Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par famil (administrateur) sur DESKTOP-RUSBT00 (03-09-2023 14:04:21)
Exécuté depuis C:\Users\famil\Desktop\FRST64.exe
Profils chargés: famil
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Alsoft\AlService.exe ->) () [Fichier non signé] C:\Program Files (x86)\Alsoft\AlApp.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Leosoft EOOD -> Leosoft) C:\Program Files (x86)\Eye Saver\Eye Saver.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(services.exe ->) () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Alsoft\AlService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Goliath Media Limited -> GOLIATH MEDIA LIMITED) C:\Program Files (x86)\ShieldVPN\shieldsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2624376 2023-01-09] (Leosoft EOOD -> Leosoft)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38768640 2022-10-19] (Piriform Software Ltd) [Fichier non signé]
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [GigaTribe] => C:\Program Files (x86)\GigaTribe\GigaTribe.exe [3896080 2021-08-30] (Gigatribe -> D1FFER)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [MicrosoftEdgeAutoLaunch_24536CA2FBE58A17D844EFB90AC3F324] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [58088856 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Uninstall 22.186.0904.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\22.186.0904.0001" [0 2022-09-29] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\UDC: C:\Windows\system32\udcpm.dll [44784 2017-12-28] (fCoder SIA -> fCoder Group, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.141\Installer\chrmstp.exe [2023-09-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\Installer\chrmstp.exe [2023-08-31] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A53D78A3-493E-4115-AA42-81AFD791C0B6} - pas de chemin du fichier. <==== ATTENTION
Task: {7ADBA967-ED46-49E4-A41D-98B7A7D08C9B} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C19E812D-C1EF-45CC-8DCB-249FD4A2AFE2} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF38B0A4-757B-4D53-9F7C-73D70E6A3198} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3D270772-FC05-4995-86A0-F5D6E4D3798B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7f0c1dd7-f2ec-46b5-a520-42054c965198" --version "6.05.10102" --silent
Task: {28ECD1E1-BE94-444A-BEEC-4858657784BA} - System32\Tasks\CCleanerSkipUAC - famil => C:\Program Files\CCleaner\CCleaner64.exe [38768640 2022-10-19] (Piriform Software Ltd) [Fichier non signé]
Task: {0FC557DA-E508-4703-82EA-BAD688806D89} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [241408 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
Task: {2EC7E9D3-1939-4AFB-BFC2-08FC42474BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {6E39600C-6BF7-45E6-B23B-8314482B748C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {53344B35-7DA3-4BF9-88FC-ACC19A4F023B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier)
Task: {257E9DFA-30B8-4037-A4D0-B9A5412900B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {362E253B-CFD3-41A6-850E-68552295702E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7643D2W0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /ForDevice:CN7643D2W0 (Pas de fichier)
Task: {E4732110-6D47-4860-92E3-B8EDB2B8F1AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {845711C0-EB40-4B2B-B5DD-2C93054CD525} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439072 2021-11-17] (HP Inc. -> HP Inc.)
Task: {A7F09BC7-93D1-481A-8CD2-7CB5C3ADF704} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1099141874-690757217-4216510690-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2021-12-17] (Mega Limited -> )
Task: {B46410FD-E19A-4CDB-AD05-BE0997DB6BDF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B078BAE-02FF-4ADC-8C5F-91BBD57129DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {71CF1A85-B76C-4EFB-B80E-1BD37D0A6CD8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B27B683-AE27-4F6F-8AC3-7A9F3538DC99} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {92BC15A9-33FB-4085-B137-7046647B8F8C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE723C-169E-4D3A-B512-9E15955F7F9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26D9E8F7-C3AF-4879-BD81-D53D318D10A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4AA1377-DD37-4931-8A35-16D8B4553DFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F9F96F0-928A-4A9F-BC03-4F16285FBA56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F7D5946-7CF5-4268-8364-C42785CD235C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FE508C2C-4056-4A5F-801E-B3C128E6E459} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-02] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af0bf45c-5c32-47cd-a837-7ca52203d3ba}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c1924eba-1a27-4bdd-bfe0-91708f6f0f12}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e7c5f21f-41c9-452d-8495-680c7fbd6d85}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fbe587d7-f8f5-4711-8976-861544b98ed7}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\famil\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-03]
Edge Extension: (Google Docs hors connexion) - C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-28]
FireFox:
========
FF DefaultProfile: na0y3daa.default
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\s2tf91fj.App [2023-09-02]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\na0y3daa.default [2023-09-02]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release [2023-09-03]
FF DownloadDir: F:
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2022-10-22]
FF Extension: (TWP - Translate Web Pages) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2023-08-10]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2023-04-17]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\famil\AppData\Local\Google\Chrome\User Data\Default [2023-09-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\famil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-22]
