Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022 Exécuté par bill (administrateur) sur PC-SALON-ASUS (_ASUS_ Notebook) (27-08-2022 13:52:22) Exécuté depuis C:\Users\bill\Desktop Profils chargés: bill Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: "C:\Program Files\Mozilla Firefox-64\firefox.exe" -osint -url "%1" Mode d'amorçage: Safe Mode (with Networking) ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [107192 2012-08-24] () [Fichier non signé] HKLM\...\Run: [ACPW06FR] => C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1231992 2012-10-01] (ACD Systems International Inc -> ACD Systems) HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (Newsoft Technology Company -> NewSoft Technology Corporation) HKLM\...\Run: [EasySettingBox] => C:\Program Files (x86)\Samsung\Easy Setting Box\EasySettingBox.exe [594944 2013-12-26] () [Fichier non signé] HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA Technologies Inc. -> VIA) HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\ASScrProlog.exe [37232 2013-10-22] (ASUSTeK Computer Inc. -> ) [Fichier non signé] HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104320 2013-10-10] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA Technologies Inc. -> VIA) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] (DivX, LLC -> ) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC) [Fichier non signé] HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation -> NewSoft Technology Corporation) HKLM-x32\...\Run: [EasySettingBox] => C:\Program Files (x86)\Samsung\Easy Setting Box\EasySettingBox.exe*************************************************************** [594944 2013-12-26] () [Fichier non signé] HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [123232 2022-07-10] (VMware, Inc. -> VMware, Inc.) HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\bill\AppData\Local\Temp\~DF728B876A45AF2D06.TMP" /F /Q (Pas de fichier) <==== ATTENTION HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\bill\AppData\Roaming\ZHP\ZHPCleaner.txt [2754 2022-08-27] () [Fichier non signé] HKLM-x32\...\RunOnce: [ZHPFix__{271DC252-6FE1-4D59-9053-E4CF50AB99DE}] => REG delete "HKLM\Software\Classes\CLSID\{271DC252-6FE1-4D59-9053-E4CF50AB99DE}" /F /reg:64 (Pas de fichier) HKLM-x32\...\RunOnce: [ZHPFix] => C:\Users\bill\AppData\Roaming\ZHP\ZHPFix.txt [1600 2022-08-27] () [Fichier non signé] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation -> NewSoft Technology Corporation) HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\...\Run: [FastVD] => C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe [2238648 2020-07-13] (FastPCTools -> FastPCTools) HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\...\Run: [Vivaldi Update Notifier] => D:\Documents Win8\Téléchargements\Vivaldi-bin\update_notifier.exe [1872968 2020-01-08] (Vivaldi Technologies AS -> Vivaldi Technologies AS) HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [122611592 2022-08-11] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4409480 2014-03-12] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-1883324312-3376908856-3875682184-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1883324312-3376908856-3875682184-500\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload (Pas de fichier) HKU\S-1-5-21-1883324312-3376908856-3875682184-500\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation -> NewSoft Technology Corporation) HKU\S-1-5-21-1883324312-3376908856-3875682184-500\...\Run: [FastVD] => C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe [2238648 2020-07-13] (FastPCTools -> FastPCTools) HKU\S-1-5-21-1883324312-3376908856-3875682184-500\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [122611592 2022-08-11] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1883324312-3376908856-3875682184-501\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload (Pas de fichier) HKU\S-1-5-21-1883324312-3376908856-3875682184-501\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation -> NewSoft Technology Corporation) HKU\S-1-5-21-1883324312-3376908856-3875682184-501\...\Run: [FastVD] => C:\Program Files (x86)\FastPcTools\Fast VD\FastVD.exe [2238648 2020-07-13] (FastPCTools -> FastPCTools) HKU\S-1-5-21-1883324312-3376908856-3875682184-501\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [122611592 2022-08-11] (Skype Software Sarl -> Skype Technologies S.A.) HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [482816 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\TeamViewer_PrintProcessor: C:\Windows\System32\spool\prtprocs\x64\TeamViewer_PrintProcessor.dll [20208 2017-08-29] (TeamViewer GmbH -> ) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\Windows\system32\CNMLMFT.DLL [913408 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\EPSON M105 Series 64MonitorBE: C:\Windows\system32\E_YLMJ5E.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\EPSON Stylus DX6000 Series 64MonitorBE: C:\Windows\system32\E_ILMBIE.DLL [126976 2006-08-10] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\EPSON Universal Print Driver 64MonitorBE: C:\Windows\system32\E_2LM0DE.DLL [182784 2016-07-19] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\EPSON WF-3520 Series 64MonitorBE: C:\Windows\system32\E_YLMJJE.DLL [120320 2011-04-19] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC) AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) Startup: C:\Users\bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lancement Firemin multi.bat [2022-04-15] () [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {27EB2412-64D2-445F-8BC7-8B192A8FAE3F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536 2012-07-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {2B387BC4-C2CA-46F9-AB33-17F27F79DB92} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4071680 2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Task: {2EBEFA72-D752-45F0-9E9F-DA8B2121A5A9} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936 2012-08-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {2FABC353-A8F2-406B-81B6-9D90612C362B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {3EB5DCC2-B633-4F42-A267-4E795AB10F2B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C2DA2D4-406E-4D32-9466-47CB0F169C03} - System32\Tasks\CCleaner Update => D:\LiberKey\Apps\CCleaner\App\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform) Task: {61C0D847-DBCC-4246-ABF4-EBDEC63F7016} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation) Task: {722AC968-0AE3-484A-A324-056A89BA3F7A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2012-09-27] (ASUSTeK Computer Inc. -> ) [Fichier non signé] Task: {735A5D49-CCED-4CAC-B0CE-2D2AA3F48B1C} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [271520 2021-06-01] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {7D36ABC8-133F-4C64-8B97-4CA11D1D8122} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS) Task: {7F3C248D-9143-49D0-9374-BA1CB20E35F2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (Pas de fichier) Task: {84ADF3EA-D13E-4AC1-8BCC-86F54EACB748} - System32\Tasks\Opera scheduled Autoupdate 1660153552 => C:\Users\bill\AppData\Local\Programs\Opera\launcher.exe [2527224 2022-07-25] (Opera Norway AS -> Opera Software) Task: {85F66355-ACB5-4687-82FF-057195D4717D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1883324312-3376908856-3875682184-1002 => C:\ProgramData\MEGAsync\MEGAupdater.exe [760736 2017-11-24] (Mega Limited -> Mega Limited) Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {A2C0FEC4-248F-4023-ADED-6B12B2C6323C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {CE89A4E3-272E-4BD7-977C-6E6EA5BBCD17} - System32\Tasks\GoogleUpdateTaskMachineUA{B6FB5ECE-3095-4768-975D-AB0E6F2A84F7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {D83E7272-6C5D-443C-B6EF-C801772562CA} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1126784 2012-08-06] (ASUSTeK Computer Inc. -> ASUS) Task: {DF4AE348-ADB1-465D-A905-783E9DE4280C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DFDC8E36-B38E-4E04-BE29-CF4A2E78160D} - System32\Tasks\GoogleUpdateTaskMachineCore{775F93A5-0C0F-4B63-B723-C38EE9106992} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {F34F6CC4-9D42-4EC3-B723-F6F56C6E7557} - System32\Tasks\CCleanerSkipUAC - bill => D:\LiberKey\Apps\CCleaner\App\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {FB98F253-145D-4CF3-9A20-AA667F3C551C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2015-06-30] (ASUSTeK Computer Inc. -> AsusTek) Task: {FF49B67F-3401-4E2E-A929-0A600F713C0B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-04] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{718CB4C7-E00B-40B6-B68A-7769504D5DDB}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{718CB4C7-E00B-40B6-B68A-7769504D5DDB}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{D56293E7-A2D4-40D9-97FA-C076535CDF2A}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{D56293E7-A2D4-40D9-97FA-C076535CDF2A}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF DefaultProfile: nn841huz.default-1549303790506 FF DefaultProfile: 156elgag.default FF ProfilePath: C:\Users\bill\AppData\Roaming\Waterfox\Profiles\nn841huz.default-1549303790506 [2022-08-26] FF Homepage: Waterfox\Profiles\nn841huz.default-1549303790506 -> hxxp://www.orange.fr/portail FF Extension: (New Tab Override) - C:\Users\bill\AppData\Roaming\Waterfox\Profiles\nn841huz.default-1549303790506\Extensions\newtaboverride@agenedia.com.xpi [2019-02-04] FF Extension: (S3.Traducteur) - C:\Users\bill\AppData\Roaming\Waterfox\Profiles\nn841huz.default-1549303790506\Extensions\s3google@translator.xpi [2017-11-28] FF Extension: (CoolPreviews) - C:\Users\bill\AppData\Roaming\Waterfox\Profiles\nn841huz.default-1549303790506\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2019-02-05] [] [non signé] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\bill\AppData\Roaming\Waterfox\Profiles\nn841huz.default-1549303790506\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-08] FF ProfilePath: C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\v8nx8q8r.default-esr [2022-08-26] FF ProfilePath: C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default [2022-08-27] FF Homepage: Mozilla\Firefox\Profiles\156elgag.default -> hxxp://www.google.fr/ FF NewTab: Mozilla\Firefox\Profiles\156elgag.default -> hxxps://www.google.fr/ FF NewTabOverride: Mozilla\Firefox\Profiles\156elgag.default -> Enabled: newtaboverride@agenedia.com FF NewTabOverride: Mozilla\Firefox\Profiles\156elgag.default -> Enabled: uBlock0@raymondhill.net FF Extension: (Adblock Latitude) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2021-07-30] [] [non signé] FF Extension: (Dark Reader) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\addon@darkreader.org.xpi [2022-08-23] FF Extension: (French) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-05-01] [] [non signé] FF Extension: (fx_cast) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\fx_cast@matt.tf.xpi [2022-08-10] [UpdateUrl:hxxps://hensm.github.io/fx_cast/updates.json] FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-08-17] FF Extension: (Français (FR) Language Pack) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\langpack-fr@palemoon.org.xpi [2021-05-10] [] [non signé] FF Extension: (New Tab Override) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\newtaboverride@agenedia.com.xpi [2021-08-17] FF Extension: (Password Backup Tool) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\password-backup-tool@Off.JustOff.xpi [2021-02-23] [] [non signé] FF Extension: (PDF Viewer) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\pdf.js-seamonkey@lakora.us.xpi [2021-05-09] [] [non signé] FF Extension: (S3.Traducteur) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\s3@translator.xpi [2021-07-14] FF Extension: (S3.Google Translator) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\s3google@translator.xpi [2017-11-03] [] FF Extension: (uBlock Origin) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\uBlock0@raymondhill.net.xpi [2022-08-16] FF Extension: (Traduire les pages Web) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-08-04] FF Extension: (Simple link preview) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\{1274ac2c-6015-4975-acb0-976dadad6b35}.xpi [2021-04-18] FF Extension: (uBlock) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2018-05-01] [] FF Extension: (Video DownloadHelper) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-16] FF Extension: (CoolPreviews) - C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2017-10-27] [] [non signé] FF Extension: (CoolPreviews) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2017-10-27] [] [non signé] FF Extension: (S3.Google