Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2022 Exécuté par Admin R (administrateur) sur RALPHPC (ASUS All Series) (15-06-2022 17:44:51) Exécuté depuis C:\Users\Admin R\Desktop Profils chargés: Admin R Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1706 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe (C:\Program Files (x86)\Cobian Backup 11\Cobian.exe ->) (Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (explorer.exe ->) (Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe (explorer.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) () [Fichier non signé] C:\Program Files\D-Link\DWA-171 revC\ALPBCC\ALPBCSVC.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\D-Link\DWA-171 revC\WifiAutoInstallSrv.exe (services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2021-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKU\S-1-5-21-1243922167-2392459145-2998924318-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [6589600 2021-12-15] (Link64 GmbH -> Link64 GmbH) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7937120 2022-03-07] (Proton Technologies AG -> ) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\MountPoints2: {2d3595ca-e7bb-11ec-83bd-40167ead5188} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [6589600 2021-12-15] (Link64 GmbH -> Link64 GmbH) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7937120 2022-03-07] (Proton Technologies AG -> ) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [DRScanner] => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6226600 2021-09-10] (Trend Micro, Inc. -> Trend Micro Inc.) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [BingSvc] => C:\Users\Admin R\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6605744 2022-06-06] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon TS8100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDO.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8100 series: C:\Windows\system32\CNMLMDO.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP 5912 Status Monitor: C:\Windows\system32\hpinksts5912LM.dll [331664 2012-06-18] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8600): C:\Windows\system32\HPDiscoPM5912.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\PDF-XChange5: C:\WINDOWS\system32\pxc50pm.dll [57056 2016-01-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop Notification.lnk [2022-06-15] ShortcutTarget: myCloud Desktop Notification.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe () [Fichier non signé] Startup: C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop.lnk [2022-06-15] ShortcutTarget: myCloud Desktop.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\myCloud Desktop.exe (Swisscom (Schweiz) AG -> ) Startup: C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop Notification.lnk [2022-06-10] ShortcutTarget: myCloud Desktop Notification.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe () [Fichier non signé] Startup: C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop.lnk [2022-06-10] ShortcutTarget: myCloud Desktop.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\myCloud Desktop.exe (Swisscom (Schweiz) AG -> ) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {021937F4-3356-4AFF-92FF-AE63AEB354B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier) Task: {04683D00-41C9-4C5A-8E27-EA4789352A45} - System32\Tasks\Opera scheduled Autoupdate 1636829346 => C:\Users\Ralph Ballmer\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) Task: {079CECFE-83E9-4F31-B1D2-53AAD04B9569} - \MyDefrag v4.3.1 Daily -> Pas de fichier <==== ATTENTION Task: {0D42CD02-D792-40AC-9913-1EF04D9FFF12} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339464 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {0DC23569-0AC8-4DDF-A160-C94D9B3DF578} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {0E3F7CE7-B59C-424E-9234-A4AC8C99FEE6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {1740FBB9-5D8E-4ABD-A1F2-3BF6A957E3CE} - System32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Admin R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {223A401A-922B-4819-B996-693BF186F35B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe /SetTaskbarTask (Pas de fichier) Task: {2AC4D3B9-AECA-4C54-9BFF-B8EACFC2774B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-26] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {342771E7-3935-4057-817B-18EC910B0105} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {3556785D-5A55-45E1-9FFF-4C866CEB0F52} - System32\Tasks\HP Officejet Pro 8600.exe_{5901B50E-22E9-4A6D-A055-76F1A4B6D085} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe -install -prfn "HP Officejet Pro 8600 (réseau)" -ePCUrl "https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak8%2F" (Pas de fichier) Task: {3D6B3360-3F31-4FF3-AB94-83A091DA7089} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {405C6921-DC7C-43CE-ACE7-FC02A812C357} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {40A7E1DB-33E7-49D8-A76F-CB7C6514FD9F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (Pas de fichier) Task: {439142DA-BED9-49AD-A113-F03AE2B66D88} - System32\Tasks\KpRm-quarantines\KpRm-quarantines-20220415134252 => C:\KPRM\tasks-quarantines\kprm-quarantines.exe [2811112 2022-04-15] (kernel-panik -> kernel-panik) [Fichier non signé] Task: {457AB919-2EDA-46F1-88CD-8E50F8595907} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {46F6BA62-1616-44B3-AD65-3688DBE60187} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4EFB59C6-6A35-4DA5-9DA4-21CA02E0B7C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {5564CEA9-5858-4390-8526-96012941AE74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A2A82DE-4065-4E35-9F8D-A6DD4B679678} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5F97CA51-7475-4FA7-B614-5D736FAC79C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {60CBCD9B-4FD1-4052-9EFF-E8214D229990} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {64618AD9-1F73-4BE7-BF7B-1800F0B6707D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier) Task: {72BAAE6D-662C-4E9E-933C-2EFCF2CB26F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {77318C5B-6AF4-4289-8311-3402A6A36182} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Pas de fichier) Task: {7B369250-851E-4DE8-9394-B5B1C61E92D3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier) Task: {840D321B-670E-4C27-B71B-06BE2120A062} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {916B9B7B-A02D-429D-9F4A-A4C2E63EFB8F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {926AB52A-582C-4C54-9F4E-4707D15A50C6} - System32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Ralph Ballmer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {99178ECA-A00D-444D-BEFE-03DF8355CD0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.) Task: {9C75D63C-01F5-4D51-8C48-8563209A8964} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {A2DC6E50-0C32-4877-B7F6-294C54E86256} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A9804CE8-70E0-4B98-B596-1731BA8132A1} - System32\Tasks\CCleanerSkipUAC - Admin R => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AD9A53EB-F6C1-44CA-A76D-9069D55ECABA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {AF20C25E-8C01-4222-9DD0-93C1FC624E72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.) Task: {AF763C7E-53F5-4680-9CE2-DAD88BEA0F66} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {BBF95E72-0932-4BEA-B4BD-E61ACF687A16} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform) Task: {C6617997-2984-464F-9AEA-02AA44561EC7} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {D3B515B8-4FED-4D2F-BDED-0877A2CD90DD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {E0564FDD-5CEE-4437-A531-72049CBC6526} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {E0B384AA-9DF5-44DC-BC37-06E54F5EF544} - \MyDefrag v4.3.1 Monthly -> Pas de fichier <==== ATTENTION Task: {E4278732-7B31-45F0-A8DE-ABDF61DF9313} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {EAC42A09-98D1-4D94-AE0A-5DC16C093561} - System32\Tasks\ScanToPCActivationApp.exe_{F16935F3-D81E-405D-ADFB-15307D1F9167} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe -deviceID "CN21HAK19W05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 (Pas de fichier) Task: {ED93B1B1-4F4A-4BC5-932B-AE3D4CE204AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier) Task: {F23F1A7A-0EF3-4D42-8C35-937031D7E096} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{2242450a-3988-44d7-8660-1463e06a176e}: [DhcpNameServer] 192.168.150.1 Tcpip\..\Interfaces\{2925a7bc-183d-4578-a20d-710da60684cc}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{623f31aa-0f68-4401-a34a-ff1dced309a0}: [DhcpNameServer] 62.2.24.162 62.2.17.60 Tcpip\..\Interfaces\{7b5f4833-bf18-45b9-8090-5f78871a4d56}: [DhcpNameServer] 192.168.150.1 Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Admin R\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-15] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-11] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: c4kelymw.default-1637062101656 FF ProfilePath: C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656 [2022-06-15] FF DownloadDir: C:\Users\Admin R\Desktop FF Homepage: Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656 -> hxxps://duckduckgo.com/?q=&atb=v254-1 FF Extension: (Cookie AutoDelete) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-06-15] FF Extension: (To Google Translate) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-11-16] FF Extension: (Decentraleyes) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-20] FF Extension: (Privacy Badger) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-15] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-06-10] FF Extension: (Decodex) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\lemonde-decodex@lemonde.fr.xpi [2021-11-16] FF Extension: (SponsorBlock pour YouTube - Supprime les publicités intégrées) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\sponsorBlocker@ajay.app.xpi [2022-06-10] FF Extension: (uBlock Origin) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\uBlock0@raymondhill.net.xpi [2022-04-11] FF Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2022-06-10] FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2022-04-12] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> ) R2 D-Link DWA-171C_PBC_WPS; C:\Program Files\D-Link\DWA-171 revC\ALPBCC\ALPBCSVC.exe [65536 