Opera:
=======
OPR Profile: C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable [2023-08-22]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-08-19]
OPR Extension: (Opera Wallet) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-19]
OPR Extension: (Aria) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-19]
Brave:
=======
BRA Profile: C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-02]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-08-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-08-21]
BRA Extension: (Brave NTP background images) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-08-21]
BRA Extension: (Wallet Data Files Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-08-21]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-26]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-26]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-08-18]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-08-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-08-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-08-19]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AlService; C:\Program Files (x86)\Alsoft\AlService.exe [75304520 2022-06-12] () [Fichier non signé] [Fichier en cours d'utilisation]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\brave_vpn_helper.exe [3171864 2023-08-30] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-08-30] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774392 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
S4 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69840 2023-02-27] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2022-04-22] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S4 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [886528 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
S4 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [73984 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-02] (Malwarebytes Inc. -> Malwarebytes)
S4 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [129024 2019-01-02] (QUALCOMM, Inc.) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShieldVPNService; C:\Program Files (x86)\ShieldVPN\shieldsvc.exe [7496216 2023-07-25] (Goliath Media Limited -> GOLIATH MEDIA LIMITED)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 BraveElevationService1d998cc10104a50; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [38832 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [39312 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [45976 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-15] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-14] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [45056 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2021-07-21] (IDRIX SARL -> IDRIX)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 14:04 - 2023-09-03 14:06 - 000031589 _____ C:\Users\famil\Desktop\FRST.txt
2023-09-03 12:54 - 2023-09-03 12:54 - 000217360 _____ C:\Users\famil\Desktop\ZHPDiag.txt
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2023-09-02 18:59 - 2023-09-02 18:59 - 000000030 _____ C:\WINDOWS\system32\.UkIVDL
2023-09-02 17:46 - 2023-09-02 19:02 - 000000000 ____D C:\Users\famil\AppData\Local\Malwarebytes
2023-09-02 17:45 - 2023-09-02 17:45 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-02 17:45 - 2023-09-02 17:45 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-02 17:44 - 2023-09-02 17:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-02 17:44 - 2023-09-02 17:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-02 17:43 - 2023-09-02 17:43 - 002606880 _____ (Malwarebytes) C:\Users\famil\Desktop\MBSetup.exe
2023-09-02 17:41 - 2023-09-02 17:41 - 000000000 ____D C:\ProgramData\rvlkl
2023-09-02 17:34 - 2023-09-02 17:38 - 000000000 ____D C:\AdwCleaner
2023-09-02 17:34 - 2023-09-02 17:34 - 008791352 _____ (Malwarebytes) C:\Users\famil\Desktop\adwcleaner_8.4.0.exe
2023-09-02 16:40 - 2023-09-02 16:40 - 000000887 _____ C:\Users\famil\Desktop\ZHPCleaner.lnk
2023-09-02 10:05 - 2023-09-03 14:05 - 000000000 ____D C:\FRST
2023-09-02 09:27 - 2023-09-03 12:37 - 000000736 _____ C:\Users\famil\Desktop\ZHPSuite.lnk
2023-09-02 09:27 - 2023-09-02 16:40 - 000000000 ____D C:\Users\famil\AppData\Local\ZHP
2023-09-02 08:59 - 2023-09-02 08:59 - 002382336 _____ (Farbar) C:\Users\famil\Desktop\FRST64.exe
2023-08-28 12:39 - 2023-08-28 12:39 - 000029888 ____R C:\Users\famil\Downloads\ticket-PAYFIP0000000086234431.pdf
2023-08-21 10:23 - 2023-08-21 10:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-08-19 01:21 - 2023-08-19 01:21 - 000000000 ____D C:\Users\famil\AppData\Local\Gh
2023-08-18 13:38 - 2023-08-18 13:38 - 000000000 ____D C:\Users\famil\AppData\Roaming\ReasonLabs
2023-08-18 12:36 - 2023-08-18 13:37 - 000000000 ____D C:\Users\famil\AppData\Roaming\rav-antivirus-client
2023-08-18 12:36 - 2023-08-18 12:36 - 000001243 _____ C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAV Antivirus.lnk
2023-08-18 12:28 - 2023-08-18 12:28 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2023-08-18 12:28 - 2023-08-18 12:28 - 000000000 ____D C:\Users\famil\AppData\Local\Opera Software
2023-08-18 12:26 - 2023-08-18 12:26 - 000000000 ____D C:\Users\famil\AppData\Roaming\Opera Software
2023-08-16 15:03 - 2023-08-16 15:03 - 000000000 ___HD C:\$WinREAgent
2023-08-03 13:32 - 2023-08-03 13:32 - 000757945 ____R C:\Users\famil\Downloads\Consignes-1.pdf
2023-08-03 13:32 - 2023-08-03 13:32 - 000518343 ____R C:\Users\famil\Downloads\IPID-1.pdf
2023-08-03 13:31 - 2023-08-03 13:31 - 000017594 ____R C:\Users\famil\Downloads\Courrier d_accompagnement au 2023-06-22-1.pdf
2023-08-03 13:27 - 2023-08-03 13:27 - 000702720 ____R C:\Users\famil\Downloads\Contrat comptes et services au 2023-06-22-1.PDF
