Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2024
Exécuté par Guillaume (administrateur) sur MOI (Acer Aspire E5-771G) (11-01-2024 09:30:54)
Exécuté depuis C:\Users\Guillaume\Desktop\FRST64.exe
Profils chargés: Guillaume
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe ->) (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(services.exe ->) (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Biometric and Context Agent -> Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
(svchost.exe ->) () [Fichier non signé] C:\Windows\SysWOW64\UMonit64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC -> DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] (DivX, LLC -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UD.exe [536168 2014-03-04] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CheckNDISPort57ac21] => C:\Program Files (x86)\4G Mobile Hotspot\4G Mobile Hotspot\CheckNDISPort_df.exe [478928 2018-03-19] (ZTE CORPORATION -> )
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\4G Mobile Hotspot\4G Mobile Hotspot\CancelAutoPlay_df.exe [448208 2018-03-19] (ZTE CORPORATION -> )
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Guillaume\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-11-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Root\Office16\lync.exe [26454128 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [MicrosoftEdgeAutoLaunch_49AEB5400AA199E1E959B2CD967E65D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64i.dll [87552 2011-10-04] () [Fichier non signé]
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [110264 2014-04-25] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {035BDF76-CEB5-407C-9C7F-53583D56A26F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-06-26] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {518FEF4A-6DFB-4966-83EF-7EE256B8F73A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-03-17] (Acer Incorporated -> Acer Incorporate)
Task: {F08F105E-00D8-41FA-B0FF-27BAE0D7E2A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {539D0810-DBE8-4DAD-A412-E9E58520F3CA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A5F80FC-3605-4C9F-9B46-33A035A3CE9B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B2F18BC-E0D5-4221-8BCE-1ACE93245EAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3967DBA-FB15-4CCD-BEC0-F3C1A7B39418} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9A33876-0C03-4609-9531-902A2BD95288} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555216 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {54307956-612D-4A39-A690-4171E0E14472} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {7247FB45-0A07-49DC-9E7E-592A24264D75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F527FF4-FE6D-4930-AFBC-83C50BCCA58E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFA0FEDC-4DED-4E27-849B-CBA1D8391ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D3C1A8E-2C30-4DFC-9286-FBB5A6826349} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {00AA73BD-863B-4ADB-8C23-69F8DAB4F922} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {69D5A3AD-47CA-4928-8909-108DB8619605} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {52038909-0F02-4EB5-B1FA-D23A7F5A4872} - System32\Tasks\Quick Access Quick Launcher => "C:\Program Files\Acer\Acer Quick Access\QALauncher.exe" -noui -noqamsg -normsvc (Pas de fichier)
Task: {1A8BED28-EA78-41B6-B25C-FA090A3782FB} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-03-18] (Acer Incorporated -> Acer Incorporated)
Task: {ADFC708C-5D89-4DC8-BEAA-7A72DFB7016A} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{038a13bd-8886-4f40-b60b-9a753d1a0d01}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6aa9b7d6-fbb4-41ee-9554-9ea4d4e71b38}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91258185-c39a-4376-8512-c65f02f2e279}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\2445053464141313: [DhcpNameServer] 10.11.12.241 10.110.11.14
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\356425F553033303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\9C3686563602342796479617575602: [DhcpNameServer] 192.168.145.33
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\A54554F5635344439313: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\C496675626F687D243344353: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\C496675626F687D243344353: [DhcpDomain] home