2013-01-15] () [Fichier non signé] R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-06-10] (Malwarebytes Inc. -> Malwarebytes) R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [122464 2022-03-07] (Proton Technologies AG -> ) R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65632 2022-03-07] (Proton Technologies AG -> ) R3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50784 2022-03-07] (Proton Technologies AG -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254856 2022-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WifiAutoInstallSrv; C:\Program Files\D-Link\DWA-171 revC\WifiAutoInstallSrv.exe [138176 2017-11-07] (Realtek Semiconductor Corp. -> Realtek) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 Andbus; C:\WINDOWS\System32\drivers\lgandbus64.sys [19456 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndGps; C:\WINDOWS\System32\drivers\lgandgps64.sys [27136 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag2; C:\WINDOWS\System32\drivers\lgandnetdiag264.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetGps; C:\WINDOWS\System32\drivers\lgandnetgps64.sys [28160 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R1 anodlwf; C:\WINDOWS\system32\DRIVERS\anodlwfx.sys [15872 2010-05-28] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> ) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-09-03] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-08] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-08] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA64.sys [732928 2012-06-20] (eMPIA Technology, Inc.) [Fichier non signé] S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM64.sys [1232128 2012-06-20] (eMPIA Technology, Inc.) [Fichier non signé] S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [28160 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-09] (EldoS Corporation -> /n software, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-15 17:44 - 2022-06-15 17:46 - 000038445 _____ C:\Users\Admin R\Desktop\FRST.txt 2022-06-15 17:21 - 2022-06-15 17:21 - 000441236 _____ C:\Users\Admin R\Desktop\ZHPDiag.txt 2022-06-15 17:11 - 2022-06-15 17:11 - 002368000 _____ (Farbar) C:\Users\Admin R\Desktop\FRST64.exe 2022-06-15 16:55 - 2022-06-15 16:55 - 000000904 _____ C:\Users\Admin R\Desktop\ZHPSuite.lnk 2022-06-15 16:54 - 2022-06-15 16:54 - 000000288 _____ C:\Users\Admin R\Desktop\PROCEDURE A SUIVRE POUR UNE DEMANDE DE DIAGNOSTIC.URL 2022-06-15 16:17 - 2022-06-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2022-06-15 15:50 - 2022-06-15 15:50 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-06-14 19:02 - 2022-06-14 19:02 - 000000000 ___HD C:\$WinREAgent 2022-06-10 20:27 - 2022-06-10 20:25 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-06-10 07:51 - 2022-06-11 08:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-06-04 18:20 - 2022-06-04 18:20 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-06-04 18:19 - 2022-06-04 18:19 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-06-04 18:19 - 2022-06-04 18:19 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-06-04 18:18 - 2022-06-04 18:18 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-04-28 20:43 - 2022-06-11 09:48 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d84dd263a521fc 2022-04-21 13:42 - 2022-04-21 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon TS8100 series Manuel à l'écran 2022-04-21 13:38 - 2022-04-21 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2022-04-21 13:38 - 2022-04-21 13:42 - 000000000 ____D C:\Program Files\Canon 2022-04-21 13:38 - 2017-02-27 09:14 - 000347136 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_DOL.dll 2022-04-21 13:38 - 2016-12-12 10:16 - 000098048 _____ C:\WINDOWS\SysWOW64\CNC1821D.TBL 2022-04-21 13:38 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2022-04-21 13:36 - 2022-04-21 13:37 - 000000000 ___HD C:\Program Files\CanonBJ 2022-04-21 12:43 - 2022-06-05 13:50 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-04-15 14:21 - 2022-04-15 14:21 - 000001548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Naviextras Zenec toolbox.lnk 2022-04-15 14:06 - 2022-04-15 14:12 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\naviextras 2022-04-15 14:05 - 2022-04-15 14:05 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Naviextras 2022-04-15 13:47 - 2022-04-15 14:46 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Naviextras 2022-04-15 13:43 - 2022-04-15 13:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\KpRm-quarantines 2022-04-15 13:38 - 2022-04-15 19:09 - 000000000 ____D C:\Program Files (x86)\Naviextras 2022-04-13 12:32 - 2022-04-13 12:32 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speedyfox.exe - Raccourci.lnk 2022-04-13 11:21 - 2022-04-13 11:21 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-13 11:20 - 2022-04-13 11:20 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-13 11:19 - 2022-04-13 11:19 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-12 12:29 - 2022-04-12 12:29 - 000489368 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wireguard.sys 2022-04-12 12:25 - 2022-04-12 12:25 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Proton Technologies AG 2022-04-12 