2023-08-03 13:26 - 2023-08-03 13:26 - 000016960 ____R C:\Users\famil\Downloads\Lettre de confirmation au 2023-06-22-1.pdf
2023-08-03 13:21 - 2023-08-03 13:21 - 000087868 ____R C:\Users\famil\Downloads\bul_2023_07_01521508-DOC-RH-BUL-459570.pdf
2023-08-03 11:45 - 2023-08-03 11:45 - 000122709 ____R C:\Users\famil\Downloads\dbc4ad2d-569a-4f90-acdc-b696604ea7b4.pdf
2023-07-29 16:34 - 2023-07-29 16:34 - 000000000 ____D C:\Program Files (x86)\ShieldVPN
2023-07-07 17:09 - 2023-07-07 17:09 - 000063547 ____R C:\Users\famil\Downloads\MAIF_Avis_Echeance_2023.pdf
2023-07-07 17:08 - 2023-07-07 17:08 - 000024693 ____R C:\Users\famil\Downloads\Attestation_Vehicule.pdf
2023-07-04 20:12 - 2023-07-04 20:12 - 000030082 ____R C:\Users\famil\Downloads\ticket-PAYFIP0000000081669887.pdf
2023-07-04 19:52 - 2023-07-04 19:52 - 000518343 ____R C:\Users\famil\Downloads\IPID.pdf
2023-07-04 19:51 - 2023-07-04 19:51 - 000757945 ____R C:\Users\famil\Downloads\Consignes.pdf
2023-07-04 19:51 - 2023-07-04 19:51 - 000016960 ____R C:\Users\famil\Downloads\Lettre de confirmation au 2023-06-22.pdf
2023-07-04 19:50 - 2023-07-04 19:50 - 000017594 ____R C:\Users\famil\Downloads\Courrier d_accompagnement au 2023-06-22.pdf
2023-07-04 19:48 - 2023-07-04 19:48 - 000702720 ____R C:\Users\famil\Downloads\Contrat comptes et services au 2023-06-22.PDF
2023-07-02 10:00 - 2023-07-02 10:00 - 000130997 ____R C:\Users\famil\Downloads\mary lou - Bb-1.pdf
2023-07-02 09:13 - 2023-07-02 09:13 - 000036677 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - Saxophone ténor 1.pdf
2023-07-02 09:13 - 2023-07-02 09:13 - 000036581 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - Saxophone ténor 2.pdf
2023-07-02 09:12 - 2023-07-02 09:12 - 001532924 ____R C:\Users\famil\Downloads\Numérisation_20201214 (3).pdf
2023-07-02 09:12 - 2023-07-02 09:12 - 000058884 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - .pdf
2023-07-02 09:11 - 2023-07-02 09:11 - 001900599 ____R C:\Users\famil\Downloads\Numérisation_20201214 (2).pdf
2023-07-02 09:09 - 2023-07-02 09:09 - 000078107 ____R C:\Users\famil\Downloads\Autres Triades .pdf
2023-07-02 09:09 - 2023-07-02 09:09 - 000026128 ____R C:\Users\famil\Downloads\Gammes Bebop.pdf
2023-07-02 09:06 - 2023-07-02 09:06 - 000040599 ____R C:\Users\famil\Downloads\Autour des notes de triades majeures tome 2 - Partition complète.pdf
2023-07-02 09:05 - 2023-07-02 09:05 - 000040942 ____R C:\Users\famil\Downloads\Autour des notes de triades mineures tome 4 - Partition complète.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000123524 ____R C:\Users\famil\Downloads\I got rhythm en C Bb Eb F.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000035656 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Eb.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000035046 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Bb.pdf
2023-07-02 09:02 - 2023-07-02 09:02 - 000035356 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Ut.pdf
2023-06-27 13:03 - 2023-06-27 13:03 - 000631178 _____ C:\Users\famil\Desktop\CG_KIA.pdf
2023-06-26 09:15 - 2023-06-26 09:15 - 000073391 ____R C:\Users\famil\Downloads\ATTESTATION_PROV-26-06-2023-073f3e1b-44f1-4f30-9eaf-d391aebe5b7c.pdf
2023-06-24 12:30 - 2023-06-24 12:30 - 000438272 ____R C:\Users\famil\Downloads\Note departementale HC 2023.pdf
2023-06-24 12:29 - 2023-06-24 12:29 - 000091136 ____R C:\Users\famil\Downloads\Campagne insciption_ stages MIN 2023-2024.pdf
2023-06-16 20:43 - 2023-06-16 20:43 - 000799407 ____R C:\Users\famil\Downloads\Scan_0116.pdf
2023-06-15 17:31 - 2023-06-15 17:31 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\QuickStyles
2023-06-08 12:02 - 2023-06-08 12:02 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\Bibliography
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 14:03 - 2020-11-19 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-03 13:54 - 2022-06-12 03:11 - 000000000 ____D C:\ProgramData\Alsoft
2023-09-03 13:40 - 2021-12-17 00:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-03 13:40 - 2020-08-20 12:42 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-03 12:54 - 2020-08-10 11:24 - 000000000 ____D C:\Users\famil\AppData\Roaming\ZHP
2023-09-03 12:37 - 2021-04-05 17:01 - 000000000 ____D C:\Users\famil
2023-09-03 07:47 - 2022-09-29 19:47 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-03 07:47 - 2022-09-29 19:47 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-03 07:47 - 2022-03-08 08:41 - 000000000 ____D C:\Program Files\CCleaner
2023-09-03 04:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-03 04:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-03 04:58 - 2020-11-19 01:31 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-03 04:58 - 2020-11-19 01:31 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-03 04:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-02 19:09 - 2021-04-05 17:50 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-02 19:09 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-02 19:09 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-02 19:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-02 19:00 - 2021-04-05 17:46 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-02 19:00 - 2020-11-19 01:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-02 18:59 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-02 18:57 - 2021-02-23 10:42 - 000000000 ____D C:\Users\famil\AppData\Local\CrashDumps
2023-09-02 18:55 - 2022-06-12 03:11 - 000000000 ____D C:\Users\famil\AppData\Local\Alsoft
2023-09-02 17:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-02 17:40 - 2022-01-11 19:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-02 08:55 - 2019-12-18 10:06 - 000001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-01 10:27 - 2019-12-18 10:14 - 000000000 ____D C:\Users\famil\AppData\Local\D3DSCache