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\D4169637F6E625: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d29604b5-ec4a-4301-9717-1bf6434e3a24}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-10]
Edge Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
Edge Extension: (Edge relevant text changes) - C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-10]
FireFox:
========
FF DefaultProfile: 3e35rp6b.default
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\TomTom\HOME\Profiles\hjg9hcfe.default [2015-07-13]
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\3e35rp6b.default [2024-01-08]
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\e3hnjipo.default-release [2024-01-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-18] (Adobe Systems Incorporated -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1764883577-1765775279-844542308-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Guillaume\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1764883577-1765775279-844542308-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Guillaume\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2024-01-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-09]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-02]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-09]
CHR Extension: (Slides) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-08]
CHR Extension: (Docs) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-08]
CHR Extension: (Google Drive) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-08]
CHR Extension: (YouTube) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-08]
CHR Extension: (Sheets) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-12]
CHR Extension: (Gmail) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-08]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-28]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777592 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe [166504 2014-03-04] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [19552 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Biometric and Context Agent -> Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-09] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 AWEAlloc; C:\WINDOWS\system32\DRIVERS\awealloc.sys [21048 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [332360 2021-06-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-09-13] (Disc Soft Ltd -> Disc Soft Ltd)
R3 eppvad_simple; C:\WINDOWS\system32\drivers\EMP_UDAU.sys [23040 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [107208 2014-01-17] (Genesys Logic,INC. -> GenesysLogic)
R2 ImDisk; C:\WINDOWS\system32\DRIVERS\imdisk.sys [48704 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (Microsoft Windows Hardware Compatibility Publisher -> QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-11 09:30 - 2024-01-11 09:30 - 000000000 ____D C:\Users\Guillaume\Desktop\FRST-OlderVersion
2024-01-11 09:22 - 2024-01-11 09:22 - 000323823 _____ C:\Users\Guillaume\Desktop\ZHPDiag.html
2024-01-10 04:39 - 2024-01-10 12:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-09 21:17 - 2024-01-09 21:17 - 000001735 _____ C:\Users\Guillaume\Desktop\MBAM.txt
2024-01-09 20:06 - 2024-01-09 21:20 - 000000000 ___HD C:\$WinREAgent
2024-01-09 17:57 - 2024-01-10 03:47 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Malwarebytes
2024-01-09 17:57 - 2024-01-09 17:57 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-09 17:57 - 2024-01-09 17:57 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-09 17:55 - 2024-01-09 17:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-09 17:55 - 2024-01-09 17:55 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-09 17:54 - 2024-01-09 17:54 - 002606880 _____ (Malwarebytes) C:\Users\Guillaume\Desktop\MBSetup.exe
2024-01-09 17:52 - 2024-01-09 17:51 - 000007749 _____ C:\Users\Guillaume\Desktop\AdwCleaner[C00].txt
2024-01-09 17:52 - 2024-01-09 17:49 - 000006829 _____ C:\Users\Guillaume\Desktop\AdwCleaner[S00].txt
2024-01-09 17:47 - 2024-01-09 17:51 - 000000000 ____D C:\AdwCleaner
2024-01-09 17:46 - 2024-01-09 17:46 - 008791352 _____ (Malwarebytes) C:\Users\Guillaume\Desktop\adwcleaner_8.4.0.exe
2024-01-09 17:43 - 2024-01-09 17:43 - 000051531 _____ C:\Users\Guillaume\Desktop\ZHPCleaner (R).txt
2024-01-09 17:38 - 2024-01-09 17:38 - 000051254 _____ C:\Users\Guillaume\Desktop\ZHPCleaner (S).txt
2024-01-09 16:52 - 2024-01-09 16:52 - 000000000 ____D C:\WINDOWS\InboxApps
2024-01-09 16:09 - 2024-01-09 16:09 - 000000916 _____ C:\Users\Guillaume\Desktop\ZHPCleaner.lnk