12:25 - 2022-04-12 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN 2022-04-11 21:18 - 2022-04-11 21:18 - 000000020 ___SH C:\Users\Ralph Ballmer\ntuser.ini 2022-04-11 20:52 - 2022-04-11 20:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-04-11 20:50 - 2022-04-11 20:50 - 000000020 ___SH C:\Users\Admin R\ntuser.ini 2022-04-11 20:41 - 2022-06-15 15:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-11 20:41 - 2022-06-11 09:48 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-11 20:41 - 2022-06-10 20:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-04-11 20:41 - 2022-06-10 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-04-11 20:41 - 2022-06-06 09:59 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1636829346 2022-04-11 20:41 - 2022-05-26 11:32 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2022-04-11 20:41 - 2022-04-20 13:48 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-11 20:41 - 2022-04-20 13:48 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-11 20:41 - 2022-04-14 08:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-04-11 20:41 - 2022-04-11 20:41 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-11 20:41 - 2022-04-11 20:41 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2022-04-11 20:41 - 2022-04-11 20:41 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002840 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1243922167-2392459145-2998924318-1001 2022-04-11 20:41 - 2022-04-11 20:41 - 000002828 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Admin R 2022-04-11 20:41 - 2022-04-11 20:41 - 000002768 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Ralph Ballmer 2022-04-11 20:41 - 2022-04-11 20:41 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2022-04-11 20:41 - 2022-04-11 20:41 - 000002442 _____ C:\WINDOWS\system32\Tasks\HP Officejet Pro 8600.exe_{5901B50E-22E9-4A6D-A055-76F1A4B6D085} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002354 _____ C:\WINDOWS\system32\Tasks\ScanToPCActivationApp.exe_{F16935F3-D81E-405D-ADFB-15307D1F9167} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002258 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Admin R 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-04-11 20:40 - 2022-04-11 20:41 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2022-04-11 20:40 - 2022-04-11 20:41 - 000011433 _____ C:\WINDOWS\diagerr.xml 2022-04-11 20:36 - 2022-06-15 15:54 - 001930382 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-11 20:26 - 2022-04-11 20:26 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-04-11 20:25 - 2022-06-15 17:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-04-11 20:25 - 2022-06-04 18:29 - 000457088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-11 19:43 - 2022-04-11 21:24 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-04-11 19:43 - 2022-04-11 19:43 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2022-04-11 19:39 - 2022-04-11 21:18 - 000000000 ____D C:\Users\Ralph Ballmer 2022-04-11 19:39 - 2022-04-11 20:50 - 000000000 ____D C:\Users\Admin R 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Voisinage réseau 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Voisinage d'impression 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Modèles 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Mes documents 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Menu Démarrer 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Voisinage réseau 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Voisinage d'impression 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Modèles 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Mes documents 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Menu Démarrer 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Mes vidéos 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Mes images 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Ma musique 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-04-11 19:39 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-11 19:39 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-11 19:35 - 2022-04-11 19:42 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-04-11 19:29 - 2022-04-11 19:29 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-04-11 19:17 - 2022-04-11 19:17 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-04-11 19:17 - 2022-04-11 19:17 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-04-11 19:16 - 2022-04-11 19:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-04-11 19:15 - 2022-04-11 19:15 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-04-11 19:15 - 2022-04-11 19:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-04-11 19:14 - 2022-04-11 19:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-04-11 19:13 - 2022-04-11 19:13 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\system32\msmq 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files\MSBuild 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\inetpub 2022-04-11 18:40 - 2022-04-11 18:40 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2022-04-11 18:28 - 2022-04-11 18:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-04-11 18:11 - 2022-04-23 09:58 - 000000000 ___DC C:\WINDOWS\Panther 2022-04-11 18:03 - 2022-04-11 18:11 - 000000000 ____D C:\ESD 2022-04-11 17:58 - 2022-04-11 17:58 - 000000000 ___HD C:\$Windows.