2023-08-31 23:28 - 2020-11-19 01:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-31 20:14 - 2021-03-25 07:26 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-08-28 12:53 - 2021-04-05 18:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-28 12:14 - 2022-07-11 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-08-28 12:13 - 2021-08-18 09:44 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-08-19 23:04 - 2023-02-08 10:47 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-19 23:04 - 2023-02-08 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-19 23:04 - 2021-02-21 09:45 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-08-19 23:04 - 2019-12-21 09:02 - 000000000 ____D C:\Program Files\WinRAR
2023-08-19 23:03 - 2021-02-21 09:47 - 000000000 ____D C:\Users\famil\AppData\Roaming\FileZilla
2023-08-19 23:03 - 2021-02-21 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-08-19 09:52 - 2019-12-18 09:59 - 000000000 ____D C:\Users\famil\AppData\Local\Packages
2023-08-18 12:11 - 2020-01-26 19:08 - 000000000 ____D C:\Users\famil\AppData\Roaming\vlc
2023-08-18 09:51 - 2020-08-16 15:52 - 000000128 _____ C:\Users\famil\AppData\Local\PUTTY.RND
2023-08-18 09:13 - 2022-02-09 16:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-17 06:42 - 2020-11-19 00:28 - 000798328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-17 06:40 - 2021-04-05 18:38 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-16 15:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-16 15:15 - 2020-11-19 01:31 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-10 11:03 - 2019-12-18 17:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-10 10:57 - 2019-12-18 17:12 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-10 10:50 - 2020-08-20 12:43 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-10 10:44 - 2021-04-05 17:55 - 000003612 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2023-08-10 10:44 - 2021-04-05 17:55 - 000003488 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2019-12-18 13:03 - 2019-12-18 13:03 - 001566214 _____ () C:\Users\famil\AppData\Roaming\AvidApplicationManager_Install.log
2021-03-13 09:01 - 2021-03-13 09:11 - 000000128 _____ () C:\Users\famil\AppData\Roaming\PUTTY.RND
2020-08-17 07:30 - 2021-12-23 19:17 - 000000128 _____ () C:\Users\famil\AppData\Roaming\winscp.rnd
2020-08-16 15:52 - 2023-08-18 09:51 - 000000128 _____ () C:\Users\famil\AppData\Local\PUTTY.RND
==================== SigCheckExt =========================
2020-11-21 20:09 - 2017-05-03 12:29 - 009614711 _____ (Snoop05) C:\adb-setup-1.4.3.exe
2021-11-04 22:00 - 2021-09-22 12:12 - 001504768 _____ (Cyber.Cat) C:\ADBAppControl.exe
2020-04-06 15:20 - 2003-05-22 11:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2020-04-06 15:20 - 2011-12-07 18:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2020-04-06 15:20 - 2003-05-21 22:50 - 000261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2020-04-06 15:20 - 2002-08-19 23:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2020-04-06 15:20 - 2003-05-21 22:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2001-05-22 01:00 - 2001-05-22 01:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll
2020-04-06 15:20 - 2004-12-10 09:03 - 000438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2020-04-06 15:20 - 2004-07-03 19:59 - 000524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2020-04-06 15:20 - 2004-07-03 20:08 - 000139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2023-09-02 08:59 - 2023-09-02 08:59 - 002382336 _____ (Farbar) C:\Users\famil\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=D:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {8d62a048-b650-11e8-b73e-bbac2dc7f641}
displayorder {current}
{215c8ccc-b650-11e8-97de-a42bb0a651f4}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {215c8ccc-b650-11e8-97de-a42bb0a651f4}
device partition=D:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
loadoptions DDISABLE_INTEGRITY_CHECKS
inherit {bootloadersettings}
recoverysequence {8d62a042-b650-11e8-b73e-bbac2dc7f641}
displaymessageoverride Recovery
recoveryenabled Yes
testsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=D:
systemroot \WINDOWS
resumeobject {215c8ccb-b650-11e8-97de-a42bb0a651f4}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8d62a042-b650-11e8-b73e-bbac2dc7f641}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{8d62a043-b650-11e8-b73e-bbac2dc7f641}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{8d62a043-b650-11e8-b73e-bbac2dc7f641}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {8d62a048-b650-11e8-b73e-bbac2dc7f641}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8d62a04c-b650-11e8-b73e-bbac2dc7f641}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8d62a04c-b650-11e8-b73e-bbac2dc7f641}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {215c8ccb-b650-11e8-97de-a42bb0a651f4}
device partition=D:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8d62a042-b650-11e8-b73e-bbac2dc7f641}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=D:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {8d62a048-b650-11e8-b73e-bbac2dc7f641}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=D:
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {8d62a043-b650-11e8-b73e-bbac2dc7f641}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {8d62a04c-b650-11e8-b73e-bbac2dc7f641}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par famil (administrateur) sur DESKTOP-RUSBT00 (03-09-2023 14:04:21)
Exécuté depuis C:\Users\famil\Desktop\FRST64.exe
Profils chargés: famil
