Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021 Exécuté par cash (administrateur) sur PC-JPC (ASUSTeK COMPUTER INC. X555LJ) (05-11-2021 09:31:09) Exécuté depuis C:\Users\cash\Desktop\depannage et optimisation Profils chargés: cash Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1288 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Users\cash\Desktop\Captvty 3 Alpha\Captvty.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (CrypKey (Canada) Ltd.) [Fichier non signé] C:\Windows\System32\Crypserv.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5> (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\cash\Desktop\depannage et optimisation\ZHPSuite.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 7\updater-ws.exe (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 7\ws.exe (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [950296 2015-03-19] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8807712 2021-10-23] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670080 2021-04-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [895360 2021-04-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [512536 2021-09-28] (QFX Software Corporation -> QFX Software Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Fichier non signé] HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2628600 2019-11-30] (Leosoft EOOD -> ) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Picosmos] => C:\Program Files\PicosmosTools\PicosmosTools.exe [7511728 2020-02-18] (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2759000147-1505035581-997665020-1001\...\Run: [Opera Browser Assistant] => C:\Users\cash\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\EPSON WF-2760 Series 64MonitorBE: C:\Windows\system32\E_YLMBM1E.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON WF-3620 Series 64MonitorBE: C:\Windows\system32\E_YLMBKEE.DLL [179712 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\PDFsam Enhanced 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfsam enhanced_pdfpmon_v.6.11.0.7.dll [960120 2021-09-30] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2020-07-02] ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC -> IO3O LLC) [Fichier non signé] Startup: C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-07-19] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited) GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {017BC5BC-1FAB-40F3-AD7C-02548E4F13C3} - System32\Tasks\EPSON WF-2760 Series Update {11F1EBEE-12AD-456B-91B3-56D196E5B2AF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {04C61C94-04AD-4845-A7ED-F94FCFC2DCF7} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3477528 2021-05-26] (IObit CO., LTD -> IObit) Task: {0587A813-8329-42E7-A841-4E1B4789A7E5} - System32\Tasks\iTopVPN_Scheduler_cash => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.) Task: {061FA73A-A272-4B1C-8857-216D8B212D33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {0CA05D19-A5DD-452E-B5C8-79E7D3D7ED3E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> ) Task: {104C8C4D-EA6F-4B10-918C-75B751FB31DE} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2759000147-1505035581-997665020-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {1052A55F-628E-4AF0-82B6-1A9DEE1024A8} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {263AA477-0DCB-4D60-84DA-EE01920AE0F1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {26A1D92A-DD09-4DA5-AE77-6788F273493E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {27D16410-4B53-4B5C-96FE-E9D6402698F2} - System32\Tasks\iTopVPN_SkipUAC_cash => C:\Program Files (x86)\iTop VPN\iTopVPN.exe [5882880 2021-09-28] (ORANGE VIEW LIMITED -> iTop Inc.) Task: {292AE2CA-ED2F-48AD-8F51-CCA3CDB06340} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé] Task: {39374D1B-7F04-4A90-9B44-59B593D15DBB} - System32\Tasks\iTopVPN_Update_cash => C:\Program Files (x86)\iTop VPN\atud.exe [2971136 2021-09-06] (ORANGE VIEW LIMITED -> iTop Inc.) Task: {435B44FB-0073-45D2-8A98-2D263B94FB70} - System32\Tasks\EPSON WF-3620 Series Update {E323B5EC-E94B-4078-B63C-EF38A68DC950} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {493165A7-CE8A-4B5C-87C8-99FEF7C0F317} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe Task: {4CBA2FFC-0E01-496B-96B5-92B3D4062226} - System32\Tasks\Opera