~WS 2022-04-11 12:36 - 2022-06-15 17:45 - 000000000 ____D C:\FRST 2022-04-09 17:31 - 2022-04-09 17:31 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PayEye.lnk 2022-04-09 17:31 - 2022-04-09 17:31 - 000000000 ____D C:\Program Files\DIFX 2022-04-09 17:31 - 2022-04-09 17:31 - 000000000 ____D C:\Program Files (x86)\CREALOGIX PayEye 2022-04-08 15:59 - 2022-06-15 16:16 - 000000000 ____D C:\Program Files (x86)\VideoLAN ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-15 17:21 - 2018-02-13 19:00 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\ZHP 2022-06-15 17:21 - 2015-12-27 22:34 - 000000135 _____ C:\Users\Admin 2022-06-15 16:53 - 2014-09-16 10:55 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-15 16:52 - 2022-02-09 00:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-15 16:51 - 2016-12-28 16:01 - 000000000 ____D C:\Users\Admin R\AppData\LocalLow\Mozilla 2022-06-15 16:23 - 2020-03-24 18:44 - 000000000 ____D C:\Program Files\CCleaner 2022-06-15 16:21 - 2022-02-20 13:31 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCloud Desktop 2022-06-15 16:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-15 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-15 16:19 - 2018-02-12 12:58 - 000000000 ____D C:\ProgramData\NVIDIA 2022-06-15 16:19 - 2014-09-23 22:58 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\vlc 2022-06-15 16:19 - 2014-09-20 14:33 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\MediaMonkey 2022-06-15 16:18 - 2016-12-26 18:25 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\LocalLow\Mozilla 2022-06-15 15:54 - 2019-12-07 16:50 - 000831926 _____ C:\WINDOWS\system32\perfh00C.dat 2022-06-15 15:54 - 2019-12-07 16:50 - 000167692 _____ C:\WINDOWS\system32\perfc00C.dat 2022-06-15 15:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-06-15 15:50 - 2021-01-05 20:24 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-15 12:53 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-06-15 08:24 - 2019-10-04 09:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-06-15 08:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-14 13:26 - 2020-12-12 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-06-14 13:26 - 2016-08-04 18:05 - 000000000 ____D C:\Program Files\Revo Uninstaller 2022-06-11 09:56 - 2020-03-30 22:25 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-11 08:52 - 2021-01-07 13:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-10 21:18 - 2021-02-02 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myCloud Desktop 2022-06-10 21:15 - 2020-04-16 17:31 - 000001421 _____ C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-06-10 20:27 - 2021-05-22 14:00 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-06-10 20:27 - 2020-02-13 10:09 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-06-10 20:27 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-06-10 20:25 - 2019-04-03 17:50 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-06-10 20:25 - 2018-12-14 22:51 - 000000000 ____D C:\Program Files\Malwarebytes 2022-06-10 20:25 - 2014-10-28 16:44 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-10 08:05 - 2020-02-11 09:24 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-08 09:17 - 2019-01-12 13:32 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\calibre 2022-06-07 19:52 - 2020-12-12 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2022-06-07 19:51 - 2020-12-12 13:25 - 000000000 ____D C:\Program Files\Calibre2 2022-06-06 09:59 - 2021-11-13 20:49 - 000001544 _____ C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-06-04 19:26 - 2020-02-07 17:23 - 000000000 ____D C:\ProgramData\Packages 2022-06-04 18:28 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-06-04 18:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-06-04 18:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-06-04 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-04 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-06-04 18:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-04 18:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-06-04 18:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-04 18:04 - 2019-05-05 11:22 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\FireShot 2022-06-04 17:57 - 2017-01-11 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-06-04 17:50 - 2018-10-11 21:13 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-05-26 11:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState ==================== Fichiers à la racine de certains dossiers ======== 2020-10-09 17:00 - 2022-04-13 12:26 - 001520968 _____ (SpeedyFox) C:\Program Files\speedyfox.exe 2018-02-28 19:23 - 2021-12-15 12:55 - 000120441 _____ () C:\Users\Admin R\AppData\Local\ars.cache 2018-02-28 19:23 - 2021-12-15 12:56 - 004205075 _____ () C:\Users\Admin R\AppData\Local\census.cache 2018-02-28 19:13 - 2018-02-28 19:13 - 000000036 _____ () C:\Users\Admin R\AppData\Local\housecall.guid.cache 2021-06-18 14:05 - 2021-06-18 14:05 - 000000000 _____ () C:\Users\Admin