Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022 Exécuté par jacad (administrateur) sur TOSHIBA-15-5 (TOSHIBA Satellite A500) (19-08-2022 15:40:44) Exécuté depuis C:\Users\jacad\Downloads Profils chargés: jacad Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_isolation.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe <2> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\jacad\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\jacad\AppData\Roaming\ZHP\ZHPSuite.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <21> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\thpevm.inf_amd64_975290a9f28c9a50\dynabookHDDProtection.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2> (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186408 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm.exe [520520 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab) HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [Screenpresso] => C:\Users\jacad\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [18192392 2022-08-17] (Learnpulse -> Learnpulse) HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\...\Run: [MicrosoftEdgeAutoLaunch_1D331B814A2299233D94B9FED2993217] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-04-12] (pdfforge GmbH) [Fichier non signé] Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0018A5C2-418C-49DB-BBB9-17CB34ADBF8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {34B6CD56-09FC-402E-BE42-92DB627EC77B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {47B349B3-356C-4539-A467-0A579270C189} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-18] (Microsoft Windows -> Microsoft Corporation) Task: {4D90AAF0-E096-44BA-B177-5864B5467F64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {623833ED-4D34-4DA1-874A-9C8183AE6F02} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {62B3C2A6-7613-4B23-82F0-0C5A493EBFAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {8BAD5C60-942A-42AA-B32C-DC68F31A3838} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {8E6AE734-B564-4DE2-B8D2-F4868D4D4554} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) Task: {BA530A5F-F264-4A4F-881F-41D304CB177C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {C77A46A5-D836-4D81-8843-23F9206E1F54} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.) Task: {CCAB05D7-F475-4752-823A-5F08A2EE2FBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {CD1E3459-71B9-4B9E-A58E-8047D408CC63} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform) Task: {D036AB13-BBBD-4835-B689-038EF42F8E20} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-18] (Microsoft Windows -> Microsoft Corporation) Task: {D6CD6081-8B9A-4ADB-98D5-8C55A286D136} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {E9B28EB1-47B5-42E7-BB70-BCCB47CDDBDE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.) Task: {EB18FFB1-F7D8-4509-BCD7-3411C6EAE792} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {F50AB8FA-4D09-4184-8E66-BF24448EA080} - System32\Tasks\CCleanerSkipUAC - jacad => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FCE4AB1F-F472-4FAB-9EEE-DE643F6A7EFE} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0512bf06-f2de-42ab-9d1f-14c28aecb4f4}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{49668aa3-bf96-4113-8312-1bb56c7ad778}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5a6527e3-7f95-48c7-95cf-b024d5531936}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d1f47f68-18df-4788-8b75-5311a8caafca}: [DhcpNameServer] 172.20.10.1 Edge: ======= DownloadDir: Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-19] Edge Extension: (Kaspersky Protection) - C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-18] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jacad\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-18] Edge HKU\S-1-5-21-1059046205-1215171921-3365948096-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: lnjzph4x.default-1458407387387-1656598465381 FF ProfilePath: C:\Users\jacad\AppData\Roaming\Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381 [2022-08-19] FF Notifications: Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381 -> hxxps://assiste.com FF Extension: (Kaspersky Protection) - C:\Users\jacad\AppData\Roaming\Mozilla\Firefox\Profiles\lnjzph4x.default-1458407387387-1656598465381\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2022-08-18] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-08-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-21] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-21] <==== ATTENTION Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-07-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-16] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-17] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46832 2022-08-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-16] (Malwarebytes Inc. -> Malwarebytes) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH) R2 TSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\thpevm.inf_amd64_975290a9f28c9a50\dynabookHDDProtection.exe [425800 2021-11-18] (Dynabook Inc. -> Dynabook Inc.) S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2012-07-31] (Brother Industries, Ltd. -> Brother Industries Ltd.) S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2012-06-22] (Brother Industries, Ltd. -> Brother Industries Ltd.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1582640 2022-07-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [188648 2022-08-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187200 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270752 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 klupd_klif_swmon; C:\WINDOWS\System32\Drivers\klupd_klif_swmon.sys [209928 2018-10-19] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.) R0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) U3 aswbdisk; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-19 15:40 - 2022-08-19 15:44 - 000025291 _____ C:\Users\jacad\Downloads\FRST.txt 2022-08-19 15:38 - 2022-08-19 15:42 - 000000000 ____D C:\FRST 2022-08-19 15:37 - 2022-08-19 15:37 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64(1).exe 2022-08-19 15:34 - 2022-08-19 15:35 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64.exe 2022-08-19 14:51 - 2022-08-19 14:51 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-08-19 07:28 - 2022-08-19 07:28 - 000314821 _____ C:\Users\jacad\Desktop\ZHPDiag.txt 2022-08-19 06:55 - 2022-08-19 06:55 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(3).exe 2022-08-19 06:29 - 2022-08-19 06:29 - 000000000 ___HD C:\$WinREAgent 2022-08-18 18:01 - 2022-08-18 18:01 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(2).exe 2022-08-18 12:30 - 2022-08-18 17:56 - 000001936 _____ C:\Users\jacad\Desktop\kpm - Raccourci.lnk 2022-08-18 11:56 - 2022-08-18 11:56 - 000314288 _____ C:\Users\jacad\Desktop\ZHPDiagXXXX (2).txt 2022-08-18 11:15 - 2022-08-18 11:15 - 000000486 _____ C:\Users\jacad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WINDOWS (C).lnk 2022-08-18 11:01 - 