Translator) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\extensions\s3google@translator.xpi [2017-11-03] [] FF SearchPlugin: C:\Users\bill\AppData\Roaming\Mozilla\Firefox\Profiles\156elgag.default\searchplugins\qwant.xml [2021-08-16] FF ProfilePath: C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\v8nx8q8r.default-esr [2022-08-26] FF ProfilePath: C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default [2022-08-26] FF Homepage: Moonchild Productions\Pale Moon\Profiles\156elgag.default -> hxxp://www.google.fr/ FF NewTab: Moonchild Productions\Pale Moon\Profiles\156elgag.default -> hxxps://www.google.fr/ FF NewTabOverride: Moonchild Productions\Pale Moon\Profiles\156elgag.default -> Enabled: newtaboverride@agenedia.com FF NewTabOverride: Moonchild Productions\Pale Moon\Profiles\156elgag.default -> Disabled: uBlock0@raymondhill.net FF Extension: (Adblock Latitude) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2022-05-10] [] [non signé] FF Extension: (French) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-05-01] [] [non signé] FF Extension: (Français (FR) Language Pack) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\langpack-fr@palemoon.org.xpi [2022-04-02] [] [non signé] FF Extension: (Password Backup Tool) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\password-backup-tool@Off.JustOff.xpi [2021-02-23] [] [non signé] FF Extension: (PDF Viewer) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\pdf.js-seamonkey@lakora.us.xpi [2021-05-09] [] [non signé] FF Extension: (uBlock) - C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2018-05-01] [] FF SearchPlugin: C:\Users\bill\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\156elgag.default\searchplugins\qwant.xml [2022-08-26] FF ProfilePath: C:\Users\bill\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\51b52f46.default [2013-03-25] FF ProfilePath: C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default [2022-04-01] FF Homepage: Avant Profiles\Profiles\156elgag.default -> hxxp://www.orange.fr/portail FF Extension: (Adblock Latitude) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2021-07-30] [] [non signé] FF Extension: (French) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-05-01] [] [non signé] FF Extension: (Français (FR) Language Pack) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\langpack-fr@palemoon.org.xpi [2021-05-10] [] [non signé] FF Extension: (Password Backup Tool) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\password-backup-tool@Off.JustOff.xpi [2021-02-23] [] [non signé] FF Extension: (PDF Viewer) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\pdf.js-seamonkey@lakora.us.xpi [2021-05-09] [] [non signé] FF Extension: (S3.Google Translator) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\s3google@translator.xpi [2017-11-03] [] FF Extension: (uBlock) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2018-05-01] [] FF Extension: (CoolPreviews) - C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2017-10-27] [] [non signé] FF SearchPlugin: C:\Users\bill\AppData\Roaming\Avant Profiles\Profiles\156elgag.default\searchplugins\qwant.xml [2021-08-16] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2022-04-06] (Adobe Inc. -> ) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC -> DivX, LLC.) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2022-04-06] (Adobe Inc. -> ) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC -> DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC -> DivX, LLC) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-1883324312-3376908856-3875682184-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) StartMenuInternet: Firefox-12D8E6BF468F8A7 - C:\Program Files\Mozilla Firefox-64-ESR\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\bill\AppData\Local\Google\Chrome\User Data\Default [2022-08-27] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-14] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\bill\AppData\Roaming\Opera Software\Opera Stable [2022-08-26] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\bill\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-08-10] OPR Extension: (Opera Crypto Wallet) - C:\Users\bill\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-10] OPR Extension: (Amazon Assistant Promotion) - C:\Users\bill\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-10] Vivaldi: ======= VIV Profile: C:\Users\bill\AppData\Local\Vivaldi\User Data\Default [2022-08-26] VIV HomePage: Default -> hxxps://www.google.fr/ VIV Extension: (AVG SafePrice | Comparaison, offres, coupons) - C:\Users\bill\AppData\Local\Vivaldi\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2021-04-13] VIV Extension: (Chrome Media Router) - C:\Users\bill\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-11] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1143368 2013-07-18] (Acronis International GmbH -> Acronis) S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3898360 2014-02-01] (Acronis International GmbH -> Acronis) S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUSTeK Computer Inc. -> ASUS) S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-07-26] (Freemake) [Fichier non signé] S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-09-18] (Ellora Assets Corp.) [Fichier non signé] S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-05] (Malwarebytes Inc. -> Malwarebytes) S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé] S2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé] S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG) S2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7151024 2013-10-22] (Acronis International GmbH -> Acronis) S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc. -> Reason Software Company Inc.) S2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.) S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-25] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare) S1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUSTeK Computer Inc. -> ASUS) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-06-30] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 ATSZIO; C:\Program Files (x86)\ASUS\ASUS PC Diagnostics\ATSZIO64.sys [19584 2016-03-07] (ASUSTeK Computer Inc. -> ) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-09-12] (AVG Technologies -> AVG Technologies) S2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [315632 2021-06-01] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT CORPORATION -> IVT Corporation.) S3 cpuz137; D:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz_x64.sys [26856 2014-02-17] (CPUID -> CPUID) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [116000 2014-02-01] (Acronis International GmbH -> Acronis International GmbH) S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (cert@ezbsystems.com -> EZB Systems, Inc.) S3 IvtAudioBusSrv; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT CORPORATION -> IVT Corporation.) S3 IvtPanBusSrv; C:\WINDOWS\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT CORPORATION -> IVT Corporation.