2024-01-09 16:07 - 2024-01-09 16:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-09 16:06 - 2024-01-09 16:06 - 003362976 _____ (Nicolas Coolman) C:\Users\Guillaume\Desktop\ZHPCleaner.exe
2024-01-09 05:07 - 2024-01-09 06:19 - 000002414 _____ C:\Users\Guillaume\Desktop\Fixlog.txt
2024-01-09 05:07 - 2024-01-09 05:07 - 000000346 _____ C:\Users\Guillaume\Desktop\cvdbixvpuum.txt
2024-01-08 19:27 - 2024-01-08 19:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-08 18:37 - 2024-01-11 09:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-08 18:36 - 2024-01-10 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-08 18:36 - 2024-01-10 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-08 18:36 - 2024-01-08 18:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-01-08 18:36 - 2024-01-08 18:36 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2024-01-08 18:36 - 2024-01-08 18:36 - 000000997 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-01-08 18:36 - 2024-01-08 18:36 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Mozilla
2024-01-08 18:36 - 2024-01-08 18:36 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Mozilla
2024-01-08 18:32 - 2024-01-08 18:32 - 000073117 _____ C:\Users\Guillaume\Desktop\identifiants.csv
2024-01-08 18:30 - 2024-01-08 18:31 - 000157170 _____ C:\Users\Guillaume\Desktop\bookmarks-2024-01-08.json
2024-01-08 18:25 - 2024-01-08 18:25 - 000350184 _____ (Mozilla) C:\Users\Guillaume\Desktop\Firefox Installer.exe
2024-01-08 17:40 - 2024-01-08 17:40 - 000000000 ____D C:\ProgramData\install_clap
2024-01-08 11:29 - 2024-01-08 11:29 - 000203429 _____ C:\Users\Guillaume\Desktop\Shortcut.txt
2024-01-08 11:23 - 2024-01-08 11:29 - 000087840 _____ C:\Users\Guillaume\Desktop\Addition.txt
2024-01-08 11:08 - 2024-01-11 09:34 - 000028117 _____ C:\Users\Guillaume\Desktop\FRST.txt
2024-01-08 11:03 - 2024-01-11 09:30 - 002388992 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2024-01-08 11:01 - 2024-01-11 09:22 - 000252940 _____ C:\Users\Guillaume\Desktop\ZHPDiag.txt
2024-01-08 10:35 - 2024-01-11 09:04 - 000000765 _____ C:\Users\Guillaume\Desktop\ZHPSuite.lnk
2024-01-08 10:34 - 2024-01-08 10:34 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\Desktop\ZHPSuite.exe
2024-01-08 10:30 - 2024-01-08 10:31 - 000000000 ____D C:\Users\Guillaume\Desktop\Nouveau dossier (4)
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-11 09:32 - 2023-05-22 09:10 - 000000000 ____D C:\FRST
2024-01-11 09:29 - 2020-08-29 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-11 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-11 09:22 - 2015-09-06 14:15 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\ZHP
2024-01-11 09:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-11 09:04 - 2021-09-07 16:26 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPSuite.exe
2024-01-11 09:04 - 2020-08-29 11:36 - 000000000 ____D C:\Users\Guillaume
2024-01-11 08:52 - 2014-09-13 22:12 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2024-01-11 08:51 - 2019-08-01 09:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-01-10 18:59 - 2016-09-27 12:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-10 18:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-10 17:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-10 17:57 - 2020-08-29 17:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-10 17:57 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-01-10 17:57 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-01-10 12:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 12:05 - 2018-08-24 07:37 - 000000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2024-01-10 11:53 - 2020-08-29 17:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-10 11:52 - 2020-08-29 17:01 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-10 11:44 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-10 11:42 - 2020-08-29 17:01 - 000663912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-09 21:16 - 2014-09-17 10:19 - 000000000 ____D C:\Users\Guillaume\Documents\tel
2024-01-09 20:05 - 2014-09-14 11:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-09 19:31 - 2014-09-14 11:54 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-09 17:57 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-09 17:51 - 2014-07-08 14:54 - 000000000 ____D C:\Program Files\Acer
2024-01-09 17:51 - 2014-04-17 08:26 - 000000000 ____D C:\ProgramData\Acer
2024-01-09 17:51 - 2014-04-17 08:26 - 000000000 ____D C:\Program Files (x86)\Acer