R\AppData\Local\oobelibMkey.log 2019-01-16 20:24 - 2021-12-15 12:46 - 000000010 _____ () C:\Users\Admin R\AppData\Local\sponge.last.runtime.cache 2018-06-07 23:02 - 2018-06-07 23:02 - 000000000 _____ () C:\Users\Admin R\AppData\Local\{FEFAFFCC-ED1E-404A-A7DD-2C2AF40A658F} ==================== SigCheckExt ========================= 2015-09-02 10:00 - 2015-07-23 02:02 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32(626).dll 2015-09-02 10:00 - 2015-07-23 01:52 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-datetime-l1-1-0(627).dll 2015-09-02 10:00 - 2015-07-23 01:52 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema(628).dll 2015-09-02 10:00 - 2015-06-25 12:01 - 001941504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui(629).dll 2015-08-14 19:30 - 2015-07-15 05:19 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv(630).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp(631).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32(632).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptbase(633).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet(634).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv(635).dll 2015-08-14 19:30 - 2015-07-01 22:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt(636).dll 2021-03-14 14:58 - 2003-05-22 12:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\system32\divx.dll 2011-04-12 11:27 - 2010-11-21 05:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvscres.dll 2015-09-02 10:00 - 2015-07-09 19:58 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi(637).dll 2015-07-15 09:28 - 2015-06-17 19:47 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32(638).dll 2015-08-14 19:30 - 2015-07-16 22:35 - 002885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(640).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(641).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 001163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32(642).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase(643).dll 2021-03-14 14:58 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\system32\Lagarith.dll 2015-08-14 19:30 - 2015-07-30 20:06 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk(644).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(645).dll 2015-09-02 10:00 - 2015-07-23 02:01 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass(646).exe 2021-03-14 14:58 - 2003-05-21 23:50 - 000261632 _____ (MainConcept) C:\WINDOWS\system32\mcdvd_32.dll 2021-03-14 14:58 - 2002-08-20 00:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg4c32.dll 2015-07-15 09:28 - 2015-06-15 23:42 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg(647).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(648).dll 2015-09-02 09:59 - 2015-08-27 20:18 - 001887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3(649).dll 2021-03-14 14:58 - 2003-05-21 23:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3a.dll 2015-09-02 09:59 - 2015-08-27 20:13 - 000002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r(650).dll 2015-09-02 09:59 - 2015-08-27 20:18 - 002004480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(651).dll 2015-09-02 09:59 - 2015-08-27 20:13 - 000002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r(652).dll 2014-09-20 15:38 - 2010-05-21 13:11 - 001147392 _____ (J.C. Kessels) C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe 2015-09-02 10:00 - 2015-07-23 02:02 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt(653).dll 2015-07-15 09:28 - 2015-07-04 20:07 - 002087424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32(655).dll 2018-10-07 16:55 - 2018-09-03 10:22 - 003552256 _____ C:\WINDOWS\system32\pwNative.exe 2015-09-02 10:00 - 2015-07-23 02:02 - 001216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4(656).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel(657).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32(658).dll 2015-08-14 19:30 - 2015-07-10 19:51 - 014177280 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32(659).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss(660).exe 2015-09-02 10:00 - 2015-07-23 02:02 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore(661).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli(662).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv(663).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg(664).dll 2015-08-14 19:30 - 2015-07-16 21:01 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(665).dll 2021-03-14 14:58 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest(666).dll 2015-06-24 14:00 - 2012-12-03 15:58 - 000279040 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\WiFiMan.dll 2015-08-14 19:30 - 2015-07-16 21:12 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(668).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv(669).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust(670).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64(671).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu(672).