Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2020 Exécuté par patsong (administrateur) sur PATSONG-PC (Packard Bell ixtreme M5860) (02-08-2020 10:30:32) Exécuté depuis C:\Users\patsong\Desktop Profils chargés: patsong Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BgGameMon.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBackup.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe (Google LLC -> Google LLC) C:\Users\mali\AppData\Local\Google\Chrome\Application\chrome.exe <16> (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe [417592 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [284520 2020-07-31] (IDSA Production signing key -> Intel) HKU\S-1-5-21-1831829465-1496700893-273378057-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1831829465-1496700893-273378057-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1831829465-1496700893-273378057-1001\...\MountPoints2: {3f88dfcd-15ff-11ea-8d0e-806e6f6e6963} - E:\Autorun.exe HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\Windows\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyUsers\S-1-5-21-1831829465-1496700893-273378057-1005\User: Restriction <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01B5431D-5E3D-4F9B-83BF-CBA5B999D67F} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe Task: {0F6119FA-525A-4804-97A6-5503738E65F2} - System32\Tasks\{4FBDE8B7-E7B7-4768-BFED-B841B60EEDEB} => C:\objets_caches\drawn-la-tour-diris\Drawn.exe Task: {16DFD603-EFC7-4103-B838-AB58A0FA325C} - System32\Tasks\{E4B8FA54-DC07-4F07-BF0D-C63063E7C7CA} => C:\Windows\system32\pcalua.exe -a "E:\DVD 4 jeux caches\Turtle_Odyssey2.exe" -d "E:\DVD 4 jeux caches" Task: {193F495C-6E1F-4834-A2DA-4CD3D701AC31} - System32\Tasks\{EC899400-714D-4301-BDF6-959BA808265D} => C:\Windows\system32\pcalua.exe -a "E:\DVD 4 jeux caches\Sheep's_Quest.exe" -d "E:\DVD 4 jeux caches" Task: {26E09C8C-6CD6-4FAD-90B8-67C80873A15E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1001Core => C:\Users\patsong\AppData\Local\Google\Update\GoogleUpdate.exe Task: {2AC65881-B33C-410A-A81B-17EBE137EBF4} - System32\Tasks\{699FC7B3-FD5D-4A07-99D4-78A7B3F4919D} => C:\Windows\system32\pcalua.exe -a "E:\DVD 1 jeux caches\blood-ties.exe" -d "E:\DVD 1 jeux caches" Task: {2E4091ED-D87A-4E2D-BB49-A8A65E3F5D67} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [123600 2020-07-21] (Mozilla Corporation -> Mozilla Foundation) Task: {371B54DE-1095-44ED-ACD1-1D8F14B2682A} - System32\Tasks\{7712689E-DA6F-434A-8601-55B49386C374} => C:\objets_caches\drawn-la-tour-diris\Drawn.exe Task: {3FA2681A-39EC-41A8-A8A9-9A173C5ACB92} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {458A0C98-8CB1-4D6A-B5CB-387075A58764} - System32\Tasks\{C622E737-9289-44AC-9860-66ABD1F614E1} => C:\Users\patsong\Desktop\wlsetup-all.exe Task: {466954E8-C54C-4446-9F64-393CEBF7854B} - System32\Tasks\{C2BB9777-858B-4DEA-B9BF-4A2143C660CB} => C:\Users\patsong\Desktop\wlsetup-all.exe Task: {49167868-0435-4179-9755-3E7AEFC8D436} - System32\Tasks\{2AE219EF-5495-4724-BB89-0F123D4FCFC0} => C:\Users\patsong\AppData\Local\Google\Chrome\Application\chrome_proxy.exe Task: {61622EE8-BAE4-46D8-882D-C373C35A0F1C} - System32\Tasks\{5FB04976-5C04-4174-833F-EAC669F4F90D} => C:\Windows\system32\pcalua.exe -a "E:\DVD 4 jeux caches\Mystery Chronicles.exe" -d "E:\DVD 4 jeux caches" Task: {62159046-5F22-4C64-ABA1-CDFDB5B42F01} - System32\Tasks\{AD1D649F-69B0-41A3-BF02-643F6AB664FF} => C:\Windows\system32\pcalua.exe -a C:\Users\patsong\Desktop\windows-live-mail_16-4-3528-0331_fr_37760.exe -d C:\Users\patsong\Desktop Task: {69DB4DFE-1569-43AC-9149-CB4D019DAFC7} - System32\Tasks\{83F86F39-6077-4B98-A3A6-128A777C41F5} => C:\Windows\system32\pcalua.exe -a C:\Users\patsong\Downloads\windows-live-mail-desktop.exe -d C:\Users\patsong\Downloads Task: {7E50ECD1-6FA9-4C57-9C50-E50C949CAC13} - System32\Tasks\{9A3FC098-6446-4D36-B619-E44534002922} => C:\Windows\system32\pcalua.exe -a C:\Users\patsong\Desktop\wmcopy16\WMCopy16.exe -d C:\Users\patsong\Desktop\wmcopy16 Task: {8870EBDF-DBCE-4BD9-9C90-612D00D57A69} - System32\Tasks\{35AFE1B8-46AD-49C3-98DB-F417B26AAFF7} => C:\Users\patsong\Desktop\wlsetup-all.exe Task: {9A064622-6E72-4F86-9E09-4A264DA27289} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1001UA => C:\Users\patsong\AppData\Local\Google\Update\GoogleUpdate.exe Task: {A74BB729-74D6-442A-80BD-26C851780CE5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\patsong\Desktop\esetonlinescanner_fra.exe Task: {AD79FD23-8D2B-45B4-B0E0-51CD102D36DA} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe Task: {B20BCA95-892E-4A6C-91F5-E79F2716E4F0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {B5024B78-4818-4908-ADEC-CC25418BFFCB} - System32\Tasks\{4FA763C8-B309-459C-88FB-A9476620AB5B} => C:\Windows\system32\pcalua.exe -a "E:\DVD 2 jeux caches\drawn-la-tour-diris.exe" -d "E:\DVD 2 jeux caches" Task: {B5FC8C4A-E3EC-4888-8154-66F3B5050D25} - System32\Tasks\{0F345AEA-967E-4C0F-A9C0-0F7C87857743} => C:\Windows\system32\pcalua.exe -a "E:\DVD 4 jeux caches\VeronicaRivers_PortailsInconnu.exe" -d "E:\DVD 4 jeux caches" Task: {CDED6296-B9F2-4B87-B95D-75FF2371CF55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.) Task: {D63DFD33-DE5D-4718-9BA9-227C0B88263C} - System32\Tasks\{B0E5F1D5-F57D-4EE8-9989-DD8BCB50B5C7} => C:\Users\patsong\Desktop\wlsetup-all.exe