2024-01-09 17:19 - 2018-01-16 08:21 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Packages
2024-01-09 17:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-09 16:55 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-01-09 16:53 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-01-09 16:52 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-09 16:52 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-09 16:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-01-09 16:47 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-01-09 16:46 - 2019-12-07 15:53 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-01-09 16:46 - 2019-12-07 15:53 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-01-09 16:46 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-01-09 16:20 - 2020-08-16 13:51 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-09 16:09 - 2023-05-22 06:30 - 000000000 ____D C:\Users\Guillaume\AppData\Local\ZHP
2024-01-09 16:03 - 2019-10-07 15:40 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-09 04:40 - 2017-12-23 07:31 - 000000000 ____D C:\Program Files\Unlocker
2024-01-08 19:25 - 2020-08-29 17:07 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-08 18:33 - 2014-09-13 23:15 - 000000000 ____D C:\ProgramData\Mozilla
2024-01-08 18:32 - 2016-11-18 09:36 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Mozilla
2024-01-08 18:24 - 2016-06-26 09:17 - 000000000 ____D C:\Program Files (x86)\SpoilerSync
2024-01-08 18:09 - 2021-11-06 17:45 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Creality Slicer
2024-01-08 18:09 - 2021-11-06 17:44 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Creality Slicer
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Wondershare
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\Program Files (x86)\Wondershare
2024-01-08 18:01 - 2014-09-14 14:43 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\WildTangent
2024-01-08 18:01 - 2014-04-17 08:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2024-01-08 18:01 - 2014-04-17 08:26 - 000000000 ____D C:\ProgramData\WildTangent
2024-01-08 17:56 - 2014-09-13 22:27 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2024-01-08 17:52 - 2020-01-31 16:27 - 000000000 ____D C:\Program Files\Epic Games
2024-01-08 17:52 - 2020-01-31 16:07 - 000000000 ____D C:\Users\Guillaume\AppData\Local\UnrealEngine
2024-01-08 17:52 - 2020-01-31 16:04 - 000000000 ____D C:\ProgramData\Epic
2024-01-08 17:49 - 2014-09-16 07:24 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Dropbox
2024-01-08 17:48 - 2015-06-16 05:03 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Dropbox
2024-01-08 17:44 - 2018-08-23 17:26 - 000000000 ____D C:\ProgramData\DriversCloud.com
2024-01-08 17:43 - 2014-07-08 15:03 - 000000000 ____D C:\Program Files (x86)\CyberLink
2024-01-08 17:43 - 2014-07-08 14:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-01-08 17:41 - 2014-07-08 15:02 - 000000000 ____D C:\ProgramData\Temp
2024-01-08 17:29 - 2018-06-07 08:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-08 11:10 - 2018-07-10 19:09 - 000000000 ____D C:\ProgramData\Packages
2024-01-08 10:30 - 2017-10-26 09:17 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\FileAdvisor
2023-12-18 12:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== Fichiers à la racine de certains dossiers ========
2021-09-07 06:37 - 2021-09-07 06:37 - 003289240 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPCleaner.exe
2016-10-30 10:07 - 2016-10-30 10:09 - 002430464 _____ () C:\Users\Guillaume\ZHPDiag3.exe
2021-09-07 16:26 - 2024-01-11 09:04 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPSuite.exe
2018-02-12 09:39 - 2019-07-10 11:49 - 000000045 _____ () C:\Users\Guillaume\AppData\Roaming\jdm.conf
2019-02-21 14:29 - 2019-02-21 14:29 - 000003584 _____ () C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-02 06:29 - 2023-02-02 06:29 - 000000017 _____ () C:\Users\Guillaume\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Guillaume (administrateur) sur MOI (Acer Aspire E5-771G) (11-01-2024 09:30:54)
Exécuté depuis C:\Users\Guillaume\Desktop\FRST64.exe
Profils chargés: Guillaume
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe ->) (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(services.exe ->) (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Biometric and Context Agent -> Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NETGEAR -> ) C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe
(svchost.exe ->) () [Fichier non signé] C:\Windows\SysWOW64\UMonit64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3745_none_7ded3f327ca60a41\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC -> DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] (DivX, LLC -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UD.exe [536168 2014-03-04] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CheckNDISPort57ac21] => C:\Program Files (x86)\4G Mobile Hotspot\4G Mobile Hotspot\CheckNDISPort_df.exe [478928 2018-03-19] (ZTE CORPORATION -> )
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\4G Mobile Hotspot\4G Mobile Hotspot\CancelAutoPlay_df.exe [448208 2018-03-19] (ZTE CORPORATION -> )
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Guillaume\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-11-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Root\Office16\lync.exe [26454128 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1764883577-1765775279-844542308-1001\...\Run: [MicrosoftEdgeAutoLaunch_49AEB5400AA199E1E959B2CD967E65D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64i.dll [87552 2011-10-04] () [Fichier non signé]
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [110264 2014-04-25] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {035BDF76-CEB5-407C-9C7F-53583D56A26F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-06-26] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {518FEF4A-6DFB-4966-83EF-7EE256B8F73A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-03-17] (Acer Incorporated -> Acer Incorporate)
Task: {F08F105E-00D8-41FA-B0FF-27BAE0D7E2A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {539D0810-DBE8-4DAD-A412-E9E58520F3CA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425808 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A5F80FC-3605-4C9F-9B46-33A035A3CE9B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B2F18BC-E0D5-4221-8BCE-1ACE93245EAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305600 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3967DBA-FB15-4CCD-BEC0-F3C1A7B39418} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9A33876-0C03-4609-9531-902A2BD95288} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555216 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {54307956-612D-4A39-A690-4171E0E14472} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {7247FB45-0A07-49DC-9E7E-592A24264D75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F527FF4-FE6D-4930-AFBC-83C50BCCA58E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFA0FEDC-4DED-4E27-849B-CBA1D8391ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D3C1A8E-2C30-4DFC-9286-FBB5A6826349} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {00AA73BD-863B-4ADB-8C23-69F8DAB4F922} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2024-01-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {69D5A3AD-47CA-4928-8909-108DB8619605} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2024-01-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {52038909-0F02-4EB5-B1FA-D23A7F5A4872} - System32\Tasks\Quick Access Quick Launcher => "C:\Program Files\Acer\Acer Quick Access\QALauncher.exe" -noui -noqamsg -normsvc (Pas de fichier)
Task: {1A8BED28-EA78-41B6-B25C-FA090A3782FB} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-03-18] (Acer Incorporated -> Acer Incorporated)
Task: {ADFC708C-5D89-4DC8-BEAA-7A72DFB7016A} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{038a13bd-8886-4f40-b60b-9a753d1a0d01}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6aa9b7d6-fbb4-41ee-9554-9ea4d4e71b38}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91258185-c39a-4376-8512-c65f02f2e279}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\2445053464141313: [DhcpNameServer] 10.11.12.241 10.110.11.14
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\356425F553033303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\9C3686563602342796479617575602: [DhcpNameServer] 192.168.145.33
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\A54554F5635344439313: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\C496675626F687D243344353: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\C496675626F687D243344353: [DhcpDomain] home
Tcpip\..\Interfaces\{c8f481cb-8929-4175-92c3-ca234e61d9ed}\D4169637F6E625: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d29604b5-ec4a-4301-9717-1bf6434e3a24}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-10]
