012-08-27 08:15 - 2012-08-23 10:08 - 000116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v2843.dll
2017-05-10 20:19 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 13:43 - 2016-07-17 00:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2015-10-19 09:36 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-11-21 06:34 - 2014-11-21 06:34 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2022-05-12 18:56 - 2022-05-12 18:56 - 000407552 _____ (Open-Shell) C:\WINDOWS\system32\StartMenuHelper64.dll
2015-10-26 18:29 - 2015-10-26 18:29 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-10-26 18:22 - 2015-10-26 18:22 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000409600 _____ (Complementary Colors) C:\WINDOWS\SysWOW64\Achroma.dll
2013-08-22 06:17 - 2013-08-22 06:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000094208 _____ (aaa) C:\WINDOWS\SysWOW64\CMDLGD6.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-19 09:35 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2013-08-22 06:14 - 2013-08-22 06:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 06:14 - 2013-08-22 06:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2017-11-08 16:42 - 2016-02-03 11:18 - 000348160 _____ C:\WINDOWS\SysWOW64\FiltreAlpha.dll
2017-11-08 16:43 - 2008-05-02 15:27 - 000393216 _____ (NiceFeather Software Solutions Corporation) C:\WINDOWS\SysWOW64\FontCombo.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000057344 _____ (Hallé) C:\WINDOWS\SysWOW64\FreeThreader.dll
2017-03-14 23:59 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 13:44 - 2016-07-17 00:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2015-10-19 09:36 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000028672 _____ (Sologiciel) C:\WINDOWS\SysWOW64\IntelTextFileOperation.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll
2012-04-20 13:59 - 2012-04-20 13:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe
2016-05-18 14:49 - 2016-05-18 14:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll
2015-10-30 09:19 - 2016-09-14 14:10 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 09:19 - 2016-09-14 14:10 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2FR.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 001046288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL
2016-05-18 14:49 - 2016-05-18 14:49 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL
2017-11-08 16:42 - 2001-08-24 17:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2015-10-19 09:51 - 2012-03-23 19:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll
2016-05-18 14:49 - 2016-05-18 14:49 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll
2017-11-08 16:43 - 2017-11-08 16:43 - 000003584 _____ C:\WINDOWS\SysWOW64\multit.dll
2017-11-08 16:42 - 2005-07-27 12:43 - 000765952 _____ (Polar) C:\WINDOWS\SysWOW64\PolarSpellChecker.dll
2010-01-27 04:09 - 2010-01-27 04:09 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2017-11-08 16:43 - 2013-08-05 21:44 - 000416768 _____ C:\WINDOWS\SysWOW64\QRCodeLib.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL
2017-05-10 18:40 - 2016-05-18 14:49 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnfr.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000040960 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\SSubTmr6.dll
2022-05-12 18:59 - 2022-05-12 18:59 - 000334336 _____ (Open-Shell) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2017-11-08 16:43 - 2011-06-29 23:03 - 001314816 _____ C:\WINDOWS\SysWOW64\TIFF2PDF.dll
2017-11-08 16:42 - 2009-09-10 15:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2017-11-08 16:42 - 2009-09-10 15:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2017-11-08 16:43 - 2010-07-27 17:02 - 000245815 _____ (GreenReaper Studios) C:\WINDOWS\SysWOW64\VBTablet.dll
2017-11-08 16:43 - 2012-02-01 18:59 - 000792064 _____ C:\WINDOWS\SysWOW64\viscomdocx.dll
2017-11-08 16:43 - 2008-05-13 08:27 - 000172032 _____ C:\WINDOWS\SysWOW64\viscomgifenc.dll
2017-11-08 16:43 - 2007-01-27 04:45 - 000520192 _____ C:\WINDOWS\SysWOW64\viscompdf.dll
2017-11-08 16:43 - 2011-10-04 13:08 - 000282624 _____ C:\WINDOWS\SysWOW64\viscompsd.dll
2016-08-17 13:28 - 2010-07-25 22:23 - 000002272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\W95INF16.DLL