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Alsoft\AlService.exe ->) () [Fichier non signé] C:\Program Files (x86)\Alsoft\AlApp.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Leosoft EOOD -> Leosoft) C:\Program Files (x86)\Eye Saver\Eye Saver.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(services.exe ->) () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\Alsoft\AlService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Goliath Media Limited -> GOLIATH MEDIA LIMITED) C:\Program Files (x86)\ShieldVPN\shieldsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2624376 2023-01-09] (Leosoft EOOD -> Leosoft)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38768640 2022-10-19] (Piriform Software Ltd) [Fichier non signé]
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [GigaTribe] => C:\Program Files (x86)\GigaTribe\GigaTribe.exe [3896080 2021-08-30] (Gigatribe -> D1FFER)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [MicrosoftEdgeAutoLaunch_24536CA2FBE58A17D844EFB90AC3F324] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108328 2023-08-31] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [58088856 2022-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1099141874-690757217-4216510690-1002\...\RunOnce: [Uninstall 22.186.0904.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mattéo\AppData\Local\Microsoft\OneDrive\22.186.0904.0001" [0 2022-09-29] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\UDC: C:\Windows\system32\udcpm.dll [44784 2017-12-28] (fCoder SIA -> fCoder Group, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.141\Installer\chrmstp.exe [2023-09-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\Installer\chrmstp.exe [2023-08-31] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A53D78A3-493E-4115-AA42-81AFD791C0B6} - pas de chemin du fichier. <==== ATTENTION
Task: {7ADBA967-ED46-49E4-A41D-98B7A7D08C9B} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C19E812D-C1EF-45CC-8DCB-249FD4A2AFE2} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF38B0A4-757B-4D53-9F7C-73D70E6A3198} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {3D270772-FC05-4995-86A0-F5D6E4D3798B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7f0c1dd7-f2ec-46b5-a520-42054c965198" --version "6.05.10102" --silent
Task: {28ECD1E1-BE94-444A-BEEC-4858657784BA} - System32\Tasks\CCleanerSkipUAC - famil => C:\Program Files\CCleaner\CCleaner64.exe [38768640 2022-10-19] (Piriform Software Ltd) [Fichier non signé]
Task: {0FC557DA-E508-4703-82EA-BAD688806D89} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [241408 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
Task: {2EC7E9D3-1939-4AFB-BFC2-08FC42474BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {6E39600C-6BF7-45E6-B23B-8314482B748C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {53344B35-7DA3-4BF9-88FC-ACC19A4F023B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier)
Task: {257E9DFA-30B8-4037-A4D0-B9A5412900B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {362E253B-CFD3-41A6-850E-68552295702E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7643D2W0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /ForDevice:CN7643D2W0 (Pas de fichier)
Task: {E4732110-6D47-4860-92E3-B8EDB2B8F1AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {845711C0-EB40-4B2B-B5DD-2C93054CD525} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439072 2021-11-17] (HP Inc. -> HP Inc.)
Task: {A7F09BC7-93D1-481A-8CD2-7CB5C3ADF704} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1099141874-690757217-4216510690-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2021-12-17] (Mega Limited -> )
Task: {B46410FD-E19A-4CDB-AD05-BE0997DB6BDF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B078BAE-02FF-4ADC-8C5F-91BBD57129DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {71CF1A85-B76C-4EFB-B80E-1BD37D0A6CD8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B27B683-AE27-4F6F-8AC3-7A9F3538DC99} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {92BC15A9-33FB-4085-B137-7046647B8F8C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE723C-169E-4D3A-B512-9E15955F7F9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26D9E8F7-C3AF-4879-BD81-D53D318D10A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4AA1377-DD37-4931-8A35-16D8B4553DFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F9F96F0-928A-4A9F-BC03-4F16285FBA56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F7D5946-7CF5-4268-8364-C42785CD235C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FE508C2C-4056-4A5F-801E-B3C128E6E459} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-02] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af0bf45c-5c32-47cd-a837-7ca52203d3ba}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c1924eba-1a27-4bdd-bfe0-91708f6f0f12}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e7c5f21f-41c9-452d-8495-680c7fbd6d85}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fbe587d7-f8f5-4711-8976-861544b98ed7}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\famil\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-03]
Edge Extension: (Google Docs hors connexion) - C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\famil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-28]
FireFox:
========
FF DefaultProfile: na0y3daa.default
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\s2tf91fj.App [2023-09-02]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\na0y3daa.default [2023-09-02]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release [2023-09-03]
FF DownloadDir: F:
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2022-10-22]
FF Extension: (TWP - Translate Web Pages) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2023-08-10]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2023-04-17]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
Chrome:
=======
CHR Profile: C:\Users\famil\AppData\Local\Google\Chrome\User Data\Default [2023-09-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\famil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-22]
Opera:
=======
OPR Profile: C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable [2023-08-22]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-08-19]