Edge Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
Edge Extension: (Edge relevant text changes) - C:\Users\Guillaume\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-10]
FireFox:
========
FF DefaultProfile: 3e35rp6b.default
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\TomTom\HOME\Profiles\hjg9hcfe.default [2015-07-13]
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\3e35rp6b.default [2024-01-08]
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\e3hnjipo.default-release [2024-01-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-18] (Adobe Systems Incorporated -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1764883577-1765775279-844542308-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Guillaume\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1764883577-1765775279-844542308-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Guillaume\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2024-01-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-09]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-02]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-09]
CHR Extension: (Slides) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-08]
CHR Extension: (Docs) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-08]
CHR Extension: (Google Drive) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-08]
CHR Extension: (YouTube) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-08]
CHR Extension: (Sheets) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-12]
CHR Extension: (Gmail) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-08]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-28]
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777592 2024-01-04] (Microsoft Corporation -> Microsoft Corporation)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.6\EMP_UDSA.exe [166504 2014-03-04] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [19552 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Biometric and Context Agent -> Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-09] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [316120 2014-08-18] (NETGEAR -> )
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [X]
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 AWEAlloc; C:\WINDOWS\system32\DRIVERS\awealloc.sys [21048 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [332360 2021-06-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2016-09-13] (Disc Soft Ltd -> Disc Soft Ltd)
R3 eppvad_simple; C:\WINDOWS\system32\drivers\EMP_UDAU.sys [23040 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [107208 2014-01-17] (Genesys Logic,INC. -> GenesysLogic)
R2 ImDisk; C:\WINDOWS\system32\DRIVERS\imdisk.sys [48704 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (Microsoft Windows Hardware Compatibility Publisher -> QUANTA)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-11 09:30 - 2024-01-11 09:30 - 000000000 ____D C:\Users\Guillaume\Desktop\FRST-OlderVersion
2024-01-11 09:22 - 2024-01-11 09:22 - 000323823 _____ C:\Users\Guillaume\Desktop\ZHPDiag.html
2024-01-10 04:39 - 2024-01-10 12:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-09 21:17 - 2024-01-09 21:17 - 000001735 _____ C:\Users\Guillaume\Desktop\MBAM.txt
2024-01-09 20:06 - 2024-01-09 21:20 - 000000000 ___HD C:\$WinREAgent
2024-01-09 17:57 - 2024-01-10 03:47 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Malwarebytes
2024-01-09 17:57 - 2024-01-09 17:57 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-09 17:57 - 2024-01-09 17:57 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-09 17:55 - 2024-01-09 17:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-09 17:55 - 2024-01-09 17:55 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-09 17:54 - 2024-01-09 17:54 - 002606880 _____ (Malwarebytes) C:\Users\Guillaume\Desktop\MBSetup.exe
2024-01-09 17:52 - 2024-01-09 17:51 - 000007749 _____ C:\Users\Guillaume\Desktop\AdwCleaner[C00].txt
2024-01-09 17:52 - 2024-01-09 17:49 - 000006829 _____ C:\Users\Guillaume\Desktop\AdwCleaner[S00].txt
2024-01-09 17:47 - 2024-01-09 17:51 - 000000000 ____D C:\AdwCleaner
2024-01-09 17:46 - 2024-01-09 17:46 - 008791352 _____ (Malwarebytes) C:\Users\Guillaume\Desktop\adwcleaner_8.4.0.exe
2024-01-09 17:43 - 2024-01-09 17:43 - 000051531 _____ C:\Users\Guillaume\Desktop\ZHPCleaner (R).txt
2024-01-09 17:38 - 2024-01-09 17:38 - 000051254 _____ C:\Users\Guillaume\Desktop\ZHPCleaner (S).txt
2024-01-09 16:52 - 2024-01-09 16:52 - 000000000 ____D C:\WINDOWS\InboxApps