scheduled assistant Autoupdate 1599817228 => C:\Users\cash\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\cash\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {522632DC-312D-4015-8B51-2315CBC23045} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\cash\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Task: {556BD58B-8E5F-4DF8-9038-83EFCFBFD6CE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe Task: {5B1F7FD3-75D5-4558-BB85-B8F74DCF3FE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {635EFFBD-4E4E-4E00-8E7C-5932CF7A41C6} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\cash\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Task: {6A94B6B2-8E67-4C83-8A2E-8E79A1B8C729} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Task: {6ADAC589-7AE2-4673-BA29-5595585641F7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {712D0223-AF70-41DA-98A1-444A68D9808D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-31] (Google LLC -> Google LLC) Task: {737C9A6A-9446-47CD-9F36-262A8E0CAA35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {761C32AC-6896-4551-B924-76B3DCB26AF9} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe Task: {86B156FA-2EC5-4C65-8FBC-BBC3968856C9} - System32\Tasks\EPSON WF-3620 Series Invitation {E323B5EC-E94B-4078-B63C-EF38A68DC950} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {8C8C7332-BE16-404D-9BAD-F22D231760C7} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe Task: {906B907E-806F-4CF9-84CA-BC2409A2A3CE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform) Task: {93D6359B-56AB-4D29-8B47-8F8A95965CC4} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit) Task: {93F0C6F5-8831-410B-B945-5FB2B98F540B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {9C44A04C-B561-4A2A-8918-4C89D6CF76F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A5751EFB-1958-4681-861F-B49DE6AE9E86} - System32\Tasks\EPSON WF-2760 Series Update {601CAC5C-A03A-42A7-9A38-FA1BF8ED22D1} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {A7ADA0C1-41D4-4E8E-8CC7-6FD9C744E122} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A88C9B61-A487-436E-85EB-771259362C7E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {B2286C60-4FAF-497D-979C-3C69F85833EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-31] (Google LLC -> Google LLC) Task: {BABCA08C-FCB7-4306-8BB5-8C2ECE4CE15D} - System32\Tasks\EPSON WF-3620 Series Update {27317EC9-E4AE-46A2-A7C0-615DCD8FA4BF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {C3D6CA6E-F169-47B4-BE37-B6FB4E3F1021} - System32\Tasks\EPSON WF-3620 Series Invitation {27317EC9-E4AE-46A2-A7C0-615DCD8FA4BF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {C58696C8-4E0D-4523-8309-CA0375FC68B6} - System32\Tasks\Opera scheduled Autoupdate 1599817206 => C:\Users\cash\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) Task: {CD1F9305-BBDC-4BAF-B630-D5460E5DEC84} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé] Task: {CFB9F1B6-1E90-4EB2-946F-AA75C266D792} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-08-17] (ASUSTeK Computer Inc. -> AsusTek) Task: {D10607EE-A65C-4056-9E88-85B21027B29C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {DBE84082-495A-4988-8780-061BFD849D59} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation) Task: {EAB6722C-6BF3-4905-8222-830A9863B77A} - System32\Tasks\EPSON WF-2760 Series Update {76EB3FF3-683F-4760-9EC6-1E86F9DD61FE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {11F1EBEE-12AD-456B-91B3-56D196E5B2AF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{11F1EBEE-12AD-456B-91B3-56D196E5B2AF} /F:UpdateMSHOME\PC-JPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {601CAC5C-A03A-42A7-9A38-FA1BF8ED22D1}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{601CAC5C-A03A-42A7-9A38-FA1BF8ED22D1} /F:UpdateMSHOME\PC-JPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {76EB3FF3-683F-4760-9EC6-1E86F9DD61FE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{76EB3FF3-683F-4760-9EC6-1E86F9DD61FE} /F:UpdateMSHOME\PC-JPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {27317EC9-E4AE-46A2-A7C0-615DCD8FA4BF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {E323B5EC-E94B-4078-B63C-EF38A68DC950}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {27317EC9-E4AE-46A2-A7C0-615DCD8FA4BF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{27317EC9-E4AE-46A2-A7C0-615DCD8FA4BF} /F:UpdateMSHOME\PC-JPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {E323B5EC-E94B-4078-B63C-EF38A68DC950}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{E323B5EC-E94B-4078-B63C-EF38A68DC950} /F:UpdateMSHOME\PC-JPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{360f2f8a-a024-43b0-88a4-1aa3778f3d8b}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= DownloadDir: D:\Telechargements Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\cash\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-05] Edge HKU\S-1-5-21-2759000147-1505035581-997665020-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx FireFox: ======== FF DefaultProfile: mvaul2ww.default FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\mvaul2ww.default [2021-10-31] FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705 [2021-11-05] FF Homepage: Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705 -> hxxps://www.qwant.com/?client=ext-firefox-hp FF HomepageOverride: Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705 -> Enabled: qwantcomforfirefox@jetpack FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\@windscribeff.xpi [2021-10-15] FF Extension: (Reverso - Traduction, dictionnaire) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\context@reverso.net.xpi [2021-10-15] FF Extension: (Free Download Manager) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\fdm_ffext2@freedownloadmanager.org.xpi [2021-10-16] FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\firefox@ghostery.com.xpi [2021-10-15] FF Extension: (To Google Translate) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-10-15] FF Extension: (IDM Integration Module) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2021-10-15] FF Extension: (Pas de nom) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\qwantcomforfirefox@jetpack.xpi [2021-10-15] FF Extension: (Eagle - Save images faster than ever) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\{228a49ed-af0c-452c-bc77-630f99cb0470}.xpi [2021-10-15] FF Extension: (Download with FlashGet™) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\{48f5395d-5c00-41cd-9a5e-fd2f8d9b74c2}.xpi [2021-10-15] FF Extension: (Video DownloadHelper) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-15] FF Extension: (Download with Download Accelerator Plus (DAP)) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\{cfd8df21-e05f-46e9-8ea1-af5e5177d492}.xpi [2021-10-15] FF Extension: (Google Search by Image) - C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\z3xbcd1v.default-release-1634279305705\Extensions\{dfdc0031-f31b-44fb-b22a-979241a9ba13}.xpi [2021-10-15] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2021-06-23] [] [non signé] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> ) FF Plugin HKU\S-1-5-21-2759000147-1505035581-997665020-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Opera: ======= OPR Profile: C:\Users\cash\AppData\Roaming\Opera Software\Opera Stable [2021-11-04] OPR Notifications: Opera Stable -> hxxps://myniceposts.com; hxxps://tecuil.com; hxxps://thehypenewz.com OPR DefaultSuggestURL: Opera Stable -> hxxps://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&FORM=OPERAS OPR Extension: (Rich Hints Agent) - C:\Users\cash\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-22] OPR Extension: (Amazon Assistant Promotion) - C:\Users\cash\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUSTeK Computer Inc. -> ASUS) R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [Fichier non signé] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-10-23] (Dropbox, Inc -> Dropbox, Inc.) S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent) S3 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [145744 2021-05-10] (eVenture Limited -> eVenture Limited) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7789240 2021-10-07] (Malwarebytes Inc -> Malwarebytes) S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 PDFsam Enhanced 7; C:\Program Files\PDFsam Enhanced 7\ws.exe [2619288 2021-08-25] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) S3 PDFsam Enhanced 7 Creator; C:\Program Files\PDFsam Enhanced 7\creator-ws.exe [514968 2021-08-25] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) R2 