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win(673).dll 2015-08-14 19:30 - 2015-07-20 20:12 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi(674).dll 2021-03-14 14:58 - 2004-07-03 20:59 - 000524288 _____ C:\WINDOWS\system32\xvidcore.dll 2021-03-14 14:58 - 2004-07-03 21:08 - 000139264 _____ C:\WINDOWS\system32\xvidvfw.dll 2022-03-15 18:06 - 1995-11-08 12:06 - 000151552 _____ (Corel Corporation) C:\WINDOWS\crllyrnt.dll 2012-06-20 11:27 - 2012-06-20 11:27 - 000085504 _____ (eMPIA Technology, Inc.) C:\WINDOWS\emMON.exe 2014-12-01 12:52 - 1999-12-17 17:13 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe 2015-09-02 10:00 - 2015-07-22 19:53 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32(675).dll 2014-09-23 13:26 - 2010-08-27 23:55 - 000040448 _____ (Embarcadero Technologies, Inc.) C:\WINDOWS\SysWOW64\borlndmm.dll 2014-09-23 13:26 - 2009-11-23 23:04 - 001141248 _____ (Embarcadero Technologies Inc.) C:\WINDOWS\SysWOW64\cc32100mt.dll 2014-09-23 13:26 - 2009-11-02 23:02 - 001500160 _____ (Borland Corporation) C:\WINDOWS\SysWOW64\cc3260mt.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 2014-09-20 10:54 - 1996-04-04 03:11 - 000032768 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\cmgr32.dll 2015-07-13 18:29 - 2006-04-30 05:33 - 000053248 _____ () C:\WINDOWS\SysWOW64\CommonDL.dll 2015-07-15 09:28 - 2015-04-27 21:04 - 001174528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32(676).dll 2015-09-02 10:00 - 2015-07-22 19:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptbase(677).dll 2007-04-27 10:43 - 2007-04-27 10:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 2014-09-20 10:53 - 1996-09-06 08:02 - 000960000 _____ (Novell, Inc.) C:\WINDOWS\SysWOW64\evysh7.dll 2014-09-20 10:53 - 1996-12-04 19:01 - 000090112 _____ (Novell, Inc.) C:\WINDOWS\SysWOW64\evysh7fr.dll 2015-07-15 09:28 - 2015-06-17 19:37 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32(678).dll 2018-03-21 16:08 - 2010-06-14 23:46 - 001085440 _____ (XnView) C:\WINDOWS\SysWOW64\GflAx.dll 2014-09-20 10:53 - 1995-08-15 01:00 - 000136704 _____ (Apex Software Corporation) C:\WINDOWS\SysWOW64\grdkrn32.dll 2014-09-23 13:26 - 2003-03-12 19:24 - 000111616 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5DLG32.DLL 2014-09-23 13:26 - 2000-01-12 10:39 - 000188928 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5ICON32.DLL 2014-09-23 13:26 - 2000-01-12 11:26 - 001055744 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5KRNL32.DLL 2014-09-23 13:26 - 1998-12-11 14:59 - 000175104 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5MENU32.DLL 2014-09-23 13:26 - 1998-12-11 15:02 - 000094720 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5RTF32.DLL 2014-09-23 13:26 - 1999-09-20 18:58 - 000051200 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5TOOL32.DLL 2015-08-14 19:30 - 2015-07-16 21:45 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(679).dll 2008-07-04 10:23 - 2008-07-04 10:23 - 001757184 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagX7.dll 2008-07-04 10:23 - 2008-07-04 10:23 - 000258048 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXR7.dll 2008-07-04 10:23 - 2008-07-04 10:23 - 000802816 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXRA7.dll 2014-09-23 13:26 - 1997-01-24 10:37 - 000240640 _____ (Data Techniques, Inc.) C:\WINDOWS\SysWOW64\imgman31.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2014-01-31 15:18 - 2014-01-31 15:18 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-09-02 10:00 - 2015-07-22 19:52 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32(680).dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase(681).dll 2015-08-14 19:30 - 2015-07-30 19:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk(682).dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2014-04-30 19:47 - 2014-04-30 19:47 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 2014-09-20 10:53 - 1995-05-19 15:44 - 000322832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc30.dll 2021-03-05 13:40 - 2004-02-27 00:00 - 000962612 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42D.dll 2014-09-20 10:53 - 1995-05-19 14:49 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcans32.dll 2021-03-05 13:40 - 2004-02-27 00:00 - 000827445 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCO42D.dll 2014-09-20 10:53 - 1995-05-22 14:05 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcuia32.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 2015-07-15 09:28 - 2015-06-15 23:43 - 002364416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi(683).dll 2015-07-15 09:28 - 2015-06-15 23:37 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg(684).dll 2014-09-20 10:54 - 1996-03-15 18:15 - 000033552 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT32.DLL 1996-04-11 17:34 - 1996-04-11 17:34 - 000965904 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJT3032.DLL 2014-09-20 10:54 - 1996-03-15 18:47 - 000098356 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER32.DLL 2014-09-20 10:54 - 1995-08-15 01:00 - 000144144 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSLT3032.DLL 2014-04-30 19:47 - 2014-04-30 19:47 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 2014-09-20 10:54 - 1995-08-07 06:33 - 000043008 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOC95.