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> ) S2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 RT70x64; C:\WINDOWS\system32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corporation -> Ralink Technology Corp.) R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2014-02-01] (Acronis International GmbH -> Acronis International GmbH) R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2014-02-01] (Acronis International GmbH -> Acronis International GmbH) U5 UnlockerDriver5; D:\LiberKey\Apps\Unlocker\App\Unlocker\x64\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-05-09] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-05-09] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2016-01-19] (Oracle Corporation -> Oracle Corporation) R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) S2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-07-10] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.) S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [38320 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S2 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\drivers\YSDrv\YSDrv.sys [270608 2017-11-18] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation) U1 avgbdisk; pas de ImagePath S3 LgBttPort; \SystemRoot\system32\DRIVERS\lgbtpt64.sys [X] S3 lgbusenum; \SystemRoot\System32\drivers\lgbtbs64.sys [X] S3 LGVMODEM; \SystemRoot\system32\DRIVERS\lgvmdm64.sys [X] S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [X] S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgx64diag.sys [X] S3 USBModem; \SystemRoot\system32\DRIVERS\lgx64modem.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-27 13:52 - 2022-08-27 13:53 - 000041368 _____ C:\Users\bill\Desktop\FRST.txt 2022-08-27 13:52 - 2022-08-27 13:52 - 000000000 ____D C:\FRST 2022-08-27 13:50 - 2022-08-27 13:50 - 002371072 _____ (Farbar) C:\Users\bill\Desktop\FRST64.exe 2022-08-27 13:29 - 2022-08-27 13:29 - 000426462 _____ C:\Users\bill\Desktop\ZHPDiag.txt 2022-08-27 11:27 - 2022-08-27 13:20 - 000526542 _____ C:\WINDOWS\ntbtlog.txt 2022-08-26 23:18 - 2022-08-26 23:18 - 003505864 _____ (Nicolas Coolman) C:\Users\bill\Desktop\ZHPSuite.exe 2022-08-26 23:17 - 2022-08-26 23:18 - 003303624 _____ (Nicolas Coolman) C:\Users\bill\Desktop\ZHPCleaner.exe 2022-08-26 23:15 - 2022-08-26 23:15 - 008551608 _____ (Malwarebytes) C:\Users\bill\Desktop\adwcleaner.exe 2022-08-26 18:17 - 2022-08-26 18:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-26 14:59 - 2022-08-26 14:22 - 005550080 _____ C:\WINDOWS\system32\config\drivers.old 2022-08-26 14:59 - 2022-08-25 21:46 - 121110528 _____ C:\WINDOWS\system32\config\components.old 2022-08-22 16:06 - 2022-07-10 23:05 - 000114232 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2022-08-22 16:06 - 2021-08-16 18:23 - 000105912 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2022-08-22 16:06 - 2021-08-16 18:23 - 000048224 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2022-08-22 16:06 - 2021-08-16 18:23 - 000044128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2022-08-22 16:05 - 2022-08-22 16:05 - 000001229 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk 2022-08-22 16:05 - 2022-08-22 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2022-08-22 16:05 - 2022-07-10 23:11 - 001303792 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2022-08-22 16:05 - 2022-07-10 23:10 - 000428272 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2022-08-22 16:05 - 2022-07-10 23:10 - 000383728 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2022-08-22 16:05 - 2022-07-10 23:10 - 000119792 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll 2022-08-22 16:05 - 2022-07-10 23:10 - 000046576 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnet.sys 2022-08-22 16:05 - 2022-07-10 23:10 - 000044544 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2022-08-22 16:05 - 2021-10-11 04:26 - 000084480 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2022-08-22 16:04 - 2022-08-22 16:04 - 000000000 ____D C:\Program Files\Common Files\VMware 2022-08-21 13:11 - 2022-08-27 13:19 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-08-12 14:53 - 2022-07-29 07:59 - 000020776 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys 2022-08-12 14:53 - 2022-07-13 00:47 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2022-08-12 14:53 - 2022-07-12 06:22 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2022-08-11 16:01 - 2022-08-11 16:01 - 000002559 _____ C:\Users\bill\Desktop\myCANAL (1).lnk 2022-08-11 16:01 - 2022-08-11 16:01 - 000000000 ____D C:\Users\bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Brave 2022-08-10 19:45 - 2022-08-10 19:45 - 000004102 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1660153552 2022-08-10 19:45 - 2022-08-10 19:45 - 000001390 _____ C:\Users\bill\Desktop\Navigateur Opera.lnk 2022-08-10 19:45 - 2022-08-10 19:45 - 000001390 _____ C:\Users\bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-07-17 19:29 - 2022-07-22 16:36 - 000000000 ____D C:\Users\bill\AppData\Roaming\MPC-HC 2022-07-17 16:09 - 2022-07-17 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Codecs 2022-07-17 16:09 - 2022-07-17 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 8 - Codec Pack 2022-07-15 17:57 - 2022-07-15 17:57 - 000036757 _____ C:\Users\bill\Desktop\battery-report.html 2022-07-11 21:29 - 2022-08-07 19:47 - 000000000 ____D C:\Users\bill\AppData\Local\myCANAL 2022-07-10 23:10 - 2022-07-10 23:10 - 000097504 _____ (VMware, Inc.) C:\WINDOWS\system32\vmnetbridge.dll 2022-07-10 23:10 - 2022-07-10 23:10 - 000067072 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetbridge.sys 2022-07-10 23:10 - 2022-07-10 23:10 - 000046576 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetadapter.sys 2022-06-15 20:33 - 2022-08-27 13:19 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-06-08 19:59 - 2022-06-08 19:59 - 000000457 _____ C:\SeafLog.txt 2022-06-08 19:43 - 2022-06-08 19:43 - 000000000 ____D C:\Program Files (x86)\SEAF 2022-06-08 16:45 - 2022-06-08 16:45 - 000000000 ____D C:\ProgramData\myCANAL 2022-06-02 17:40 - 2022-06-02 17:40 - 000002186 _____ C:\Users\bill\Desktop\WhatsApp.lnk 2022-06-02 17:40 - 2022-06-02 17:40 - 000000000 ____D C:\Users\bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2022-06-02 17:39 - 2022-06-03 16:53 - 000000000 ____D C:\Users\bill\AppData\Roaming\WhatsApp 2022-06-02 17:39 - 2022-06-02 17:40 - 000000000 ____D C:\Users\bill\AppData\Local\WhatsApp 2022-06-01 21:14 - 2022-06-01 21:12 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe 2022-06-01 13:37 - 2022-06-01 13:37 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2022-06-01 13:37 - 2022-06-01 13:37 - 000002194 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2022-05-31 17:01 - 2013-07-16 11:00 - 000130248 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-27 13:51 - 2016-11-15 18:15 - 000000000 ____D C:\Users\bill\AppData\LocalLow\Mozilla 2022-08-27 13:50 - 2013-01-05 17:26 - 000000000 ____D C:\ProgramData\Mozilla 2022-08-27 13:49 - 2017-05-22 15:36 - 000000000 ____D C:\Program Files\Mozilla Firefox-64 2022-08-27 13:29 - 2013-10-06 14:42 - 000000000 ____D C:\Users\bill\AppData\Roaming\ZHP 2022-08-27 12:07 - 2015-09-25 17:28 - 000000000 ____D C:\Users\bill\AppData\Local\ClassicShell 2022-08-26 23:24 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-26 23:20 - 2013-10-05 23:13 - 000000000 ____D C:\ProgramData\NVIDIA 2022-08-26 23:14 - 2022-04-05 15:09 - 000000000 ____D C:\Users\bill\AppData\Roaming\vlc 2022-08-26 22:39 - 2013-01-19 14:55 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-26 20:09 - 2013-10-25 16:34 - 000003952 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{81C013ED-261A-443B-8978-74F6DCF41887} 2022-08-26 18:21 - 2014-01-14 01:41 - 000000000 ____D C:\Users\bill\AppData\Roaming\Mozilla 2022-08-26 16:57 - 2015-07-06 19:04 - 000000000 ____D C:\Users\bill\AppData\Local\CrashDumps 2022-08-26 16:55 - 2018-10-30 15:36 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2022-08-26 16:55 - 2015-01-26 22:20 - 000000000 ____D C:\ProgramData\VMware 2022-08-26 16:55 - 2013-01-05 20:59 - 000000000 ___RD C:\Users\Public\AccountPictures 2022-08-26 16:06 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-08-26 15:01 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2022-08-26 14:59 - 2019-05-19 16:40 - 000000000 ____D C:\Users\Administrateur 2022-08-26 13:30 - 2018-07-01 14:03 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1883324312-3376908856-3875682184-1002 2022-08-25 21:08 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-25 17:54 - 2022-04-06 22:05 - 000002922 _____ C:\Users\bill\Desktop\Caster VLC.txt 2022-08-25 16:01 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-25 16:01 - 2013-01-05 14:19 - 000000000 ____D C:\Users\bill\AppData\Local\Packages 2022-08-25 15:59 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-25 15:12 - 2016-01-25 16:23 - 000000000 ____D C:\Users\bill\AppData\Local\PackageStaging 2022-08-25 13:27 - 2015-10-01 16:03 - 000000000 ____D C:\Anniversaire 40-Nadège 2022-08-24 19:15 - 2013-09-30 06:16 - 001825610 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-24 19:15 - 2013-09-30 05:56 - 000809804 _____ C:\WINDOWS\system32\perfh00C.dat 2022-08-24 19:15 - 2013-09-30 05:56 - 000158150 _____ C:\WINDOWS\system32\perfc00C.dat 2022-08-24 19:15 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2022-08-22 16:09 - 2015-01-26 22:25 - 000000000 ____D C:\Users\bill\AppData\Roaming\VMware 2022-08-22 16:09 - 2015-01-26 22:25 - 000000000 ____D C:\Users\bill\AppData\Local\VMware 2022-08-22 16:05 - 2015-01-26 22:20 - 001847228 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2022-08-22 16:04 - 2016-05-17 17:02 - 000000000 ____D C:\Program Files (x86)\VMware 2022-08-20 17:43 - 2020-07-30 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron (64-Bit) 2022-08-20 17:43 - 2020-07-30 16:50 - 000000000 ____D C:\Program Files\SRWare Iron (64-Bit) 2022-08-17 13:27 - 2019-02-12 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-08-16 19:03 - 2017-12-08 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZedTV 2022-08-16 19:03 - 2017-12-08 16:37 - 000000000 ____D C:\Program Files (x86)\ZedTV 2022-08-14 19:43 - 2013-02-07 21:27 - 000000000 ____D C:\Users\bill\AppData\Roaming\Thunderbird 2022-08-14 16:04 - 2020-04-03 16:04 - 000000000 ____D C:\Users\bill\AppData\Roaming\avidemux 2022-08-13 18:37 - 2021-10-18 18:33 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-08-13 14:11 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2022-08-13 13:26 - 2013-08-22 16:44 - 000568224 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-12 23:03 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2022-08-12 23:03 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-08-12 23:03 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup 2022-08-12 15:18 - 2013-08-08 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-12 15:00 - 2013-01-05 16:50 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-12 14:56 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-12 14:42 - 2014-06-23 16:27 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2022-08-12 14:41 - 2014-06-23 16:26 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2022-08-12 14:39 - 2014-04-11 16:58 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2022-08-11 18:46 - 2022-04-07 17:35 - 000000000 ____D C:\Users\bill\AppData\Roaming\Soda Player ==================== Fichiers à la racine de certains dossiers ======== 2016-03-22 20:27 - 2017-11-15 16:08 - 002971008 _____ () C:\Users\bill\ZHPCleaner.exe 2017-01-13 21:03 - 2017-01-13 21:04 - 002642944 _____ () C:\Users\bill\ZHPDiag3.exe 2013-12-30 16:51 - 2013-12-30 16:51 - 000003735 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-10-30 01:17 - 2013-10-30 01:19 - 000000096 _____ () C:\Users\bill\AppData\Roaming\Camdata.ini 2013-10-30 01:17 - 2013-10-30 01:19 - 000000408 _____ () C:\Users\bill\AppData\Roaming\CamLayout.ini 2013-10-30 01:17 - 2013-10-30 01:19 - 000000408 _____ () C:\Users\bill\AppData\Roaming\CamShapes.ini 2013-10-30 01:17 - 2013-10-30 01:19 - 000004509 _____ () C:\Users\bill\AppData\Roaming\CamStudio.cfg 2013-01-06 00:13 - 2013-01-06 00:13 - 000000000 _____ () C:\Users\bill\AppData\Roaming\kajOm.txt 2014-04-27 17:17 - 2014-04-27 17:19 - 000000080 _____ () C:\Users\bill\AppData\Roaming\mbam.context.scan 2013-07-14 17:50 - 2008-07-07 13:22 - 000000014 _____ () C:\Users\bill\AppData\Roaming\options.ini 2013-07-14 17:50 - 2012-07-07 13:04 - 000000003 _____ () C:\Users\bill\AppData\Roaming\options_pdfcombine.ini 2013-07-14 17:50 - 2013-02-23 12:15 - 000000003 _____ () C:\Users\bill\AppData\Roaming\options_pdfrotator.ini 2013-07-14 17:50 - 2013-07-14 17:50 - 000000703 _____ () C:\Users\bill\AppData\Roaming\pdfsound.dll 2013-07-14 17:50 - 2013-06-09 09:38 - 000000053 _____ () C:\Users\bill\AppData\Roaming\setting.ini 2013-07-14 17:50 - 2013-07-14 18:17 - 000000074 _____ () C:\Users\bill\AppData\Roaming\setup.ini 2013-07-14 17:50 - 2013-06-09 09:30 - 000000043 _____ () C:\Users\bill\AppData\Roaming\setup_pdfcombine.ini 2013-07-14 17:50 - 2013-06-09 10:34 - 000000043 _____ () C:\Users\bill\AppData\Roaming\setup_pdfrotator.ini 2013-01-05 14:23 - 2013-01-05 19:00 - 000000401 _____ () C:\Users\bill\AppData\Roaming\sp_data.sys 2022-05-10 22:49 - 2022-05-10 22:49 - 000002539 _____ () C:\Users\bill\AppData\Roaming\Microsoft\5b7e07b3-d55f-4845-b02f-de7a7d870e61.tmp 2022-04-22 16:02 - 2022-04-22 16:02 - 000001537 _____ () C:\Users\bill\AppData\Roaming\Microsoft\629094ee-4a1d-437b-afb4-f5eefefd1bc3.tmp 2022-05-30 20:36 - 2022-05-30 20:36 - 000000000 _____ () C:\Users\bill\AppData\Roaming\Microsoft\bc724aba-5d90-449a-b035-7826b1395ec3.tmp 2022-03-18 23:46 - 2022-03-18 23:47 - 000001372 _____ () C:\Users\bill\AppData\Roaming\Microsoft\fc87b2e6-a3bd-4412-a2d9-1b7d81e10e26.tmp 2014-03-09 17:45 - 2022-02-12 17:03 - 000012800 _____ () C:\Users\bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-30 14:20 - 2021-02-23 20:28 - 000007607 _____ () C:\Users\bill\AppData\Local\Resmon.ResmonCfg 2018-10-29 17:31 - 2018-10-29 17:31 - 000000000 _____ () C:\Users\bill\AppData\Local\{ABFC850B-FB9C-4B09-BAA2-95DE2E7067D4} ==================== SigCheckExt ========================= 2018-09-22 21:18 - 2018-09-22 21:18 - 010954752 _____ (FFmpeg Project) C:\WINDOWS\system32\avcodec-ics-58.dll 2018-09-22 21:18 - 2018-09-22 21:18 - 001278464 _____ (FFmpeg Project) C:\WINDOWS\system32\avformat-ics-58.dll 2013-12-17 03:28 - 2013-12-17 03:28 - 000122368 _____ C:\WINDOWS\system32\avi.x64.dll 2018-09-22 21:18 - 2018-09-22 21:18 - 000493568 _____ (FFmpeg Project) C:\WINDOWS\system32\avutil-ics-56.dll 2015-08-19 18:14 - 2008-04-14 14:00 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\clipbrd.exe 2015-01-06 19:35 - 2014-12-30 00:32 - 000088064 _____ C:\WINDOWS\system32\cmdow.exe 2013-12-17 03:27 - 2013-12-17 03:27 - 000135680 _____ C:\WINDOWS\system32\dsmux.x64.exe 2013-12-17 03:27 - 2013-12-17 03:27 - 000332288 _____ C:\WINDOWS\system32\dxr.x64.dll 2015-04-14 23:06 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_2D4B0DE.DLL 2017-04-05 20:01 - 2016-07-19 04:11 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_2LM0DE.DLL 2015-04-14 22:25 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2013-01-06 17:35 - 2006-04-19 03:00 - 000086528 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_IBCBBIE.DLL 2013-01-06 17:35 - 2006-08-10 03:02 - 000126976 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBIE.DLL 2014-11-18 23:26 - 2011-03-15 04:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJ5E.DLL 2015-04-14 22:25 - 2011-03-14 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BJJE.DLL 2014-11-18 23:26 - 2011-04-20 04:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJ5E.DLL 2014-11-18 18:59 - 2011-04-19 04:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMJJE.DLL 2013-12-17 03:27 - 2013-12-17 03:27 - 000481792 _____ C:\WINDOWS\system32\gdsmux.x64.exe 2018-09-28 20:20 - 2018-09-28 20:20 - 000343040 _____ (Tabibito Technology) C:\WINDOWS\system32\IcarosCache.dll 2018-09-28 20:20 - 2018-09-28 20:20 - 000281088 _____ (Tabibito Technology) C:\WINDOWS\system32\IcarosConfig.exe 2018-09-28 20:20 - 2018-09-28 20:20 - 000745984 _____ (Tabibito Technology) C:\WINDOWS\system32\IcarosPropertyHandler.dll 2018-09-28 20:20 - 2018-09-28 20:20 - 000365056 _____ (Tabibito Technology) C:\WINDOWS\system32\IcarosThumbnailProvider.dll 2018-09-28 20:20 - 2018-09-28 20:20 - 000342016 _____ (Tabibito Technology) C:\WINDOWS\system32\IcarosUICore.dll 2012-09-21 04:56 - 2012-08-15 19:53 - 000116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v2828.dll 2013-09-17 22:04 - 2008-05-25 03:46 - 000013824 _____ (Microsoft) C:\WINDOWS\system32\Layout.dll 2014-02-05 00:18 - 2012-03-02 00:18 - 000721408 _____ (hxxp://lame.sf.net) C:\WINDOWS\system32\libmp3lame.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000024576 _____ C:\WINDOWS\system32\mkunicode.x64.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000160768 _____ C:\WINDOWS\system32\mkv2vfr.x64.exe 2013-12-17 03:27 - 2013-12-17 03:27 - 000174080 _____ C:\WINDOWS\system32\mkx.x64.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000084992 _____ C:\WINDOWS\system32\mkzlib.x64.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000166400 _____ C:\WINDOWS\system32\mp4.x64.dll 2013-12-17 03:26 - 2013-12-17 03:26 - 000139264 _____ C:\WINDOWS\system32\ogm.x64.dll 2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll 2018-09-22 21:18 - 2018-09-22 21:18 - 000550400 _____ (FFmpeg Project) C:\WINDOWS\system32\swscale-ics-5.dll 2013-12-17 03:26 - 2013-12-17 03:26 - 000180736 _____ C:\WINDOWS\system32\ts.x64.dll 2013-12-17 04:38 - 2013-12-17 04:38 - 001929216 _____ (xy-VSFilter Team) C:\WINDOWS\system32\VSFilter.dll 2013-10-22 18:57 - 2013-10-22 18:57 - 000037232 _____ C:\WINDOWS\ASScrProlog.exe 2013-10-22 18:57 - 2013-10-22 18:57 - 000262512 _____ (ASUSTeK Computer Inc) C:\WINDOWS\ASUS LCD ScreenSaver Uninstaller.exe 2009-12-06 11:18 - 2009-12-06 11:18 - 000026624 ___SH C:\WINDOWS\bfcs2.dll 2013-01-05 15:35 - 2012-11-12 18:52 - 000820939 _____ C:\WINDOWS\Fix_V4.exe 2013-10-22 18:57 - 2013-10-22 18:57 - 000606848 _____ (Microsoft Corporation) C:\WINDOWS\flashax.exe 2013-10-22 18:57 - 2013-10-22 18:57 - 000012288 _____ C:\WINDOWS\impborl.dll 2013-10-22 18:57 - 2013-10-22 18:57 - 006235384 _____ (Macromedia, Inc.) C:\WINDOWS\LCD Demo.exe 2014-05-17 18:50 - 2007-02-10 09:00 - 000090112 _____ C:\WINDOWS\SendToClip.exe 2014-11-18 18:43 - 2001-09-10 19:05 - 000087392 _____ (Twain Working Group) C:\WINDOWS\TWAIN.DLL 2014-11-18 18:43 - 2001-09-10 19:05 - 000048560 _____ (Twain Working Group) C:\WINDOWS\Twunk_16.exe 2014-11-18 18:43 - 2001-09-10 19:05 - 000069632 _____ (Twain Working Group) C:\WINDOWS\Twunk_32.exe 2013-05-16 21:25 - 2014-04-22 18:35 - 000707354 _____ C:\WINDOWS\unins000.exe 2012-10-25 16:53 - 2012-08-24 18:17 - 000192000 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe 2018-09-22 21:13 - 2018-09-22 21:13 - 010331136 _____ (FFmpeg Project) C:\WINDOWS\SysWOW64\avcodec-ics-58.dll 2018-09-22 21:13 - 2018-09-22 21:13 - 001393664 _____ (FFmpeg Project) C:\WINDOWS\SysWOW64\avformat-ics-58.dll 2013-12-17 03:28 - 2013-12-17 03:28 - 000109568 _____ C:\WINDOWS\SysWOW64\avi.dll 2013-12-17 03:28 - 2013-12-17 03:28 - 000097792 _____ C:\WINDOWS\SysWOW64\avs.dll 2013-12-17 03:28 - 2013-12-17 03:28 - 000093184 _____ C:\WINDOWS\SysWOW64\avss.dll 2018-09-22 21:13 - 2018-09-22 21:13 - 000551936 _____ (FFmpeg Project) C:\WINDOWS\SysWOW64\avutil-ics-56.dll 2013-02-16 15:02 - 2013-02-16 15:02 - 000107584 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\bass.dll 2011-05-12 15:16 - 2011-05-12 15:16 - 000019008 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\basscd.dll 2009-12-09 13:40 - 2009-12-09 13:40 - 000025152 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\bassflac.dll 2012-08-23 15:43 - 2012-08-23 15:43 - 000054328 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\bassopus.dll 2012-12-05 19:27 - 2012-12-05 19:27 - 000025664 _____ (Un4seen Developments) C:\WINDOWS\SysWOW64\basswv.dll 2012-10-16 15:17 - 2012-10-16 15:17 - 000149720 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_aac.dll 2013-01-31 18:02 - 2013-01-31 18:02 - 000009416 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_alac.dll 2011-08-03 17:48 - 2011-08-03 17:48 - 000033456 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_ape.dll 2012-05-09 14:26 - 2012-05-09 14:26 - 000021112 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_mpc.dll 2009-04-24 12:20 - 2009-04-24 12:20 - 000005960 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_ofr.dll 2010-03-24 13:15 - 2010-03-24 13:15 - 000047104 _____ C:\WINDOWS\SysWOW64\bass_tak.dll 2008-02-27 22:49 - 2008-02-27 22:49 - 000008536 _____ (MaresWEB) C:\WINDOWS\SysWOW64\bass_tta.dll 2022-01-23 19:10 - 2022-01-23 19:10 - 000217088 _____ (Medieval Software) C:\WINDOWS\SysWOW64\BlueCiucc.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 2013-09-11 18:36 - 2006-05-02 02:33 - 000053248 _____ () C:\WINDOWS\SysWOW64\CommonDL.dll 2012-10-25 16:30 - 2012-07-04 11:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2014-11-18 18:43 - 1999-05-06 15:22 - 000027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CTL3DV2.DLL 2013-06-07 16:13 - 1999-01-20 06:01 - 000210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL 2013-01-06 21:01 - 2003-05-22 13:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000113152 _____ C:\WINDOWS\SysWOW64\dsmux.exe 2013-12-17 03:27 - 2013-12-17 03:27 - 000249856 _____ C:\WINDOWS\SysWOW64\dxr.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000358400 _____ C:\WINDOWS\SysWOW64\gdsmux.exe 2018-09-28 20:19 - 2018-09-28 20:19 - 000278016 _____ (Tabibito Technology) C:\WINDOWS\SysWOW64\IcarosCache.dll 2018-09-28 20:20 - 2018-09-28 20:20 - 000281088 _____ (Tabibito Technology) C:\WINDOWS\SysWOW64\IcarosConfig.exe 2018-09-28 20:19 - 2018-09-28 20:19 - 000611328 _____ (Tabibito Technology) C:\WINDOWS\SysWOW64\IcarosPropertyHandler.dll 2018-09-28 20:19 - 2018-09-28 20:19 - 000301568 _____ (Tabibito Technology) C:\WINDOWS\SysWOW64\IcarosThumbnailProvider.dll 2018-09-28 20:20 - 2018-09-28 20:20 - 000342016 _____ (Tabibito Technology) C:\WINDOWS\SysWOW64\IcarosUICore.dll 2006-03-17 13:45 - 2006-03-17 13:45 - 001757184 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagX7.dll 2006-03-17 13:45 - 2006-03-17 13:45 - 000258048 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXR7.dll 2006-03-17 13:45 - 2006-03-17 13:45 - 000802816 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXRA7.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2012-04-20 14:59 - 2012-04-20 14:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2012-07-20 11:26 - 2012-07-20 11:26 - 000094720 _____ (Ralink) C:\WINDOWS\SysWOW64\legap.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2013-07-18 14:32 - 2013-07-18 14:32 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 2013-01-06 21:01 - 2003-05-22 00:50 - 000261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll 2013-01-24 19:15 - 1998-06-17 19:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mfc42loc.dll 2013-01-06 21:01 - 2002-01-05 15:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000024576 _____ C:\WINDOWS\SysWOW64\mkunicode.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000137728 _____ C:\WINDOWS\SysWOW64\mkv2vfr.exe 2013-12-17 03:27 - 2013-12-17 03:27 - 000150528 _____ C:\WINDOWS\SysWOW64\mkx.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000080384 _____ C:\WINDOWS\SysWOW64\mkzlib.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000142336 _____ C:\WINDOWS\SysWOW64\mp4.dll 2013-01-06 21:01 - 2002-08-20 01:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 2000-04-04 02:52 - 2000-04-04 02:52 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll 2013-09-11 18:36 - 2011-05-08 07:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcm90.dll 2013-01-06 21:01 - 2002-01-05 14:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2005-08-05 18:30 - 2005-08-05 18:30 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll 2013-01-06 21:01 - 2003-05-22 00:50 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2013-12-17 03:27 - 2013-12-17 03:27 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2012-10-25 16:53 - 2003-05-22 00:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2003-04-18 17:46 - 2003-04-18 17:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2013-09-11 18:36 - 2005-10-01 19:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll 2003-04-18 17:29 - 2003-04-18 17:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll 2013-07-18 14:32 - 2013-07-18 14:32 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe 2013-07-18 14:32 - 2013-07-18 14:32 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll 2013-12-17 03:26 - 2013-12-17 03:26 - 000123392 _____ C:\WINDOWS\SysWOW64\ogm.dll 2011-02-11 12:26 - 2011-02-11 12:26 - 000237568 _____ C:\WINDOWS\SysWOW64\OptimFROG.dll 2012-07-12 22:32 - 2012-07-12 22:32 - 000144384 _____ (TODO: ) C:\WINDOWS\SysWOW64\RaGATT.dll 2013-09-11 16:19 - 2013-07-18 14:33 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2014-06-19 22:18 - 2014-06-19 22:18 - 000005120 _____ C:\WINDOWS\SysWOW64\RegDir.dll 2014-09-12 23:54 - 2010-08-30 09:34 - 000536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2017-08-13 08:49 - 2017-08-13 08:49 - 000248120 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll 2018-09-22 21:13 - 2018-09-22 21:13 - 000547840 _____ (FFmpeg Project) C:\WINDOWS\SysWOW64\swscale-ics-5.dll 2011-07-08 16:45 - 2011-07-08 16:45 - 000112640 _____ (Thomas Becker, Osnabrueck) C:\WINDOWS\SysWOW64\tak_deco_lib.dll 2013-12-17 03:26 - 2013-12-17 03:26 - 000154624 _____ C:\WINDOWS\SysWOW64\ts.dll 2006-03-17 16:49 - 2006-03-17 16:49 - 000368640 _____ (Pegasus Imaging Corporation) C:\WINDOWS\SysWOW64\TwnLib4.dll 2013-07-31 23:41 - 1998-07-13 00:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL 2013-12-17 04:38 - 2013-12-17 04:38 - 001573376 _____ (xy-VSFilter Team) C:\WINDOWS\SysWOW64\VSFilter.dll 2013-01-06 21:43 - 2005-08-03 07:08 - 000061440 _____ (CACE Technologies) C:\WINDOWS\SysWOW64\WanPacket.dll 2006-10-26 14:45 - 2006-10-26 14:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE 2017-07-30 12:50 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll 2019-12-28 16:22 - 2019-12-28 16:22 - 000636416 _____ C:\WINDOWS\SysWOW64\xvidcore.dll 2019-12-28 16:22 - 2019-12-28 16:22 - 000235520 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll 2012-08-17 02:52 - 2009-07-22 12:04 - 000024576 _____ C:\ProgramData\SetStretch.exe 2016-03-22 20:27 - 2017-11-15 16:08 - 002971008 _____ C:\Users\bill\ZHPCleaner.exe 2017-01-13 21:03 - 2017-01-13 21:04 - 002642944 _____ C:\Users\bill\ZHPDiag3.exe 2022-04-02 20:53 - 2020-03-19 20:00 - 000300161 _____ (CheshireCat) C:\Users\bill\Desktop\Bandicam_Portable.exe 2014-05-15 16:53 - 2014-05-15 16:53 - 001242562 _____ C:\Users\bill\Desktop\CAT.exe 2014-01-21 02:04 - 2014-01-21 02:04 - 000849187 _____ C:\Users\bill\Desktop\ControleWifi.exe 2019-03-01 22:28 - 2019-03-01 22:28 - 001216000 _____ C:\Users\bill\Desktop\CTR 2.1.0.exe 2015-12-20 18:33 - 2015-12-16 11:10 - 000090112 _____ (Nenad Hrg (SoftwareOK.com)) C:\Users\bill\Desktop\ExperienceIndexOK.exe 2022-08-27 13:50 - 2022-08-27 13:50 - 002371072 _____ (Farbar) C:\Users\bill\Desktop\FRST64.exe 2018-03-07 20:37 - 2018-03-07 20:36 - 000655872 _____ C:\Users\bill\Desktop\InfosLicence.exe 2017-03-11 21:11 - 2017-03-11 21:11 - 001028096 _____ C:\Users\bill\Desktop\InfPC.exe 2017-03-05 17:45 - 2017-03-05 17:45 - 001107968 _____ C:\Users\bill\Desktop\ListeLogsInstall.exe 2017-03-08 23:00 - 2017-03-08 23:00 - 001238016 _____ C:\Users\bill\Desktop\LogsDem.exe 2018-03-05 21:28 - 2018-03-05 21:28 - 000607232 _____ C:\Users\bill\Desktop\RepErr.exe 2014-10-18 15:32 - 2014-10-18 15:32 - 001286144 _____ C:\Users\bill\Desktop\RSTAutorisations.exe 2022-04-02 19:39 - 2022-04-02 19:38 - 000498868 _____ (C_XX) C:\Users\bill\Desktop\SEAF.exe 2017-11-14 16:40 - 2017-11-14 16:40 - 002884096 _____ (niemiro) C:\Users\bill\Desktop\SFCFix(2).exe 2022-08-26 23:17 - 2022-08-26 23:18 - 003303624 _____ (Nicolas Coolman) C:\Users\bill\Desktop\ZHPCleaner.exe 2022-08-26 23:18 - 2022-08-26 23:18 - 003505864 _____ (Nicolas Coolman) C:\Users\bill\Desktop\ZHPSuite.exe 2013-07-14 17:50 - 2013-07-14 17:50 - 000000703 _____ C:\Users\bill\AppData\Roaming\pdfsound.dll ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {eec9d4b4-573c-11e2-be76-08606e4b6eca} displayorder {current} toolsdisplayorder {memdiag} timeout 15 displaybootmenu Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {11976966-1f03-11e2-b790-fd04d2408a76} device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{11360d77-1f03-11e2-b790-fd04d2408a76} path \windows\system32\winload.efi description Windows Recovery Environment inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{11360d77-1f03-11e2-b790-fd04d2408a76} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {d1c12ddd-1efa-11e2-8b02-8c3587f80534} device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.efi description WinPE osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} systemroot \windows nx OptIn detecthal Yes winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {eec9d4b1-573c-11e2-be76-08606e4b6eca} device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{eec9d4b2-573c-11e2-be76-08606e4b6eca} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{eec9d4b2-573c-11e2-be76-08606e4b6eca} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {eec9d4b6-573c-11e2-be76-08606e4b6eca} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {eec9d4b4-573c-11e2-be76-08606e4b6eca} nx OptIn bootmenupolicy Standard usefirmwarepcisettings No Chargeur de d‚marrage Windows ----------------------------- identificateur {eec9d4b6-573c-11e2-be76-08606e4b6eca} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{eec9d4b7-573c-11e2-be76-08606e4b6eca} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{eec9d4b7-573c-11e2-be76-08606e4b6eca} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {d1c12ddb-1efa-11e2-8b02-8c3587f80534} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale en-us inherit {resumeloadersettings} recoverysequence {eec9d4b1-573c-11e2-be76-08606e4b6eca} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {eec9d4b4-573c-11e2-be76-08606e4b6eca} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {eec9d4b6-573c-11e2-be76-08606e4b6eca} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {11360d77-1f03-11e2-b790-fd04d2408a76} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk options ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \boot\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {eec9d4b2-573c-11e2-be76-08606e4b6eca} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {eec9d4b3-573c-11e2-be76-08606e4b6eca} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {eec9d4b7-573c-11e2-be76-08606e4b6eca} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2022-08-26 17:09 ==================== Fin de FRST.txt ========================