PDFsam Enhanced 7 Update Service; C:\Program Files\PDFsam Enhanced 7\updater-ws.exe [1742232 2021-08-25] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [83480 2021-09-28] (QFX Software Corporation -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.) R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [99824 2021-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology) R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.) R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-12] (Malwarebytes Inc -> Malwarebytes) R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> ) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-04-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-09-20] (ExprsVPN LLC -> The OpenVPN Project) S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-11-04] (Adlice -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-28] (WireGuard LLC -> WireGuard LLC) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2021-10-14] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2021-10-14] (Zemana Ltd. -> Zemana Ltd.) R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-19] (CyberLink Corp. -> CyberLink Corp.) S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-05 08:20 - 2021-11-05 08:20 - 000014728 _____ C:\Users\cash\Desktop\ZHPCleaner (R).txt 2021-11-05 08:16 - 2021-11-05 08:16 - 000014629 _____ C:\Users\cash\Desktop\ZHPCleaner (S).txt 2021-11-04 18:36 - 2021-11-04 18:36 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-11-04 17:42 - 2021-11-05 09:34 - 000000000 ___RD C:\Users\cash\Desktop\depannage et optimisation 2021-11-04 17:18 - 2021-11-04 17:18 - 000000000 ___HD C:\OneDriveTemp 2021-11-04 16:51 - 2021-11-04 16:52 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-04 11:07 - 2021-11-04 11:07 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2021-11-04 11:06 - 2021-11-04 11:12 - 000000000 ____D C:\ProgramData\ADiag 2021-11-04 08:22 - 2021-11-05 09:33 - 000000000 ____D C:\Users\cash\AppData\Roaming\ZHP 2021-11-04 08:22 - 2021-11-04 11:12 - 000000000 ____D C:\Users\cash\AppData\Local\ZHP 2021-11-03 07:54 - 2021-11-03 07:54 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-03 07:54 - 2021-11-03 07:54 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-01 11:29 - 2021-11-01 11:34 - 000000000 ____D C:\BCUninstaller 2021-11-01 10:10 - 2021-11-01 10:10 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2 2021-11-01 10:09 - 2021-11-01 10:09 - 000000000 ____D C:\Users\cash\AppData\Roaming\Thunderbird 2021-11-01 10:09 - 2021-11-01 10:09 - 000000000 ____D C:\Users\cash\AppData\Local\Thunderbird 2021-11-01 10:07 - 2021-11-01 10:07 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-10-31 16:46 - 2021-10-31 16:46 - 000003836 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-10-31 16:46 - 2021-10-31 16:46 - 000003394 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-10-31 08:59 - 2021-11-01 10:17 - 000001379 _____ C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-10-28 07:11 - 2021-10-28 07:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-10-27 18:57 - 2017-03-09 12:53 - 000030744 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys 2021-10-24 10:37 - 2021-10-26 09:22 - 000000000 ____D C:\Program Files (x86)\HDCleanerX64 2021-10-23 19:59 - 2021-10-23 19:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-10-23 19:59 - 2021-10-23 19:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-10-23 19:59 - 2021-10-23 19:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-10-23 19:59 - 2021-10-23 19:59 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-10-21 09:08 - 2021-10-21 09:08 - 000002128 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk 2021-10-19 07:56 - 2021-10-19 07:56 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-10-19 07:56 - 2021-10-19 07:56 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-10-19 07:55 - 2021-10-19 07:55 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-19 07:55 - 2021-10-19 07:55 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-10-19 07:53 - 2021-10-19 07:53 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-19 07:53 - 2021-10-19 07:53 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-19 07:51 - 2021-10-19 07:51 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-19 