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000240912 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPX3032.DLL 2014-09-20 10:54 - 1995-09-20 17:16 - 000245520 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X32.DLL 2014-09-20 10:53 - 1995-07-26 01:00 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrdo32.dll 2014-09-20 10:54 - 1995-07-20 01:00 - 000121104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTX3032.DLL 2015-07-13 18:29 - 2011-05-06 10:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcm90.dll 2021-03-05 13:40 - 2000-08-29 00:00 - 000516173 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP60D.dll 2014-11-17 19:49 - 2003-03-19 05:14 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2014-11-17 19:49 - 2004-01-12 00:00 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2005-12-09 07:30 - 2005-12-09 07:30 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2021-03-05 13:40 - 2004-02-17 00:00 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCRTD.dll 2014-09-20 10:54 - 1995-05-12 01:00 - 000260368 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXB3032.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000220944 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXL3032.DLL 2015-07-13 18:29 - 2005-09-29 22:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe 2014-04-30 19:47 - 2014-04-30 19:47 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll 2014-09-23 13:26 - 1995-05-22 02:00 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OC30.DLL 2015-07-15 09:28 - 2015-07-04 19:48 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32(686).dll 2014-09-23 13:26 - 1996-03-23 16:24 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL 2014-09-20 10:54 - 1996-04-04 03:11 - 000345600 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\qtim32.dll 2014-09-20 18:25 - 2014-04-30 19:43 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2021-03-05 13:40 - 2007-05-04 15:51 - 000040448 _____ C:\WINDOWS\SysWOW64\RegOBJ.dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4(687).dll 2014-09-20 10:52 - 1996-10-29 23:01 - 000409600 _____ (Corel Corporation) C:\WINDOWS\SysWOW64\scint70.dll 2015-08-14 19:30 - 2015-07-10 19:34 - 012875776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32(688).dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli(689).dll 2006-03-17 15:49 - 2006-03-17 15:49 - 000368640 _____ (Pegasus Imaging Corporation) C:\WINDOWS\SysWOW64\twnlib4.dll 2015-08-14 19:30 - 2015-07-16 20:38 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon(690).dll 2014-09-20 10:53 - 1996-06-04 23:51 - 000721168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll 2014-09-20 10:54 - 1995-07-20 01:00 - 000816720 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBA32.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000008976 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAEN32.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 001371436 ____R C:\WINDOWS\SysWOW64\VBAR2132.DLL 2014-09-20 10:54 - 1995-09-24 12:02 - 000243472 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR2232.DLL 2014-09-20 10:54 - 1994-04-13 00:00 - 000095200 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBDB300.DLL 2014-09-20 10:54 - 1993-04-28 01:00 - 000013824 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBOA300.DLL 2014-09-20 10:54 - 1995-07-11 10:50 - 000398416 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBRUN300.DLL 2015-06-24 14:00 - 2012-12-03 15:57 - 000238592 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\WiFiMan.dll 2015-08-14 19:30 - 2015-07-16 20:42 - 001951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(691).dll 2015-07-15 09:28 - 2015-04-27 21:05 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust(692).dll 2018-10-01 19:49 - 2021-11-08 03:20 - 002149184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2022-06-15 17:11 - 2022-06-15 17:11 - 002368000 _____ (Farbar) C:\Users\Admin R\Desktop\FRST64.exe 2020-02-28 21:51 - 2020-02-28 12:17 - 001035848 _____ (www.sordum.org) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fab_x64.exe 2021-08-05 18:24 - 2021-08-05 18:24 - 000000024 _____ C:\Users\Ralph Ballmer\AppData\Roaming\pecodec.dll 2020-02-28 21:51 - 2020-02-28 12:17 - 001035848 _____ (www.sordum.org) C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fab_x64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {e86344f2-4c17-11ea-be6d-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {e86344f2-4c17-11ea-be6d-806e6f6e6963} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {da4a51c2-b9c4-11ec-8385-dcbad2091caa} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {4b1bf647-49b9-11ea-be6a-f241e859d85f} device partition=C: path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice partition=C: systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {da4a51c2-b9c4-11ec-8385-dcbad2091caa} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{da4a51c3-b9c4-11ec-8385-dcbad2091caa} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{da4a51c3-b9c4-11ec-8385-dcbad2091caa} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {da4a51c2-b9c4-11ec-8385-dcbad2091caa} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {da4a51c3-b9c4-11ec-8385-dcbad2091caa} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================