Task: {D9408CA2-0DAA-4E45-B05F-ECB6AC91E4E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1005Core => C:\Users\mali\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-08-01] (Google LLC -> Google LLC) Task: {DBB40A5E-B8B2-40F9-89F4-A06419E11C36} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [22392 2012-02-06] (Acer Incorporated -> Acer Incorporated) Task: {DE8AFDC9-E60E-44C3-BDB8-844BEC2912DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1005UA => C:\Users\mali\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-08-01] (Google LLC -> Google LLC) Task: {E388A6B9-BA83-443D-ADF8-B998D49FD01C} - System32\Tasks\{0D1D37E5-24B3-45B8-BF7F-338D8BAE3753} => C:\Users\patsong\Desktop\wlsetup-all.exe Task: {EABA6CAF-C8E3-49BC-A39C-90304A68B0BF} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\patsong\Desktop\esetonlinescanner_fra.exe Task: {F0A215C1-5520-4AAB-80DA-26152F29C975} - System32\Tasks\BullGuard\BullGuardUpdate2 => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe [2981176 2020-07-09] (BullGuard Ltd. -> BullGuard Ltd.) Task: {F174D0A3-7A7E-47AC-B5AA-88CB8CECE65D} - System32\Tasks\{6016BDA7-942C-44C0-A4E3-75B7AB22A859} => C:\Windows\system32\pcalua.exe -a "C:\Users\patsong\Desktop\wlsetup-all (1).exe" -d C:\Users\patsong\Desktop Task: {F5C7FDC5-E76B-4458-BCA7-BD0FF1A0A953} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {F6486D8E-19C5-4AF4-B17E-91171B6A1736} - System32\Tasks\{4809A034-B288-4622-BBD7-825ECA9129AA} => C:\Users\patsong\AppData\Local\Google\Chrome\Application\chrome_proxy.exe Task: {FEE09DA1-2682-4372-AE11-50C964F5E5CE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ABA64347-792B-49E7-A7AF-E7DD43367DB4}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{BD9A6024-4FF3-4432-BCA1-0AE3546D7CFD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1831829465-1496700893-273378057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com/ HKU\S-1-5-21-1831829465-1496700893-273378057-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1831829465-1496700893-273378057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1831829465-1496700893-273378057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Pas de nom -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Pas de fichier Toolbar: HKU\S-1-5-21-1831829465-1496700893-273378057-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Pas de fichier FireFox: ======== FF DefaultProfile: 24ewepy9.default FF ProfilePath: C:\Users\patsong\AppData\Roaming\Mozilla\Firefox\Profiles\24ewepy9.default [2020-07-26] FF ProfilePath: C:\Users\patsong\AppData\Roaming\Mozilla\Firefox\Profiles\mchbq2i0.default-release-1596288231343 [2020-08-01] FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard => non trouvé(e) FF HKU\S-1-5-21-1831829465-1496700893-273378057-1001\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter FF Extension: (BullGuard Antivirus) - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2019-12-03] [] [non signé] FF HKU\S-1-5-21-1831829465-1496700893-273378057-1001\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\backup\thunderbirdbkplugin FF Extension: (BullGuard Backup) - C:\Program Files\BullGuard Ltd\BullGuard\Files32\backup\thunderbirdbkplugin [2019-12-03] [] [non signé] FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default [2020-08-02] CHR Notifications: Default -> hxxps://www.facebook.com CHR StartupUrls: Default -> "hxxps://www.google.fr/" CHR DefaultSearchURL: Default -> hxxps://www.lilo.org/wp-content/themes/jarvis_wp/colibri/assets/img/newlogo/lilo16.png CHR Extension: (Avec ENTRE4ROUES - Lilo) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacjhpjfckkfiingccmkdfndelbkojoo [2020-08-02] CHR Extension: (impossible de réinstaller google chrome) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\adeibinflliikpppclabhcnjjagcbjpp [2020-08-01] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahoicmpadfahgohnbcnjbafgeoeogpei [2020-08-02] CHR Extension: (Web myAir) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\akndechjdjaailibejeobglmabnhfahg [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\amappnlhmccociadfdimnjgfdgaljcbf [2020-08-02] CHR Extension: (SUEZ - Tout Sur Mon Eau) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\anooihabhhgijofabckkibhmbhlogehd [2020-08-02] CHR Extension: (Google Drive) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-08-01] CHR Extension: (Tableau de bord) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcaeafomihkhapaphjdpjkjnonoefmho [2020-08-02] CHR Extension: (Messagerie - malibarbereau@msn.com) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgffhecnachigndbmaflgegecifieklo [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhihcmehjlgefebgopaofipnheglhena [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\biemapagbmddemofeplmbmpbcbjhflfh [2020-08-02] CHR Extension: (Authentification - ACPS) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkafikfcfgjlnpemflelbmbjdnoikfac [2020-08-02] CHR Extension: (YouTube) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-01] CHR Extension: (myAir web) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccammfdmhmcofampfgpdmigckaclijdp [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccpoiihalelgjcgdepajnojckgccempf [2020-08-02] CHR Extension: (Facebook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2020-08-02] CHR