2024-01-09 16:09 - 2024-01-09 16:09 - 000000916 _____ C:\Users\Guillaume\Desktop\ZHPCleaner.lnk
2024-01-09 16:07 - 2024-01-09 16:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-09 16:06 - 2024-01-09 16:06 - 003362976 _____ (Nicolas Coolman) C:\Users\Guillaume\Desktop\ZHPCleaner.exe
2024-01-09 05:07 - 2024-01-09 06:19 - 000002414 _____ C:\Users\Guillaume\Desktop\Fixlog.txt
2024-01-09 05:07 - 2024-01-09 05:07 - 000000346 _____ C:\Users\Guillaume\Desktop\cvdbixvpuum.txt
2024-01-08 19:27 - 2024-01-08 19:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-08 18:37 - 2024-01-11 09:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-08 18:36 - 2024-01-10 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-08 18:36 - 2024-01-10 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-08 18:36 - 2024-01-08 18:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-01-08 18:36 - 2024-01-08 18:36 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2024-01-08 18:36 - 2024-01-08 18:36 - 000000997 _____ C:\Users\Public\Desktop\Firefox.lnk
2024-01-08 18:36 - 2024-01-08 18:36 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Mozilla
2024-01-08 18:36 - 2024-01-08 18:36 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Mozilla
2024-01-08 18:32 - 2024-01-08 18:32 - 000073117 _____ C:\Users\Guillaume\Desktop\identifiants.csv
2024-01-08 18:30 - 2024-01-08 18:31 - 000157170 _____ C:\Users\Guillaume\Desktop\bookmarks-2024-01-08.json
2024-01-08 18:25 - 2024-01-08 18:25 - 000350184 _____ (Mozilla) C:\Users\Guillaume\Desktop\Firefox Installer.exe
2024-01-08 17:40 - 2024-01-08 17:40 - 000000000 ____D C:\ProgramData\install_clap
2024-01-08 11:29 - 2024-01-08 11:29 - 000203429 _____ C:\Users\Guillaume\Desktop\Shortcut.txt
2024-01-08 11:23 - 2024-01-08 11:29 - 000087840 _____ C:\Users\Guillaume\Desktop\Addition.txt
2024-01-08 11:08 - 2024-01-11 09:34 - 000028117 _____ C:\Users\Guillaume\Desktop\FRST.txt
2024-01-08 11:03 - 2024-01-11 09:30 - 002388992 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2024-01-08 11:01 - 2024-01-11 09:22 - 000252940 _____ C:\Users\Guillaume\Desktop\ZHPDiag.txt
2024-01-08 10:35 - 2024-01-11 09:04 - 000000765 _____ C:\Users\Guillaume\Desktop\ZHPSuite.lnk
2024-01-08 10:34 - 2024-01-08 10:34 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\Desktop\ZHPSuite.exe
2024-01-08 10:30 - 2024-01-08 10:31 - 000000000 ____D C:\Users\Guillaume\Desktop\Nouveau dossier (4)
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-11 09:32 - 2023-05-22 09:10 - 000000000 ____D C:\FRST
2024-01-11 09:29 - 2020-08-29 17:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-11 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-11 09:22 - 2015-09-06 14:15 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\ZHP
2024-01-11 09:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-11 09:04 - 2021-09-07 16:26 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPSuite.exe
2024-01-11 09:04 - 2020-08-29 11:36 - 000000000 ____D C:\Users\Guillaume
2024-01-11 08:52 - 2014-09-13 22:12 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2024-01-11 08:51 - 2019-08-01 09:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-01-10 18:59 - 2016-09-27 12:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-10 18:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-10 17:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-10 17:57 - 2020-08-29 17:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-10 17:57 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-01-10 17:57 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-01-10 12:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 12:05 - 2018-08-24 07:37 - 000000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2024-01-10 11:53 - 2020-08-29 17:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-10 11:52 - 2020-08-29 17:01 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-10 11:44 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-10 11:42 - 2020-08-29 17:01 - 000663912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 07:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-09 21:16 - 2014-09-17 10:19 - 000000000 ____D C:\Users\Guillaume\Documents\tel
2024-01-09 20:05 - 2014-09-14 11:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-09 19:31 - 2014-09-14 11:54 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-09 17:57 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-09 17:51 - 2014-07-08 14:54 - 000000000 ____D C:\Program Files\Acer