OPR Extension: (Opera Wallet) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-19]
OPR Extension: (Aria) - C:\Users\famil\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-19]
Brave:
=======
BRA Profile: C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-02]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-08-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-08-21]
BRA Extension: (Brave NTP background images) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-08-18]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-08-21]
BRA Extension: (Wallet Data Files Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-08-21]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-26]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-26]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-08-18]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-08-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-08-21]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-08-18]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-08-19]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AlService; C:\Program Files (x86)\Alsoft\AlService.exe [75304520 2022-06-12] () [Fichier non signé] [Fichier en cours d'utilisation]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\brave_vpn_helper.exe [3171864 2023-08-30] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-08-30] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-18] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774392 2023-06-13] (Microsoft Corporation -> Microsoft Corporation)
S4 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69840 2023-02-27] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2022-04-22] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S4 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [886528 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
S4 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [73984 2023-02-12] (Glarysoft LTD -> Glarysoft Ltd)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2022-01-20] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-02] (Malwarebytes Inc. -> Malwarebytes)
S4 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [129024 2019-01-02] (QUALCOMM, Inc.) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShieldVPNService; C:\Program Files (x86)\ShieldVPN\shieldsvc.exe [7496216 2023-07-25] (Goliath Media Limited -> GOLIATH MEDIA LIMITED)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 BraveElevationService1d998cc10104a50; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.57\elevation_service.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [38832 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [39312 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [45976 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-15] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-14] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [45056 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831616 2021-07-21] (IDRIX SARL -> IDRIX)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 14:04 - 2023-09-03 14:06 - 000031589 _____ C:\Users\famil\Desktop\FRST.txt
2023-09-03 12:54 - 2023-09-03 12:54 - 000217360 _____ C:\Users\famil\Desktop\ZHPDiag.txt
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2023-09-02 18:59 - 2023-09-02 18:59 - 000000030 _____ C:\WINDOWS\system32\.UkIVDL
2023-09-02 17:46 - 2023-09-02 19:02 - 000000000 ____D C:\Users\famil\AppData\Local\Malwarebytes
2023-09-02 17:45 - 2023-09-02 17:45 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-02 17:45 - 2023-09-02 17:45 - 000002033 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-02 17:44 - 2023-09-02 17:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-02 17:44 - 2023-09-02 17:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-02 17:43 - 2023-09-02 17:43 - 002606880 _____ (Malwarebytes) C:\Users\famil\Desktop\MBSetup.exe
2023-09-02 17:41 - 2023-09-02 17:41 - 000000000 ____D C:\ProgramData\rvlkl
2023-09-02 17:34 - 2023-09-02 17:38 - 000000000 ____D C:\AdwCleaner
2023-09-02 17:34 - 2023-09-02 17:34 - 008791352 _____ (Malwarebytes) C:\Users\famil\Desktop\adwcleaner_8.4.0.exe
2023-09-02 16:40 - 2023-09-02 16:40 - 000000887 _____ C:\Users\famil\Desktop\ZHPCleaner.lnk
2023-09-02 10:05 - 2023-09-03 14:05 - 000000000 ____D C:\FRST
2023-09-02 09:27 - 2023-09-03 12:37 - 000000736 _____ C:\Users\famil\Desktop\ZHPSuite.lnk
2023-09-02 09:27 - 2023-09-02 16:40 - 000000000 ____D C:\Users\famil\AppData\Local\ZHP
2023-09-02 08:59 - 2023-09-02 08:59 - 002382336 _____ (Farbar) C:\Users\famil\Desktop\FRST64.exe
2023-08-28 12:39 - 2023-08-28 12:39 - 000029888 ____R C:\Users\famil\Downloads\ticket-PAYFIP0000000086234431.pdf
2023-08-21 10:23 - 2023-08-21 10:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-08-19 01:21 - 2023-08-19 01:21 - 000000000 ____D C:\Users\famil\AppData\Local\Gh
2023-08-18 13:38 - 2023-08-18 13:38 - 000000000 ____D C:\Users\famil\AppData\Roaming\ReasonLabs
2023-08-18 12:36 - 2023-08-18 13:37 - 000000000 ____D C:\Users\famil\AppData\Roaming\rav-antivirus-client
2023-08-18 12:36 - 2023-08-18 12:36 - 000001243 _____ C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAV Antivirus.lnk
2023-08-18 12:28 - 2023-08-18 12:28 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2023-08-18 12:28 - 2023-08-18 12:28 - 000000000 ____D C:\Users\famil\AppData\Local\Opera Software
2023-08-18 12:26 - 2023-08-18 12:26 - 000000000 ____D C:\Users\famil\AppData\Roaming\Opera Software
2023-08-16 15:03 - 2023-08-16 15:03 - 000000000 ___HD C:\$WinREAgent
2023-08-03 13:32 - 2023-08-03 13:32 - 000757945 ____R C:\Users\famil\Downloads\Consignes-1.pdf
2023-08-03 13:32 - 2023-08-03 13:32 - 000518343 ____R C:\Users\famil\Downloads\IPID-1.pdf
2023-08-03 13:31 - 2023-08-03 13:31 - 000017594 ____R C:\Users\famil\Downloads\Courrier d_accompagnement au 2023-06-22-1.pdf