Extension: (Mon espace particulier) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjehemhagjcaaljinpfalcgllfafampi [2020-08-02] CHR Extension: (uBlock Origin) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-01] CHR Extension: (CCM) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjphdplkjjnhfknclnekebhfdllmgljj [2020-08-01] CHR Extension: (Mon Espace Client TOUTM - Mes paiements retraite) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgoknmhhdgamielehnapngmdogaolkn [2020-08-02] CHR Extension: (hxxps://www.somrespir.fr/Aspx/Login.aspx) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\coiohngpjohhhmgnglighkgkemapohon [2020-08-02] CHR Extension: (CCM) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbodhcdfbdpebcjopafgkdjnehklgofc [2020-08-02] CHR Extension: (Livebox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdjbalhohnhhllpdcodkenimhgkbind [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcellcilglohmhihhbkmdikihamijibj [2020-08-02] CHR Extension: (01net) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhgdfnoigidckdifdpoldgenhifkdgdn [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel -...) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dldfogmbacklgdbmllhdeafppkplmagd [2020-08-02] CHR Extension: (hxxps://www.somrespir.fr/index.aspx?p=MonCarnet#4) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpamnaefelolpmiikjiblkcfcbjibec [2020-08-02] CHR Extension: (Accéder à mon espace | impots.gouv.fr) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\dodgnjheggedbmeeafcblckdljgcfbaj [2020-08-02] CHR Extension: (Livebox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebhdndkbjomfolfhehdhidadbnnekhpn [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\edddbpomemdinknedchhglnjpmpmggac [2020-08-02] CHR Extension: (Adobe Acrobat) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-01] CHR Extension: (Outlook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\eigpmdhekjlgjgcppnanaanbdmnlnagl [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgnliepockcknnakonjhaikcchdhbon [2020-08-02] CHR Extension: (myAir web) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\eknkpbbkhlgibkfikfdofbllcgojedib [2020-08-02] CHR Extension: (Les services en ligne de l'Assurance retraite - Authentification) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbfipkjoceapmonpoflfckfloiiedkpl [2020-08-02] CHR Extension: (",) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimkgoiknilkhegknlmhmmgepbdgnhco [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\flemjabfgbejacpogjfmopblgopaoedh [2020-08-02] CHR Extension: (Messagerie - patrick barbereau - Outlook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliobllokadbkbkjeofmbjoihiogpjhd [2020-08-02] CHR Extension: (Droit-finances.net) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhjnobhdkhipneehagefphkejnmafhi [2020-08-02] CHR Extension: (Malekal.com forum - Forum Aide informatique) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfkcefkkpodpipfjjfjpmakofiddflc [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel -...) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\gglkpjjpfmemlgepdbccfdjemammpola [2020-08-02] CHR Extension: (Je me connecte) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnheaainbcgmokmicdefikkobknhjenn [2020-08-02] CHR Extension: (Courrier - mali barbereau - Outlook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfcjdnodmgmbablihgjobfadhkcmnaki [2020-08-02] CHR Extension: (WhatsApp) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpfjngllnobngcgfapefoaidbinmjnm [2020-08-02] CHR Extension: (Mon échéancier, mes opérations) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieejicgleknlpponebpaidiokejpmgkl [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel - Connexion à mon compte) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmckjaglfcobbjankfnikjnjdjoldh [2020-08-02] CHR Extension: (problème icone réseau - Malekal.com forum) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\inaaehhfpmjfligfdjmjamkahdpmglkd [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel - Connexion à mon compte) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoamlafgbonmjbjpmeblfjkfhpaejdk [2020-08-02] CHR Extension: (j'ouvre une page dans google je fais ...) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbipmebinepnflihlffhejiaffngmifn [2020-08-02] CHR Extension: (Twitter) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2020-08-02] CHR Extension: (Livebox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjjbcdmclnjplfdmjjeplooipljgneln [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kabhcbbiijagpdfiemhlapeokghodhca [2020-08-02] CHR Extension: (ACPS BVR) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdgaeffofgoajhdpnpaigmbnbpcgmhb [2020-08-02] CHR Extension: (hxxps://www.somrespir.fr/index.aspx?p=MonCarnet) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglcllmkeaodppgkfahenpaagbbdobme [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel -...) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdbpcahkkbdhfffehoppfkmdjfkihf [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjfbjkojbleadcfipfcfljeahggdlmmb [2020-08-02] CHR Extension: (The Great Suspender) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2020-08-01] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmoeoapgoofmnnmfdfmgdkojkpebhll [2020-08-01] CHR Extension: (MSN France: Hotmail, Outlook, actuali...) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbjjeggokfipbghbpdjdpaagkanbdbne [2020-08-02] CHR Extension: (CCM) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcankbgchnfmimdoejegmomcdgakgccd [2020-08-02] CHR Extension: (Courrier - malibarbereau@msn.com) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfjfmjhnphapahedocomfcglipgoccm [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhdbnoiiaehlfgaladnnkefppmaldbcp [2020-08-02] CHR Extension: (myAir web) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhigkhohindbahdfcilmihfpnggfknof [2020-08-01] CHR Extension: (Livebox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbahnfodbkhnbjkbekkohlknblcheamp [2020-08-02] CHR Extension: (Livebox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeaklngpcmmigopmllobaagadggcgnj [2020-08-02] CHR Extension: (Identification - Livebox Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncgkhakaomleffnmbpfmpkmbelnbfhkh [2020-08-02] CHR Extension: (Courrier - mali barbereau - Outlook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\njflcjfmnkbmjnahphocplmnkkpkadfi [2020-08-02] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-01] CHR Extension: (Office) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\oindcdfigbhjfngmielppbgicajaajbm [2020-08-02] CHR Extension: (Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\okhmonaeigefaapdcpenmldpdddaomlh [2020-08-02] CHR Extension: (Boite de réception - mail Orange) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\oopainbolcpljpjpamnbhabebcdkoibk [2020-08-02] CHR Extension: (Compte ameli - mon espace personnel - Sommaire) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\oplljonkohdjelhmfljfeoijbicgbkea [2020-08-02] CHR Extension: (Accueil - Dropbox) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbilfhcoklcaepfpkdobnaajkblibbbh [2020-08-02] CHR Extension: (",) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbkpfpflgdnclnlmmemfpdneamkkdfm [2020-08-02] CHR Extension: (TABLEAU DE BORD) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcchkfbfahheddjdlbbkcejafhknbkeg [2020-08-02] CHR Extension: (Courrier - mali barbereau - Outlook) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchkhcnofmbbpoaiganjipbnainpcbni [2020-08-02] CHR Extension: (Qwant) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkpkgbelpbdeejlfbmmnnoeeldilhoc [2020-08-02] CHR Extension: (Gmail) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-08-01] CHR Extension: (Chrome Media Router) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-01] CHR Extension: (hxxps://www.somrespir.fr/index.aspx?p=MonSuivi) - C:\Users\patsong\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncehbikffognipfigcgfjccmdmbfnob [2020-08-01] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] StartMenuInternet: Google Chrome.YPEQFDRK2DDUILBE7SA3PSXEJM - C:\Users\mali\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBackup.exe [1578304 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe [870720 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) S3 BsHelper; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe [390352 2019-11-07] (BullGuard Ltd -> BullGuard Ltd.) R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe [5283128 2020-06-29] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe [2993976 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsNet; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe [1232184 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [428344 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsSentry; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe [776000 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [3119928 2020-07-25] (BullGuard Ltd. -> BullGuard Ltd.) S3 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated -> Acer Incorporated) R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-06] (Acer Incorporated -> Acer Incorporated) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-05] (Malwarebytes Inc -> Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [176752 2019-08-12] (BullGuard Ltd -> BullGuard Ltd.) R0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [162032 2019-03-05] (BullGuard Ltd -> BullGuard Ltd.) R0 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [139392 2020-07-09] (BullGuard LTD -> BullGuard Ltd.) R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [88256 2020-07-25] (BullGuard LTD -> BullGuard Ltd.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-08-02] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-01] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [611728 2019-10-18] (Bitdefender SRL -> Bitdefender) S3 cpuz137; \??\C:\Users\patsong\Desktop\pc-wizard_2014.2.13\pcwiz_x64.