06:48 - 2021-10-19 06:48 - 000000000 ___HD C:\$WinREAgent 2021-10-18 10:09 - 2021-10-19 16:18 - 000000000 ____D C:\Program Files\HWiNFO64 2021-10-18 10:09 - 2021-10-18 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2021-10-15 18:14 - 2016-04-21 10:10 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys 2021-10-15 17:52 - 2021-10-15 17:52 - 000000000 ____D C:\ProgramData\Adaware Software 2021-10-15 08:37 - 2021-10-16 21:25 - 000000000 ____D C:\Users\cash\AppData\Roaming\QFX Software 2021-10-15 08:37 - 2021-10-16 21:24 - 000000000 ____D C:\ProgramData\QFX Software 2021-10-15 08:24 - 2021-10-15 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler 2021-10-15 08:21 - 2021-10-15 08:24 - 000000000 ____D C:\Program Files (x86)\KeyScrambler 2021-10-14 18:25 - 2021-10-14 18:25 - 000000000 ____D C:\Users\cash\AppData\Local\AntiLogger Free 2021-10-14 17:40 - 2021-10-14 17:41 - 000000000 ____D C:\Users\cash\AppData\Roaming\GeoGebra 2021-10-14 17:34 - 2018-09-08 07:15 - 000243800 _____ (QFX Software Corporation) C:\WINDOWS\system32\Drivers\keyscrambler.sys 2021-10-14 17:18 - 2021-11-05 09:40 - 002209858 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2021-10-14 17:18 - 2021-11-05 09:40 - 002172565 _____ C:\WINDOWS\ZAM.krnl.trace 2021-10-14 17:18 - 2021-10-16 21:51 - 000000000 ____D C:\Users\cash\AppData\Local\Zemana 2021-10-14 17:18 - 2021-10-14 18:26 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK 2021-10-14 17:18 - 2021-10-14 17:18 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2021-10-14 17:18 - 2021-10-14 17:18 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2021-10-14 17:18 - 2017-09-12 15:53 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys 2021-10-12 17:46 - 2021-10-12 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic 2021-10-09 18:01 - 2021-11-01 10:07 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-09-30 15:39 - 2021-09-30 15:41 - 000000000 ____D C:\Program Files\PDFsam Enhanced 7 2021-09-30 15:39 - 2021-09-30 15:39 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Enhanced 7.lnk 2021-09-30 15:39 - 2021-09-30 15:39 - 000000000 ____D C:\Program Files (x86)\PDFsam Enhanced 7 2021-09-26 07:55 - 2021-11-04 17:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-26 07:48 - 2021-11-01 10:46 - 000018368 _____ C:\Users\cash\Desktop\fr3 Meurtres et Crimes à.xlsx 2021-09-23 17:28 - 2021-10-25 15:05 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-09-23 17:28 - 2021-10-25 15:05 - 000001901 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-09-23 17:28 - 2021-10-25 15:05 - 000001901 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-09-23 17:28 - 2021-10-25 15:05 - 000001889 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-09-23 17:28 - 2021-09-09 09:29 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys 2021-09-19 12:38 - 2021-09-19 12:41 - 000000000 ____D C:\Users\cash\AppData\Roaming\PeaZip 2021-09-19 12:38 - 2021-09-19 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip 2021-09-19 12:37 - 2021-09-19 12:38 - 000000000 ____D C:\Program Files\PeaZip 2021-09-17 17:12 - 2021-09-17 17:12 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-17 17:11 - 2021-09-17 17:11 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-17 17:11 - 2021-09-17 17:11 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-17 17:11 - 2021-09-17 17:11 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-17 17:11 - 2021-09-17 17:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-09-17 17:09 - 2021-09-17 17:09 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-17 17:09 - 2021-09-17 17:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-17 17:09 - 2021-09-17 17:09 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-09-17 17:09 - 2021-09-17 17:09 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-13 16:15 - 2021-09-13 16:15 - 000000000 ____D C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6 2021-09-11 18:38 - 2021-09-11 18:38 - 000000000 ____D C:\Users\cash\AppData\Local\OO Software 2021-09-11 18:25 - 2021-09-11 18:25 - 000000000 ____D C:\Users\cash\AppData\Local\SaRALogs 2021-09-11 18:24 - 2021-09-11 18:24 - 000000000 ____D C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2021-09-11 18:21 - 2021-09-11 19:01 - 000000000 ____D