2024-01-09 17:51 - 2014-04-17 08:26 - 000000000 ____D C:\ProgramData\Acer
2024-01-09 17:51 - 2014-04-17 08:26 - 000000000 ____D C:\Program Files (x86)\Acer
2024-01-09 17:19 - 2018-01-16 08:21 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Packages
2024-01-09 17:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-09 16:55 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-01-09 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-01-09 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-01-09 16:53 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-09 16:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-01-09 16:52 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-09 16:52 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-01-09 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-09 16:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-01-09 16:47 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-01-09 16:46 - 2019-12-07 15:53 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-01-09 16:46 - 2019-12-07 15:53 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-01-09 16:46 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-01-09 16:20 - 2020-08-16 13:51 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-09 16:09 - 2023-05-22 06:30 - 000000000 ____D C:\Users\Guillaume\AppData\Local\ZHP
2024-01-09 16:03 - 2019-10-07 15:40 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-09 04:40 - 2017-12-23 07:31 - 000000000 ____D C:\Program Files\Unlocker
2024-01-08 19:25 - 2020-08-29 17:07 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-08 18:33 - 2014-09-13 23:15 - 000000000 ____D C:\ProgramData\Mozilla
2024-01-08 18:32 - 2016-11-18 09:36 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Mozilla
2024-01-08 18:24 - 2016-06-26 09:17 - 000000000 ____D C:\Program Files (x86)\SpoilerSync
2024-01-08 18:09 - 2021-11-06 17:45 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Creality Slicer
2024-01-08 18:09 - 2021-11-06 17:44 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Creality Slicer
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Wondershare
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-01-08 18:05 - 2018-09-20 08:49 - 000000000 ____D C:\Program Files (x86)\Wondershare
2024-01-08 18:01 - 2014-09-14 14:43 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\WildTangent
2024-01-08 18:01 - 2014-04-17 08:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2024-01-08 18:01 - 2014-04-17 08:26 - 000000000 ____D C:\ProgramData\WildTangent
2024-01-08 17:56 - 2014-09-13 22:27 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2024-01-08 17:52 - 2020-01-31 16:27 - 000000000 ____D C:\Program Files\Epic Games
2024-01-08 17:52 - 2020-01-31 16:07 - 000000000 ____D C:\Users\Guillaume\AppData\Local\UnrealEngine
2024-01-08 17:52 - 2020-01-31 16:04 - 000000000 ____D C:\ProgramData\Epic
2024-01-08 17:49 - 2014-09-16 07:24 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Dropbox
2024-01-08 17:48 - 2015-06-16 05:03 - 000000000 ____D C:\Users\Guillaume\AppData\Local\Dropbox
2024-01-08 17:44 - 2018-08-23 17:26 - 000000000 ____D C:\ProgramData\DriversCloud.com
2024-01-08 17:43 - 2014-07-08 15:03 - 000000000 ____D C:\Program Files (x86)\CyberLink
2024-01-08 17:43 - 2014-07-08 14:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-01-08 17:41 - 2014-07-08 15:02 - 000000000 ____D C:\ProgramData\Temp
2024-01-08 17:29 - 2018-06-07 08:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-08 11:10 - 2018-07-10 19:09 - 000000000 ____D C:\ProgramData\Packages
2024-01-08 10:30 - 2017-10-26 09:17 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\FileAdvisor
2023-12-18 12:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== Fichiers à la racine de certains dossiers ========
2021-09-07 06:37 - 2021-09-07 06:37 - 003289240 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPCleaner.exe
2016-10-30 10:07 - 2016-10-30 10:09 - 002430464 _____ () C:\Users\Guillaume\ZHPDiag3.exe
2021-09-07 16:26 - 2024-01-11 09:04 - 003538080 _____ (Nicolas Coolman) C:\Users\Guillaume\ZHPSuite.exe
2018-02-12 09:39 - 2019-07-10 11:49 - 000000045 _____ () C:\Users\Guillaume\AppData\Roaming\jdm.conf
2019-02-21 14:29 - 2019-02-21 14:29 - 000003584 _____ () C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-02-02 06:29 - 2023-02-02 06:29 - 000000017 _____ () C:\Users\Guillaume\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================