2016-08-17 13:28 - 2010-07-25 22:23 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\W95INF32.DLL
2018-01-10 18:59 - 2018-01-10 18:59 - 001110564 _____ (Igor Pavlov) C:\Users\User\Desktop\7z1604.exe
2017-03-29 16:53 - 2017-03-29 16:54 - 024982849 _____ C:\Users\User\Desktop\avidemux_2-6-14_win32.exe
2017-03-21 15:49 - 2017-03-21 15:55 - 065712928 _____ (Online Media Technologies Ltd. ) C:\Users\User\Desktop\AVSVideoConverter.exe
2023-09-28 11:36 - 2023-09-28 11:36 - 002382848 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-03-15 19:12 - 2019-03-15 19:13 - 022590695 _____ (IVCSOFT, Anh NGUYEN ) C:\Users\User\Desktop\internet_video_converter_hd_5.50_fr_std_setup.exe
2017-11-08 16:36 - 2017-11-08 16:40 - 108884406 _____ (Axpha ) C:\Users\User\Desktop\labography.exe
2017-11-08 19:01 - 2017-11-08 19:02 - 005202180 _____ C:\Users\User\Desktop\pf7-setup-fr-7.2.1.exe
2023-09-28 01:08 - 2023-09-28 01:08 - 003343008 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPCleaner.exe
2023-09-28 11:03 - 2023-09-28 11:03 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2020-10-31 21:38 - 2020-10-31 21:38 - 001540456 _____ (Igor Pavlov) C:\Users\User\Downloads\7z2002-arm64.exe
2015-10-24 02:49 - 2015-10-24 03:04 - 132488258 _____ C:\Users\User\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe
2020-08-10 01:13 - 2020-08-10 01:15 - 043467824 _____ (DownloadHelper ) C:\Users\User\Downloads\Appli Compagnon.exe
2015-10-23 16:48 - 2015-10-23 16:49 - 002469272 _____ (Vincent Brévart ) C:\Users\User\Downloads\belatout530.exe
2021-06-05 00:17 - 2021-06-05 00:17 - 007571456 _____ (Open-Shell) C:\Users\User\Downloads\OpenShellSetup_4_4_160.exe
2022-06-12 19:06 - 2022-06-12 19:06 - 007380480 _____ (Open-Shell) C:\Users\User\Downloads\OpenShellSetup_4_4_170.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {58a94e70-7685-11e5-a71f-806e6f6e6963}
{58a94e77-7685-11e5-a71f-806e6f6e6963}
{58a94e71-7685-11e5-a71f-806e6f6e6963}
{bootmgr}
{58a94e76-7685-11e5-a71f-806e6f6e6963}
{58a94e78-7685-11e5-a71f-806e6f6e6963}
{58a94e73-7685-11e5-a71f-806e6f6e6963}
{58a94e74-7685-11e5-a71f-806e6f6e6963}
{58a94e75-7685-11e5-a71f-806e6f6e6963}
timeout 2
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6d-7685-11e5-a71f-806e6f6e6963}
description Setup
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6e-7685-11e5-a71f-806e6f6e6963}
description Boot Menu
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e6f-7685-11e5-a71f-806e6f6e6963}
description Diagnostic Splash
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e70-7685-11e5-a71f-806e6f6e6963}
description USB FDD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e71-7685-11e5-a71f-806e6f6e6963}
description USB CD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e72-7685-11e5-a71f-806e6f6e6963}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\lrsBootMgr.efi
description Lenovo Recovery System
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e73-7685-11e5-a71f-806e6f6e6963}
description ATAPI CD: PLDS DVD-RW DS8A8SH
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e74-7685-11e5-a71f-806e6f6e6963}
description PCI LAN: EFI Network (IPv4)
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e75-7685-11e5-a71f-806e6f6e6963}
description PCI LAN: EFI Network (IPv6)
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e76-7685-11e5-a71f-806e6f6e6963}
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e77-7685-11e5-a71f-806e6f6e6963}
description USB HDD:
Application logicielle (101fffff)
--------------------------------
identificateur {58a94e78-7685-11e5-a71f-806e6f6e6963}
description ATA HDD: WDC WD10JPVT-24A1YT0
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
device ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume8]\Recovery\WindowsRE\Winre.wim,{c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {c649a027-dce7-11ea-8ec1-9a06f63fc4b6}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c649a029-dce7-11ea-8ec1-9a06f63fc4b6}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {c649a02a-dce7-11ea-8ec1-9a06f63fc4b6}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume8
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================