C:\Users\cash\AppData\Local\Deployment 2021-09-11 18:21 - 2021-09-11 18:21 - 000000000 ____D C:\Users\cash\AppData\Local\Apps\2.0 2021-08-27 11:26 - 2021-08-27 12:30 - 000000000 ____D C:\armorial general de rietstap 2021-08-25 09:50 - 2021-08-25 09:50 - 000003011 _____ C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutlookFreeware.com Utilities.lnk 2021-08-25 09:48 - 2021-08-25 09:52 - 000000000 ____D C:\Users\cash\AppData\Local\OutlookFreeware.com 2021-08-17 11:16 - 2021-08-17 11:16 - 000000000 ____D C:\spellings 2021-08-17 11:14 - 2021-10-31 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Enhanced 7 2021-08-17 11:14 - 2021-08-17 11:16 - 000000000 ____D C:\Users\cash\AppData\Roaming\PDFsam Enhanced 7 2021-08-17 11:08 - 2021-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\PDFsam Basic 2021-08-17 11:06 - 2021-10-12 17:46 - 000000000 ____D C:\ProgramData\PDFsam Basic 2021-08-17 11:06 - 2021-09-30 15:39 - 000000000 ____D C:\ProgramData\PDFsam Enhanced 7 2021-08-17 10:25 - 2021-08-17 10:25 - 000000000 ____D C:\Users\cash\AppData\LocalLow\Temp 2021-08-11 19:39 - 2021-09-18 09:16 - 000000000 ____D C:\Users\cash\AppData\Local\molotov 2021-08-09 10:17 - 2021-11-05 08:25 - 000000000 ____D C:\Program Files (x86)\iTop VPN 2021-08-09 10:17 - 2021-11-05 07:51 - 000000000 ____D C:\ProgramData\iTop VPN 2021-08-09 10:17 - 2021-09-30 06:26 - 000003104 _____ C:\WINDOWS\system32\Tasks\iTopVPN_Update_cash 2021-08-09 10:17 - 2021-09-30 06:26 - 000003068 _____ C:\WINDOWS\system32\Tasks\iTopVPN_Scheduler_cash 2021-08-09 10:17 - 2021-09-30 06:26 - 000001089 _____ C:\Users\Public\Desktop\iTop VPN.lnk 2021-08-09 10:17 - 2021-09-30 06:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop VPN 2021-08-09 10:17 - 2021-08-09 10:17 - 000002862 _____ C:\WINDOWS\system32\Tasks\iTopVPN_SkipUAC_cash 2021-08-09 10:17 - 2021-08-09 10:17 - 000000000 ____D C:\Users\cash\AppData\Roaming\iTop VPN ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-05 09:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-05 09:33 - 2019-07-09 17:13 - 000000000 ____D C:\FRST 2021-11-05 09:30 - 2019-09-16 07:41 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-05 09:29 - 2019-03-30 17:02 - 000000000 ____D C:\Users\cash\AppData\LocalLow\Mozilla 2021-11-05 08:56 - 2019-09-16 16:18 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-05 08:31 - 2019-09-16 18:06 - 000000000 ____D C:\Users\cash\AppData\Roaming\vlc 2021-11-05 08:08 - 2019-12-27 18:03 - 000001474 _____ C:\Users\cash\Desktop\creation point de restauration.lnk 2021-11-05 07:44 - 2019-09-16 15:15 - 000000000 ____D C:\Program Files\CCleaner 2021-11-05 07:44 - 2019-09-16 07:34 - 000000165 _____ C:\Users\cash\AppData\Roaming\sp_data.sys 2021-11-05 07:44 - 2019-09-16 07:33 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2021-11-05 07:42 - 2019-09-16 06:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-11-05 07:42 - 2019-03-30 11:26 - 000000000 __SHD C:\Users\cash\IntelGraphicsProfiles 2021-11-04 20:03 - 2019-09-16 06:49 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-04 19:56 - 2021-02-27 10:16 - 000000000 ____D C:\Users\cash\Desktop\Anciennes données de Firefox 2021-11-04 18:41 - 2020-07-17 07:19 - 000000000 ____D C:\Users\cash\AppData\Local\CrashDumps 2021-11-04 18:27 - 2021-02-16 21:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-04 17:18 - 2019-03-30 11:29 - 000000000 ___RD C:\Users\cash\OneDrive 2021-11-04 17:06 - 2019-09-16 14:37 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-04 17:05 - 2019-09-16 07:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2021-11-04 17:00 - 2019-03-31 15:45 - 000000000 ____D C:\Users\cash\Desktop\utilitaires 2021-11-04 11:01 - 2021-02-16 22:20 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2759000147-1505035581-997665020-1001 2021-11-04 11:01 - 2021-02-16 21:41 - 000002416 _____ C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-04 10:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-04 08:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-03 16:27 - 2019-09-16 14:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-03 16:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-03 08:01 - 2019-09-16 07:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-01 11:16 - 2019-04-01 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-11-01 