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-02 10:30 - 2020-08-02 10:31 - 000035946 _____ C:\Users\patsong\Desktop\FRST.txt 2020-08-02 10:29 - 2020-08-02 10:29 - 002296832 _____ (Farbar) C:\Users\patsong\Desktop\FRST64.exe 2020-08-02 10:26 - 2020-08-02 10:26 - 000303113 _____ C:\Users\patsong\Desktop\ZHPDiag.txt 2020-08-02 10:21 - 2020-08-02 10:21 - 003454848 _____ (Nicolas Coolman) C:\Users\patsong\Desktop\ZHPSuite.exe 2020-08-02 10:21 - 2020-08-02 10:21 - 000000836 _____ C:\Users\patsong\Desktop\ZHPSuite.lnk 2020-08-02 10:20 - 2020-08-02 10:20 - 000000000 ____D C:\Users\patsong\AppData\Local\ZHP 2020-08-02 09:38 - 2020-08-02 09:38 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-08-01 22:50 - 2020-08-01 22:50 - 000000000 _____ C:\Windows\SysWOW64\sho81B1.tmp 2020-08-01 22:38 - 2020-08-01 22:38 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-08-01 22:00 - 2020-08-01 22:00 - 000003155 _____ C:\Users\patsong\Desktop\impossible de réinstaller google chrome.lnk 2020-08-01 17:24 - 2020-08-01 17:24 - 000000000 _____ C:\Windows\Minidump\071820-18954-01.dmp 2020-08-01 17:24 - 2020-08-01 17:24 - 000000000 _____ C:\Windows\Minidump\071720-27924-01.dmp 2020-08-01 17:18 - 2020-08-01 17:18 - 000003309 _____ C:\Users\patsong\Desktop\CCM.lnk 2020-08-01 16:28 - 2020-08-01 16:28 - 000002915 _____ C:\Users\patsong\Desktop\Boite de réception - mail Orange.lnk 2020-08-01 15:42 - 2020-08-01 19:08 - 000000000 ____D C:\Users\patsong\Desktop\bordel 2020-08-01 15:23 - 2020-08-01 15:23 - 000000936 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-08-01 15:23 - 2020-08-01 15:23 - 000000936 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-08-01 15:23 - 2020-08-01 15:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-08-01 15:01 - 2020-08-01 15:01 - 000000047 _____ C:\Users\patsong\Desktop\Google.url 2020-08-01 14:24 - 2020-08-01 14:25 - 007649280 _____ C:\Program Files (x86)\GUT6EDC.tmp 2020-08-01 14:24 - 2020-08-01 14:24 - 000000000 ____D C:\Program Files (x86)\GUM6EDB.tmp 2020-08-01 14:17 - 2020-08-01 14:17 - 001295576 _____ (Google LLC) C:\Users\patsong\Downloads\ChromeSetup (1).exe 2020-08-01 12:15 - 2020-08-01 12:15 - 000003020 _____ C:\Windows\system32\Tasks\{4809A034-B288-4622-BBD7-825ECA9129AA} 2020-08-01 12:15 - 2020-08-01 12:15 - 000003020 _____ C:\Windows\system32\Tasks\{2AE219EF-5495-4724-BB89-0F123D4FCFC0} 2020-08-01 10:54 - 2020-08-01 14:48 - 000002643 _____ C:\Users\mali\Desktop\Google Chrome.lnk 2020-08-01 10:54 - 2020-08-01 10:54 - 000002424 _____ C:\Users\mali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-08-01 10:53 - 2020-08-01 10:53 - 000003678 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1005UA 2020-08-01 10:53 - 2020-08-01 10:53 - 000003406 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1005Core 2020-08-01 10:52 - 2020-08-01 10:52 - 001295576 _____ (Google LLC) C:\Users\mali\Downloads\ChromeSetup.exe 2020-08-01 10:51 - 2020-08-01 10:51 - 000000000 ____D C:\Users\mali\AppData\Local\CEF 2020-08-01 10:36 - 2020-08-01 10:36 - 000000000 ____D C:\Users\mali\AppData\Roaming\Mozilla 2020-08-01 10:36 - 2020-08-01 10:36 - 000000000 ____D C:\Users\mali\AppData\Local\Mozilla 2020-08-01 10:15 - 2020-08-01 15:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-08-01 10:05 - 2020-08-01 10:05 - 001295576 _____ (Google LLC) C:\Users\patsong\Downloads\ChromeSetup.exe 2020-08-01 04:55 - 2020-08-01 04:56 - 000000000 ____D C:\Users\patsong\AppData\Local\Chromium 2020-07-31 23:01 - 2020-08-01 21:29 - 000000000 ____D C:\Program Files (x86)\Google 2020-07-31 22:15 - 2020-08-02 05:44 - 000000555 _____ C:\Users\patsong\Desktop\Courrier - mali barbereau - Outlook.website 2020-07-31 22:15 - 2020-07-31 22:15 - 000000555 _____ C:\Users\patsong\AppData\Roaming\Microsoft\Windows\Start Menu\Courrier - mali barbereau - Outlook.website 2020-07-29 08:21 - 2020-07-29 15:51 - 000000000 ____D C:\Users\patsong\AppData\Local\CrashDumps 2020-07-27 21:35 - 2020-07-27 21:35 - 000001271 _____ C:\Users\patsong\AppData\Local\recently-used.xbel 2020-07-27 19:48 - 2020-08-01 09:34 - 000000000 ____D C:\Program Files\Npcap 2020-07-27 09:23 - 2020-08-01 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2020-07-27 09:23 - 2020-08-01 10:29 - 000000000 ____D C:\Program Files\Speccy 2020-07-27 09:23 - 2020-07-27 09:23 - 000000808 _____ C:\Users\Public\Desktop\Speccy.lnk 2020-07-27 09:23 - 2020-07-27 09:23 - 000000808 _____ C:\ProgramData\Desktop\Speccy.lnk 2020-07-26 18:29 - 2020-07-26 18:29 - 000003718 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2020-07-26 18:15 - 2020-07-26 18:15 - 000000000 _____ C:\Windows\SysWOW64\sho17E5.tmp 2020-07-26 16:26 - 2020-07-26 16:26 - 000000000 ____D C:\Users\patsong\AppData\Local\Intel 2020-07-26 16:12 - 2020-07-26 16:12 - 000000000 _____ C:\Windows\SysWOW64\sho249F.tmp 2020-07-26 08:20 - 2020-08-02 10:30 - 000000000 ____D C:\FRST 2020-07-25 21:59 - 2020-07-25 21:59 - 000001118 _____ C:\Users\Public\Desktop\BullGuard Secure Browser.lnk 2020-07-25 21:59 - 2020-07-25 21:59 - 000001118 _____ C:\ProgramData\Desktop\BullGuard Secure Browser.lnk 2020-07-25 18:52 - 2020-07-25 18:52 - 008414384 _____ (Malwarebytes) C:\Users\patsong\Desktop\adwcleaner_8.0.7.exe 2020-07-24 08:30 - 2020-07-26 03:50 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2020-07-23 09:24 - 2020-08-01 10:38 - 000000000 ____D C:\Users\mali\AppData\LocalLow\Adobe 2020-07-23 09:24 - 2020-07-23 09:24 - 000000000 ____D C:\Users\mali\AppData\Roaming\Adobe 2020-07-23 09:23 - 2020-07-23 09:24 - 000000000 ____D C:\Users\mali\AppData\Local\Adobe 2020-07-23 09:11 - 2020-08-01 10:51 - 000000000 ____D C:\Users\mali\AppData\Roaming\BullGuard 2020-07-22 09:01 - 2020-07-22 09:01 - 000000000 ____D C:\ProgramData\DumpFiles 2020-07-22 08:30 - 2020-08-01 11:12 - 000001493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2020-07-22 