2023-08-03 13:27 - 2023-08-03 13:27 - 000702720 ____R C:\Users\famil\Downloads\Contrat comptes et services au 2023-06-22-1.PDF
2023-08-03 13:26 - 2023-08-03 13:26 - 000016960 ____R C:\Users\famil\Downloads\Lettre de confirmation au 2023-06-22-1.pdf
2023-08-03 13:21 - 2023-08-03 13:21 - 000087868 ____R C:\Users\famil\Downloads\bul_2023_07_01521508-DOC-RH-BUL-459570.pdf
2023-08-03 11:45 - 2023-08-03 11:45 - 000122709 ____R C:\Users\famil\Downloads\dbc4ad2d-569a-4f90-acdc-b696604ea7b4.pdf
2023-07-29 16:34 - 2023-07-29 16:34 - 000000000 ____D C:\Program Files (x86)\ShieldVPN
2023-07-07 17:09 - 2023-07-07 17:09 - 000063547 ____R C:\Users\famil\Downloads\MAIF_Avis_Echeance_2023.pdf
2023-07-07 17:08 - 2023-07-07 17:08 - 000024693 ____R C:\Users\famil\Downloads\Attestation_Vehicule.pdf
2023-07-04 20:12 - 2023-07-04 20:12 - 000030082 ____R C:\Users\famil\Downloads\ticket-PAYFIP0000000081669887.pdf
2023-07-04 19:52 - 2023-07-04 19:52 - 000518343 ____R C:\Users\famil\Downloads\IPID.pdf
2023-07-04 19:51 - 2023-07-04 19:51 - 000757945 ____R C:\Users\famil\Downloads\Consignes.pdf
2023-07-04 19:51 - 2023-07-04 19:51 - 000016960 ____R C:\Users\famil\Downloads\Lettre de confirmation au 2023-06-22.pdf
2023-07-04 19:50 - 2023-07-04 19:50 - 000017594 ____R C:\Users\famil\Downloads\Courrier d_accompagnement au 2023-06-22.pdf
2023-07-04 19:48 - 2023-07-04 19:48 - 000702720 ____R C:\Users\famil\Downloads\Contrat comptes et services au 2023-06-22.PDF
2023-07-02 10:00 - 2023-07-02 10:00 - 000130997 ____R C:\Users\famil\Downloads\mary lou - Bb-1.pdf
2023-07-02 09:13 - 2023-07-02 09:13 - 000036677 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - Saxophone ténor 1.pdf
2023-07-02 09:13 - 2023-07-02 09:13 - 000036581 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - Saxophone ténor 2.pdf
2023-07-02 09:12 - 2023-07-02 09:12 - 001532924 ____R C:\Users\famil\Downloads\Numérisation_20201214 (3).pdf
2023-07-02 09:12 - 2023-07-02 09:12 - 000058884 ____R C:\Users\famil\Downloads\Midwestern Nights Dream - .pdf
2023-07-02 09:11 - 2023-07-02 09:11 - 001900599 ____R C:\Users\famil\Downloads\Numérisation_20201214 (2).pdf
2023-07-02 09:09 - 2023-07-02 09:09 - 000078107 ____R C:\Users\famil\Downloads\Autres Triades .pdf
2023-07-02 09:09 - 2023-07-02 09:09 - 000026128 ____R C:\Users\famil\Downloads\Gammes Bebop.pdf
2023-07-02 09:06 - 2023-07-02 09:06 - 000040599 ____R C:\Users\famil\Downloads\Autour des notes de triades majeures tome 2 - Partition complète.pdf
2023-07-02 09:05 - 2023-07-02 09:05 - 000040942 ____R C:\Users\famil\Downloads\Autour des notes de triades mineures tome 4 - Partition complète.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000123524 ____R C:\Users\famil\Downloads\I got rhythm en C Bb Eb F.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000035656 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Eb.pdf
2023-07-02 09:03 - 2023-07-02 09:03 - 000035046 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Bb.pdf
2023-07-02 09:02 - 2023-07-02 09:02 - 000035356 ____R C:\Users\famil\Downloads\Rhythm Changes AABA -en Ut.pdf
2023-06-27 13:03 - 2023-06-27 13:03 - 000631178 _____ C:\Users\famil\Desktop\CG_KIA.pdf
2023-06-26 09:15 - 2023-06-26 09:15 - 000073391 ____R C:\Users\famil\Downloads\ATTESTATION_PROV-26-06-2023-073f3e1b-44f1-4f30-9eaf-d391aebe5b7c.pdf
2023-06-24 12:30 - 2023-06-24 12:30 - 000438272 ____R C:\Users\famil\Downloads\Note departementale HC 2023.pdf
2023-06-24 12:29 - 2023-06-24 12:29 - 000091136 ____R C:\Users\famil\Downloads\Campagne insciption_ stages MIN 2023-2024.pdf
2023-06-16 20:43 - 2023-06-16 20:43 - 000799407 ____R C:\Users\famil\Downloads\Scan_0116.pdf
2023-06-15 17:31 - 2023-06-15 17:31 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\QuickStyles
2023-06-08 12:02 - 2023-06-08 12:02 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\Bibliography
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 14:03 - 2020-11-19 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-03 13:54 - 2022-06-12 03:11 - 000000000 ____D C:\ProgramData\Alsoft
2023-09-03 13:40 - 2021-12-17 00:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-03 13:40 - 2020-08-20 12:42 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-03 12:54 - 2020-08-10 11:24 - 000000000 ____D C:\Users\famil\AppData\Roaming\ZHP
2023-09-03 12:37 - 2021-04-05 17:01 - 000000000 ____D C:\Users\famil
2023-09-03 07:47 - 2022-09-29 19:47 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-03 07:47 - 2022-09-29 19:47 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-03 07:47 - 2022-03-08 08:41 - 000000000 ____D C:\Program Files\CCleaner
2023-09-03 04:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-03 04:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-03 04:58 - 2020-11-19 01:31 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-03 04:58 - 2020-11-19 01:31 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-03 04:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-02 19:09 - 2021-04-05 17:50 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-02 19:09 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2023-09-02 19:09 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2023-09-02 19:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-02 19:00 - 2021-04-05 17:46 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-02 19:00 - 2020-11-19 01:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-02 18:59 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-02 18:57 - 2021-02-23 10:42 - 000000000 ____D C:\Users\famil\AppData\Local\CrashDumps
2023-09-02 18:55 - 2022-06-12 03:11 - 000000000 ____D C:\Users\famil\AppData\Local\Alsoft
2023-09-02 17:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-02 17:40 - 2022-01-11 19:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-02 08:55 - 2019-12-18 10:06 - 000001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-01 10:27 - 2019-12-18 10:14 - 000000000 ____D C:\Users\famil\AppData\Local\D3DSCache