10:44 - 2021-02-16 21:56 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-01 10:44 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat 2021-11-01 10:44 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat 2021-11-01 10:36 - 2021-02-16 22:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-01 10:36 - 2021-02-16 21:31 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-01 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-11-01 10:35 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-11-01 10:13 - 2019-03-31 15:44 - 000000000 ____D C:\Users\cash\Desktop\internet 2021-11-01 08:43 - 2020-08-27 06:50 - 000000000 ____D C:\Users\cash\AppData\Roaming\Q-Dir 2021-10-31 17:58 - 2020-06-23 16:55 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-10-31 09:57 - 2019-10-08 20:44 - 000000000 ____D C:\Logiciels à reinstaller 2021-10-30 18:52 - 2020-07-02 14:56 - 000000000 ____D C:\wifidata 2021-10-30 15:51 - 2019-09-16 07:33 - 000000000 ____D C:\Users\cash\AppData\Local\Packages 2021-10-30 11:30 - 2019-10-17 11:37 - 000000000 ____D C:\Users\cash\AppData\Roaming\MyPhoneExplorer 2021-10-30 07:58 - 2019-10-27 13:17 - 000000000 ____D C:\ProgramData\IObit 2021-10-29 11:39 - 2019-09-16 07:43 - 000000000 ____D C:\Users\cash\AppData\Local\PlaceholderTileLogoFolder 2021-10-29 08:15 - 2021-03-16 13:00 - 000000000 ____D C:\Users\cash\dwhelper 2021-10-29 07:33 - 2019-10-27 13:17 - 000000000 ____D C:\Users\cash\AppData\Roaming\IObit 2021-10-28 18:57 - 2019-10-17 16:06 - 000000000 ____D C:\Users\cash\.frostwire5 2021-10-28 07:14 - 2019-12-30 17:34 - 000000000 ____D C:\Users\cash\AppData\Local\Dropbox 2021-10-28 07:13 - 2015-08-18 06:29 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-10-27 18:59 - 2021-02-16 22:20 - 000003242 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_AutoAnalyze 2021-10-27 18:59 - 2019-10-27 13:17 - 000000000 ____D C:\ProgramData\ProductData 2021-10-27 18:57 - 2019-04-19 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2021-10-25 18:33 - 2019-03-31 15:44 - 000000000 ____D C:\Users\cash\Desktop\genealogie 2021-10-22 10:38 - 2021-02-16 22:20 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1599817206 2021-10-22 10:38 - 2020-09-11 10:40 - 000001404 _____ C:\Users\cash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2021-10-21 09:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-10-21 09:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration 2021-10-21 09:08 - 2020-04-26 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer 2021-10-21 09:08 - 2019-09-16 07:40 - 000000000 ____D C:\Program Files (x86)\MyPhoneExplorer 2021-10-20 08:16 - 2019-12-31 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-10-19 11:29 - 2021-02-16 21:32 - 000469256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-10-19 11:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-10-19 08:10 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-10-18 10:22 - 2019-09-16 18:04 - 000000000 ____D C:\Program Files (x86)\Youtube Downloader HD 2021-10-18 10:22 - 2019-04-06 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD 2021-10-18 10:22 - 2019-03-31 15:45 - 000000000 ___RD C:\Users\cash\Desktop\multimedia 2021-10-16 21:59 - 2021-02-16 22:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-10-16 21:40 - 2021-02-16 21:41 - 000000000 ____D C:\Users\cash 2021-10-16 21:29 - 2021-02-16 21:41 - 000000000 ____D C:\Users\defaultuser0 2021-10-16 21:28 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-10-16 21:28 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2021-10-16 21:28 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-10-16 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Portable Devices 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-10-16 21:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-10-16 21:27 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-10-16 21:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-10-16 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers 2021-10-15 15:58 - 2019-09-16 10:17 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-10-15 15:51 - 2019-09-16 10:17 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-10-14 14:42 - 2021-06-15 13:32 - 000004396 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1599817228 