08:13 - 2020-07-22 08:13 - 000000000 _____ C:\Windows\SysWOW64\shoAD9E.tmp 2020-07-21 21:01 - 2020-07-21 21:02 - 028061456 _____ (Piriform Software Ltd) C:\Users\patsong\Downloads\cctrialsetup.exe 2020-07-21 09:47 - 2020-07-21 09:47 - 000003616 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2020-07-21 09:47 - 2020-07-21 09:47 - 000003370 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2020-07-21 09:46 - 2020-07-26 04:34 - 000000000 ____D C:\Program Files\Intel 2020-07-21 09:26 - 2020-07-21 09:26 - 000000000 _____ C:\Windows\SysWOW64\sho7DE6.tmp 2020-07-21 08:51 - 2020-06-18 18:06 - 001125976 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2020-07-21 08:51 - 2020-06-18 18:06 - 000131672 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2020-07-21 08:51 - 2020-06-18 18:06 - 000127576 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2020-07-20 09:40 - 2020-07-26 04:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2020-07-20 08:34 - 2020-07-20 08:34 - 000000000 _____ C:\Windows\SysWOW64\shoE0FD.tmp 2020-07-19 07:50 - 2020-07-19 07:50 - 000000960 _____ C:\Users\patsong\Documents\startup.txt 2020-07-19 07:49 - 2020-07-19 07:49 - 000000484 _____ C:\Users\patsong\Documents\cc_20200719_074924.reg 2020-07-19 07:31 - 2020-07-19 07:31 - 000006490 _____ C:\Users\patsong\Documents\cc_20200719_073106.reg 2020-07-18 22:34 - 2020-08-02 10:26 - 000000000 ____D C:\Users\patsong\AppData\Roaming\ZHP 2020-07-18 21:13 - 2020-07-18 21:13 - 000000210 _____ C:\Users\patsong\Desktop\Tableau de bord - Mon espace particulier.url 2020-07-18 21:11 - 2020-07-18 21:11 - 000000262 _____ C:\Users\patsong\Desktop\L'Assurance retraite – La retraite de la Sécurité sociale.url 2020-07-18 21:05 - 2020-07-18 21:05 - 000000236 _____ C:\Users\patsong\Desktop\Malakoff Humanis - Complémentaire santé, prévoyance collective, retraite complémentaire et supplémentaire, épargne et assurance.url 2020-07-18 21:02 - 2020-07-18 21:32 - 000000174 _____ C:\Users\patsong\Desktop\livebox.url 2020-07-18 20:58 - 2020-07-18 21:31 - 000000229 _____ C:\Users\patsong\Desktop\EDF.url 2020-07-18 20:02 - 2020-07-18 21:32 - 000000235 _____ C:\Users\patsong\Desktop\SUEZ EAU.url 2020-07-18 20:00 - 2020-07-18 20:00 - 000000347 _____ C:\Users\patsong\Desktop\Compte ameli - mon espace personnel (2).url 2020-07-18 19:26 - 2020-07-18 19:26 - 000003684 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1001UA 2020-07-18 19:26 - 2020-07-18 19:26 - 000003412 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1831829465-1496700893-273378057-1001Core 2020-07-18 19:16 - 2020-07-26 04:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2020-07-18 19:15 - 2020-07-26 04:43 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2020-07-18 19:15 - 2020-07-26 04:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2020-07-18 12:59 - 2020-07-21 07:08 - 000000000 ____D C:\ProgramData\VirtualizedApplications 2020-07-17 08:04 - 2020-07-17 08:04 - 000002592 _____ C:\Users\patsong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome.lnk 2020-07-15 22:27 - 2020-07-15 22:27 - 000000000 _____ C:\Windows\SysWOW64\shoDA38.tmp 2020-07-14 06:42 - 2020-07-14 06:42 - 000000000 _____ C:\Windows\SysWOW64\shoD604.tmp 2020-07-12 14:27 - 2020-07-26 04:43 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Legends - Sleepy Hollow 2020-07-12 14:27 - 2020-07-12 14:27 - 000000000 ____D C:\ProgramData\PlayPond 2020-07-11 22:51 - 2020-07-11 22:51 - 000000000 _____ C:\Windows\SysWOW64\sho5BB.tmp 2020-07-11 16:16 - 2020-07-26 04:36 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Alawar 2020-07-11 16:16 - 2020-07-11 16:16 - 000003134 _____ C:\Windows\system32\Tasks\{EC899400-714D-4301-BDF6-959BA808265D} 2020-07-10 18:53 - 2020-07-10 18:53 - 000003144 _____ C:\Windows\system32\Tasks\{5FB04976-5C04-4174-833F-EAC669F4F90D} 2020-07-08 18:30 - 2020-07-26 04:43 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Turtle Odyssey II 2020-07-08 18:30 - 2020-07-08 18:30 - 000003138 _____ C:\Windows\system32\Tasks\{E4B8FA54-DC07-4F07-BF0D-C63063E7C7CA} 2020-07-08 18:25 - 2020-07-08 18:25 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Meridian93 2020-07-05 21:51 - 2020-07-26 04:36 - 000000000 ____D C:\Users\patsong\AppData\Roaming\URSE Games 2020-06-29 14:28 - 2020-06-29 14:27 - 000179128 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll 2020-06-29 14:28 - 2020-06-29 14:27 - 000162056 _____ (BullGuard Ltd.) C:\Windows\SysWOW64\BgGamingMonitor.dll 2020-06-24 16:15 - 2020-07-18 12:29 - 000000000 ____D C:\ProgramData\BC Soft Games 2020-06-23 21:43 - 2020-07-26 04:36 - 000000000 ____D C:\Users\patsong\AppData\Roaming\ERS G-Studio 2020-06-23 05:43 - 2020-06-23 05:43 - 000000000 _____ C:\Windows\SysWOW64\sho6104.tmp 2020-06-22 22:30 - 2020-07-26 04:36 - 000000000 ____D C:\Users\patsong\AppData\Roaming\FlyWheelGames 2020-06-22 22:24 - 2020-06-22 22:24 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Gold Casual Games 2020-06-22 06:34 - 2020-06-22 06:34 - 000000000 _____ C:\Windows\SysWOW64\shoFB21.tmp 2020-06-20 21:23 - 2020-06-20 21:23 - 000014484 _____ C:\Users\patsong\Documents\cc_20200620_212315.reg 2020-06-14 14:24 - 2020-06-14 14:24 - 000000000 __SHD C:\Windows\ftpcache 2020-06-13 00:02 - 2020-06-13 00:02 - 000434520 _____ C:\Windows\system32\wpcap.dll 2020-06-13 00:02 - 2020-06-13 