2023-08-31 23:28 - 2020-11-19 01:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-31 20:14 - 2021-03-25 07:26 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-08-28 12:53 - 2021-04-05 18:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-28 12:14 - 2022-07-11 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-08-28 12:13 - 2021-08-18 09:44 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-08-19 23:04 - 2023-02-08 10:47 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-19 23:04 - 2023-02-08 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-19 23:04 - 2021-02-21 09:45 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-08-19 23:04 - 2019-12-21 09:02 - 000000000 ____D C:\Program Files\WinRAR
2023-08-19 23:03 - 2021-02-21 09:47 - 000000000 ____D C:\Users\famil\AppData\Roaming\FileZilla
2023-08-19 23:03 - 2021-02-21 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2023-08-19 09:52 - 2019-12-18 09:59 - 000000000 ____D C:\Users\famil\AppData\Local\Packages
2023-08-18 12:11 - 2020-01-26 19:08 - 000000000 ____D C:\Users\famil\AppData\Roaming\vlc
2023-08-18 09:51 - 2020-08-16 15:52 - 000000128 _____ C:\Users\famil\AppData\Local\PUTTY.RND
2023-08-18 09:13 - 2022-02-09 16:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-17 06:42 - 2020-11-19 00:28 - 000798328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-17 06:40 - 2021-04-05 18:38 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-17 06:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-16 15:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-16 15:15 - 2020-11-19 01:31 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-11 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-10 11:03 - 2019-12-18 17:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-10 10:57 - 2019-12-18 17:12 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-10 10:50 - 2020-08-20 12:43 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-10 10:44 - 2021-04-05 17:55 - 000003612 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2023-08-10 10:44 - 2021-04-05 17:55 - 000003488 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2019-12-18 13:03 - 2019-12-18 13:03 - 001566214 _____ () C:\Users\famil\AppData\Roaming\AvidApplicationManager_Install.log
2021-03-13 09:01 - 2021-03-13 09:11 - 000000128 _____ () C:\Users\famil\AppData\Roaming\PUTTY.RND
2020-08-17 07:30 - 2021-12-23 19:17 - 000000128 _____ () C:\Users\famil\AppData\Roaming\winscp.rnd
2020-08-16 15:52 - 2023-08-18 09:51 - 000000128 _____ () C:\Users\famil\AppData\Local\PUTTY.RND
==================== SigCheckExt =========================
2020-11-21 20:09 - 2017-05-03 12:29 - 009614711 _____ (Snoop05) C:\adb-setup-1.4.3.exe
2021-11-04 22:00 - 2021-09-22 12:12 - 001504768 _____ (Cyber.Cat) C:\ADBAppControl.exe
2020-04-06 15:20 - 2003-05-22 11:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2020-04-06 15:20 - 2011-12-07 18:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2020-04-06 15:20 - 2003-05-21 22:50 - 000261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2020-04-06 15:20 - 2002-08-19 23:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2020-04-06 15:20 - 2003-05-21 22:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2001-05-22 01:00 - 2001-05-22 01:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll
2020-04-06 15:20 - 2004-12-10 09:03 - 000438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2020-04-06 15:20 - 2004-07-03 19:59 - 000524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2020-04-06 15:20 - 2004-07-03 20:08 - 000139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2023-09-03 12:37 - 2023-09-03 12:37 - 003511456 _____ (Nicolas Coolman) C:\Users\famil\ZHPSuite.exe
2023-09-02 08:59 - 2023-09-02 08:59 - 002382336 _____ (Farbar) C:\Users\famil\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=D:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {8d62a048-b650-11e8-b73e-bbac2dc7f641}
displayorder {current}
{215c8ccc-b650-11e8-97de-a42bb0a651f4}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {215c8ccc-b650-11e8-97de-a42bb0a651f4}
device partition=D:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
loadoptions DDISABLE_INTEGRITY_CHECKS
inherit {bootloadersettings}
recoverysequence {8d62a042-b650-11e8-b73e-bbac2dc7f641}
displaymessageoverride Recovery
recoveryenabled Yes
testsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=D:
systemroot \WINDOWS
resumeobject {215c8ccb-b650-11e8-97de-a42bb0a651f4}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8d62a042-b650-11e8-b73e-bbac2dc7f641}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{8d62a043-b650-11e8-b73e-bbac2dc7f641}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{8d62a043-b650-11e8-b73e-bbac2dc7f641}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {8d62a048-b650-11e8-b73e-bbac2dc7f641}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8d62a04c-b650-11e8-b73e-bbac2dc7f641}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8d62a04c-b650-11e8-b73e-bbac2dc7f641}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {215c8ccb-b650-11e8-97de-a42bb0a651f4}
device partition=D:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8d62a042-b650-11e8-b73e-bbac2dc7f641}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=D:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {8d62a048-b650-11e8-b73e-bbac2dc7f641}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {8d62a04b-b650-11e8-b73e-bbac2dc7f641}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=D:
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {8d62a043-b650-11e8-b73e-bbac2dc7f641}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {8d62a04c-b650-11e8-b73e-bbac2dc7f641}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================