2021-10-12 18:47 - 2019-09-23 16:36 - 000004096 _____ C:\Users\cash\AppData\Local\file__0.localstorage 2021-10-10 09:14 - 2021-03-05 07:20 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d704a593183234 2021-10-10 09:14 - 2021-02-16 22:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-10 09:13 - 2020-10-02 16:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-10-07 18:18 - 2020-04-30 06:24 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-10-07 18:17 - 2019-09-16 11:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys ==================== Fichiers à la racine de certains dossiers ======== 2019-09-16 07:34 - 2021-11-05 07:44 - 000000165 _____ () C:\Users\cash\AppData\Roaming\sp_data.sys 2020-04-30 07:42 - 2021-05-12 17:52 - 000000128 _____ () C:\Users\cash\AppData\Roaming\winscp.rnd 2019-09-23 16:36 - 2021-10-12 18:47 - 000004096 _____ () C:\Users\cash\AppData\Local\file__0.localstorage 2019-09-16 19:08 - 2021-06-10 16:33 - 000007598 _____ () C:\Users\cash\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2019-10-22 19:18 - 2008-05-08 00:29 - 000122880 _____ (CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe 2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2016-09-14 13:31 - 2016-09-14 13:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2015-10-09 10:13 - 2015-10-06 10:03 - 000189952 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4300.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2019-10-22 19:18 - 1999-06-18 21:49 - 000165888 _____ (Kenonic Controls) C:\WINDOWS\Ckconfig.exe 2019-10-22 19:18 - 1995-07-04 18:33 - 000011776 _____ C:\WINDOWS\Ckrfresh.exe 2019-10-30 14:35 - 1998-07-30 17:40 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe 2019-10-22 19:18 - 1996-05-03 15:36 - 000018432 _____ C:\WINDOWS\Setup_ck.dll 2019-10-22 19:18 - 1996-05-03 17:21 - 000027648 ____R C:\WINDOWS\Setup_ck.exe 2020-09-11 12:10 - 1999-06-20 01:51 - 000413756 _____ (DILib) C:\WINDOWS\SysWOW64\dijpg.dll 1998-07-13 00:00 - 1998-07-13 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL 2015-05-22 02:00 - 2015-05-22 02:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2005-01-20 16:41 - 2005-01-20 16:41 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2005-01-20 16:49 - 2005-01-20 16:49 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll 2002-01-05 02:40 - 2002-01-05 02:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2005-01-20 16:25 - 2005-01-20 16:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2020-04-07 16:34 - 2014-02-28 23:23 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000315120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-11-24 15:38 - 2015-08-07 23:43 - 000155464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 1998-07-13 00:00 - 1998-07-13 00:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL 2020-09-11 12:10 - 2003-07-20 16:13 - 000253952 _____ (SmartBrain Software) C:\WINDOWS\SysWOW64\skinboxer43.dll 2001-05-22 00:00 - 2001-05-22 00:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll 1999-03-03 14:50 - 2000-10-01 22:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {d3804c29-7095-11eb-ac61-e5531cfbaa21} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Chargeur de d‚marrage Windows ----------------------------- identificateur {2bc3e6fc-92b7-11e5-9bc5-2c56dca95ea0} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{2bc3e6fd-92b7-11e5-9bc5-2c56dca95ea0} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{2bc3e6fd-92b7-11e5-9bc5-2c56dca95ea0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {d3804c2b-7095-11eb-ac61-e5531cfbaa21} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {d3804c29-7095-11eb-ac61-e5531cfbaa21} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {d3804c2b-7095-11eb-ac61-e5531cfbaa21} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d3804c2c-7095-11eb-ac61-e5531cfbaa21} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d3804c2c-7095-11eb-ac61-e5531cfbaa21} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {d3804c29-7095-11eb-ac61-e5531cfbaa21} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {d3804c2b-7095-11eb-ac61-e5531cfbaa21} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {d3804c2c-7095-11eb-ac61-e5531cfbaa21} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================