00:02 - 000377688 _____ C:\Windows\SysWOW64\wpcap.dll 2020-06-13 00:02 - 2020-06-13 00:02 - 000179544 _____ (Insecure.Com LLC.) C:\Windows\system32\Packet.dll 2020-06-13 00:02 - 2020-06-13 00:02 - 000154456 _____ (Insecure.Com LLC.) C:\Windows\SysWOW64\Packet.dll 2020-06-13 00:02 - 2020-06-13 00:02 - 000102232 _____ (Insecure.Com LLC.) C:\Windows\system32\NpcapHelper.exe 2020-06-13 00:02 - 2020-06-13 00:02 - 000088920 _____ (Insecure.Com LLC.) C:\Windows\SysWOW64\NpcapHelper.exe 2020-06-13 00:02 - 2020-06-13 00:02 - 000065368 _____ (Insecure.Com LLC.) C:\Windows\system32\WlanHelper.exe 2020-06-13 00:02 - 2020-06-13 00:02 - 000055128 _____ (Insecure.Com LLC.) C:\Windows\SysWOW64\WlanHelper.exe 2020-06-09 17:19 - 2020-07-26 04:36 - 000000000 ____D C:\Users\Public\Documents\oberon 2020-06-09 17:19 - 2020-07-26 04:36 - 000000000 ____D C:\ProgramData\Documents\oberon 2020-06-09 17:18 - 2020-07-26 04:43 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2020-06-09 17:18 - 2020-07-26 04:36 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Zylom 2020-06-09 17:16 - 2020-06-09 17:16 - 000000000 ____D C:\Users\patsong\AppData\Local\STARGAZE_IMAGE_CACHE 2020-06-07 16:28 - 2020-06-07 16:28 - 000004096 _____ C:\Windows\d3dx.dat 2020-06-03 22:32 - 2020-06-03 22:32 - 000000000 _____ C:\Windows\SysWOW64\shoC985.tmp 2020-06-01 22:56 - 2020-06-01 22:56 - 000000000 _____ C:\Windows\SysWOW64\sho8611.tmp 2020-06-01 05:47 - 2020-06-01 05:47 - 000000000 _____ C:\Windows\SysWOW64\shoE179.tmp 2020-05-23 03:44 - 2020-05-23 03:44 - 000000000 _____ C:\Windows\SysWOW64\shoF0F3.tmp 2020-05-22 11:01 - 2020-05-22 11:01 - 000041600 _____ (USBPcap) C:\Windows\system32\Drivers\USBPcap.sys 2020-05-19 03:37 - 2020-05-19 03:37 - 000000000 _____ C:\Windows\SysWOW64\sho51B8.tmp 2020-05-14 05:36 - 2020-05-14 05:36 - 000000000 _____ C:\Windows\SysWOW64\sho6142.tmp 2020-05-09 03:36 - 2020-05-09 03:36 - 000000000 _____ C:\Windows\SysWOW64\sho6420.tmp 2020-05-06 11:23 - 2020-07-26 04:34 - 000000000 ____D C:\Program Files\HP 2020-05-06 11:23 - 2020-07-18 12:06 - 000003622 _____ C:\Windows\system32\Tasks\HPCustParticipation HP ENVY 4500 series 2020-05-06 11:23 - 2014-07-21 16:31 - 000763912 _____ (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPMC511.dll 2020-05-06 10:33 - 2020-08-01 10:29 - 000000000 ____D C:\Users\patsong\Documents\HpReg_Backup ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-02 10:21 - 2019-12-03 22:06 - 000000000 ____D C:\ProgramData\BullGuard 2020-08-02 08:17 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-08-02 08:17 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-08-02 08:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-08-01 22:29 - 2020-03-05 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-08-01 22:00 - 2019-12-04 18:43 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2020-08-01 21:01 - 2011-10-21 11:59 - 000000000 ____D C:\ProgramData\Temp 2020-08-01 18:56 - 2019-12-03 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-08-01 17:24 - 2019-12-08 04:41 - 000000000 ____D C:\Windows\Minidump 2020-08-01 17:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-08-01 15:45 - 2020-02-23 12:11 - 000000000 ___RD C:\Users\patsong\Desktop\ppc apnée 2020-08-01 15:26 - 2019-12-03 22:24 - 000000000 ____D C:\Users\patsong\AppData\LocalLow\Mozilla 2020-08-01 15:23 - 2019-12-03 22:21 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-08-01 14:53 - 2019-12-03 22:07 - 000000000 ____D C:\Users\patsong\AppData\Local\Google 2020-08-01 14:34 - 2019-12-04 05:57 - 000747772 _____ C:\Windows\system32\perfh00C.dat 2020-08-01 14:34 - 2019-12-04 05:57 - 000150038 _____ C:\Windows\system32\perfc00C.dat 2020-08-01 14:34 - 2009-07-14 07:13 - 001669872 _____ C:\Windows\system32\PerfStringBackup.INI 2020-08-01 12:51 - 2019-12-09 23:31 - 000000000 ____D C:\Windows\system32\Tasks\Games 2020-08-01 12:15 - 2019-12-04 10:25 - 000000000 ____D C:\Users\patsong\AppData\Local\ElevatedDiagnostics 2020-08-01 11:12 - 2019-12-03 22:30 - 000000000 ____D C:\ProgramData\Package Cache 2020-08-01 11:12 - 2011-10-21 11:03 - 000000000 ____D C:\Program Files (x86)\Intel 2020-08-01 11:00 - 2019-12-03 21:47 - 000000000 ____D C:\Users\patsong 2020-08-01 10:53 - 2020-01-15 02:47 - 000000000 ____D C:\Users\mali\AppData\Local\Google 2020-08-01 10:35 - 2020-01-15 02:46 - 000000964 __RSH C:\Users\mali\ntuser.pol 2020-08-01 10:35 - 2020-01-15 02:46 - 000000000 ____D C:\Users\mali 2020-08-01 10:29 - 2020-02-27 18:47 - 000000000 ____D C:\Program Files (x86)\WinRAR 2020-08-01 10:29 - 2020-02-11 21:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client 2020-08-01 10:29 - 2020-01-31 06:31 - 000000000 ____D C:\Users\Invité 2020-08-01 10:29 - 2020-01-08 19:39 - 000000000 ____D C:\Program Files\CCleaner 2020-08-01 10:29 - 2020-01-02 17:12 - 000000000 ____D C:\Users\compte admi 2020-08-01 10:29 - 2020-01-01 22:58 - 000000000 ____D C:\Users\Administrateur 2020-08-01 10:29 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Windows Defender 2020-08-01 10:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2020-08-01 10:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2020-08-01 10:27 - 2020-01-02 17:00 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Google 2020-07-31 19:04 - 2018-05-28 18:39 - 000000000 ____D C:\Users\patsong\Desktop\a vendre 2020-07-27 19:38 - 2020-01-06 17:52 - 000002198 _____ C:\Windows\wininit.ini 2020-07-26 15:36 - 2020-01-05 17:29 - 000000664 __RSH C:\Users\patsong\ntuser.pol 2020-07-26 04:43 - 2019-12-12 23:22 - 000000000 ___RD C:\Users\patsong\OneDrive 2020-07-26 04:43 - 2019-12-12 23:22 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2020-07-26 04:43 - 2019-12-10 13:54 - 000000000 ____D C:\Users\patsong\uspy 2020-07-26 04:43 - 2019-12-04 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2020-07-26 04:43 - 2019-12-04 11:53 - 000000000 ____D C:\ProgramData\HP 2020-07-26 04:43 - 2019-09-04 19:10 - 000000000 ___RD C:\Users\patsong\Desktop\jeux 2020-07-26 04:43 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Windows Sidebar 2020-07-26 04:43 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicyUsers 2020-07-26 04:43 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\spool 2020-07-26 04:42 - 2011-10-21 11:39 - 000000000 ___RD C:\Program Files (x86)\Skype 2020-07-26 04:36 - 2019-12-04 19:17 - 000000000 ____D C:\Users\patsong\AppData\Roaming\Big Fish Games 2020-07-26 04:36 - 2018-10-15 19:09 - 000000000 ____D C:\Users\patsong\Desktop\alec et zac 2020-07-26 04:35 - 2020-02-10 22:57 - 000000000 ____D C:\Users\patsong\AppData\Local\Microsoft Games 2020-07-26 04:34 - 2019-12-03 21:11 - 000000000 ____D C:\ProgramData\Intel 2020-07-26 04:33 - 2009-07-14 04:38 - 000000000 ____D C:\Program Files\C 2020-07-26 04:32 - 2019-12-04 11:53 - 000000000 ____D C:\Program Files (x86)\HP 2020-07-26 04:32 - 2011-10-21 11:09 - 000000000 ____D C:\Program Files (x86)\Realtek 2020-07-26 04:31 - 2019-10-31 16:47 - 000000000 ____D C:\objets_caches 2020-07-26 04:31 - 2019-05-15 15:17 - 000000000 __RHD C:\MSOCache 2020-07-26 03:58 - 2019-12-03 22:24 - 000000000 ____D C:\Users\patsong\AppData\Local\Mozilla 2020-07-25 18:54 - 2019-09-26 21:01 - 000000000 ____D C:\AdwCleaner 2020-07-25 18:54 - 2019-08-12 09:49 - 000088256 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\BdSpy.sys 2020-07-18 12:43 - 2020-04-27 09:08 - 000000000 ____D C:\Users\patsong\AppData\Local\Oberon Games 2020-07-18 12:33 - 2019-12-07 13:12 - 000000000 ____D C:\ProgramData\PlayFirst 2020-07-17 11:10 - 2010-11-21 09:16 - 000000000 ___RD C:\Users\Public\Recorded TV 2020-07-17 10:06 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-07-11 19:45 - 2019-12-10 19:23 - 000000000 ____D C:\Program Files\Big Fish Games 2020-07-09 11:10 - 2019-10-18 11:05 - 000139392 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\BdSentry.sys 2020-07-09 10:45 - 2020-01-24 11:34 - 000002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-07-09 10:45 - 2019-12-12 04:27 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task ==================== Fichiers à la racine de certains dossiers ======== 2020-08-01 14:24 - 2020-08-01 14:25 - 007649280 _____ () C:\Program Files (x86)\GUT6EDC.tmp 2019-12-29 19:22 - 2019-12-29 19:22 - 013314286 _____ () C:\Users\patsong\AppData\Roaming\UserTile.png 2020-02-03 17:39 - 2020-02-03 17:39 - 000439910 _____ () C:\Users\patsong\AppData\Local\ars.cache 2020-02-03 17:40 - 2020-02-03 17:40 - 000682111 _____ () C:\Users\patsong\AppData\Local\census.cache 2020-02-03 17:09 - 2020-02-03 17:09 - 000000036 _____ () C:\Users\patsong\AppData\Local\housecall.guid.cache 2020-07-27 21:35 - 2020-07-27 21:35 - 000001271 _____ () C:\Users\patsong\AppData\Local\recently-used.xbel 2020-05-01 22:01 - 2020-05-02 09:35 - 000031380 _____ () C:\Users\patsong\AppData\Local\slot1.mm1 2020-07-27 21:24 - 2020-07-27 21:24 - 000000000 _____ () C:\Users\patsong\AppData\Local\zenmap.exe.log ==================== SigCheckExt ========================= 2011-10-21 11:06 - 2010-12-15 10:10 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE 2019-12-03 21:16 - 2011-02-01 07:06 - 000008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll 2020-08-02 10:29 - 2020-08-02 10:29 - 002296832 _____ (Farbar) C:\Users\patsong\Desktop\FRST64.exe 2020-08-02 10:21 - 2020-08-02 10:21 - 003454848 _____ (Nicolas Coolman) C:\Users\patsong\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {1067e696-1649-11ea-8cbd-bad47e1b9885} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {1067e698-1649-11ea-8cbd-bad47e1b9885} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {1067e696-1649-11ea-8cbd-bad47e1b9885} nx OptIn Chargeur de d�marrage Windows ----------------------------- identificateur {1067e698-1649-11ea-8cbd-bad47e1b9885} device ramdisk=[C:]\Recovery\1067e698-1649-11ea-8cbd-bad47e1b9885\Winre.wim,{1067e699-1649-11ea-8cbd-bad47e1b9885} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\1067e698-1649-11ea-8cbd-bad47e1b9885\Winre.wim,{1067e699-1649-11ea-8cbd-bad47e1b9885} systemroot \windows nx OptIn winpe Yes Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {1067e696-1649-11ea-8cbd-bad47e1b9885} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \boot\memtest.exe description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes Param�tres EMS -------------- identificateur {emssettings} bootems Yes Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p�riph�rique ----------------------- identificateur {1067e699-1649-11ea-8cbd-bad47e1b9885} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\1067e698-1649-11ea-8cbd-bad47e1b9885\boot.sdi LastRegBack: 2020-07-26 11:08 ==================== Fin de FRST.txt ========================