2022-08-18 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-08-18 10:58 - 2022-08-19 06:29 - 000000000 ____D C:\ProgramData\Package Cache 2022-08-18 10:58 - 2022-08-19 06:28 - 000000000 ____D C:\Program Files (x86)\dotnet 2022-08-18 10:19 - 2022-08-18 10:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-18 10:18 - 2022-08-18 10:18 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-08-18 10:18 - 2022-08-18 10:18 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-18 10:18 - 2022-08-18 10:18 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-08-18 10:18 - 2022-08-18 10:18 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-08-18 10:18 - 2022-08-18 10:18 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-08-18 10:18 - 2022-08-18 10:18 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-08-18 10:18 - 2022-08-18 10:18 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-08-18 10:17 - 2022-08-18 10:17 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-08-18 10:17 - 2022-08-18 10:17 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-08-18 10:17 - 2022-08-18 10:17 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-08-18 10:17 - 2022-08-18 10:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-08-18 10:17 - 2022-08-18 10:17 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-08-18 10:17 - 2022-08-18 10:17 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-08-18 10:16 - 2022-08-18 10:16 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-18 10:14 - 2022-08-18 10:14 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-08-18 10:14 - 2022-08-18 10:14 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-08-18 10:13 - 2022-08-18 10:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-18 10:12 - 2022-08-18 10:12 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-08-18 10:12 - 2022-08-18 10:12 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-08-18 10:10 - 2022-08-18 10:10 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-08-18 10:10 - 2022-08-18 10:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-18 10:10 - 2022-08-18 10:10 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-18 10:10 - 2022-08-18 10:10 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-18 10:10 - 2022-08-18 10:10 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-18 06:48 - 2022-08-18 06:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-08-17 15:52 - 2022-08-18 11:06 - 000001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk 2022-08-17 10:46 - 2022-08-17 10:46 - 000314769 _____ C:\Users\jacad\Desktop\ZHPDiagXXXX.txt 2022-08-17 10:23 - 2022-08-19 15:32 - 000000000 ____D C:\Users\jacad\AppData\Roaming\ZHP 2022-08-17 10:23 - 2022-08-19 06:59 - 000000915 _____ C:\Users\jacad\Desktop\ZHPSuite.lnk 2022-08-17 10:23 - 2022-08-17 10:23 - 000000000 ____D C:\Users\jacad\AppData\Local\ZHP 2022-08-17 10:22 - 2022-08-17 10:22 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(1).exe 2022-08-17 10:21 - 2022-08-17 10:21 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite.exe 2022-08-17 09:44 - 2022-08-17 09:44 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-08-17 09:40 - 2022-08-17 09:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-08-17 09:39 - 2022-08-17 09:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-08-17 09:35 - 2022-08-17 09:35 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-08-17 09:31 - 2022-08-17 09:31 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-08-17 09:31 - 2022-08-17 09:31 - 000000260 _____ C:\Users\jacad\Desktop\ordinateur très lent.URL 2022-08-17 09:30 - 2022-08-17 09:30 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-08-17 09:28 - 2022-08-17 09:28 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-08-17 09:28 - 2022-08-17 09:28 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-08-17 09:24 - 2022-08-17 09:24 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-08-17 09:10 - 2022-08-17 09:10 - 000023952 _____ C:\Users\jacad\Desktop\TOSHIBA-15-5.speccy 2022-08-17 08:55 - 2022-08-17 15:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-08-16 15:01 - 2022-08-16 15:01 - 000001434 _____ C:\Users\jacad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2022-08-16 14:26 - 2022-08-16 14:26 - 000000000 ____D C:\Users\jacad\.ms-ad 2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-08-13 20:27 - 2022-08-13 20:27 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-08-13 20:27 - 2022-08-13 20:27 - 000046832 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-07-08 17:23 - 2022-07-08 17:23 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2022-07-08 16:14 - 2022-07-08 16:14 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-07-08 16:12 - 2022-08-16 13:27 - 000000000 ____D C:\Program Files\RUXIM 2022-06-30 16:32 - 2022-06-30 16:27 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-06-30 16:24 - 2022-06-30 16:24 - 002549096 _____ (Malwarebytes) C:\Users\jacad\Downloads\MBSetup(1).exe 2022-06-30 16:13 - 2022-08-19 15:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-30 15:51 - 2022-06-30 15:52 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2022-06-30 15:50 - 2022-06-30 15:50 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2022-06-30 15:50 - 2022-06-30 15:50 - 000187200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-19 15:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-19 15:36 - 2017-01-06 16:46 - 000000000 ____D C:\Users\jacad\AppData\LocalLow\Mozilla 2022-08-19 15:23 - 2021-05-08 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-19 15:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-19 15:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-19 15:01 - 2018-08-16 09:11 - 000000000 ____D C:\Program Files\CCleaner 2022-08-19 14:56 - 2021-05-08 23:52 - 001778692 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-19 14:56 - 2019-12-07 16:49 - 000795802 _____ C:\WINDOWS\system32\perfh00C.dat 2022-08-19 14:56 - 2019-12-07 16:49 - 000151166 _____ C:\WINDOWS\system32\perfc00C.dat 2022-08-19 14:51 - 2021-05-08 23:35 - 000448184 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-19 14:49 - 2021-05-09 00:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-19 14:49 - 2021-05-08 23:35 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-19 07:55 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-08-19 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-19 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-19 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-08-19 07:47 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-08-19 07:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-19 07:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-19 07:42 - 2016-02-10 17:21 - 000000000 ____D C:\Users\jacad\AppData\Local\ClassicShell 2022-08-19 07:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-19 06:19 - 2021-05-09 00:12 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{79CB5219-7A43-4728-B462-177C5D4C51C9} 2022-08-18 11:06 - 2021-08-13 10:56 - 000001595 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk 2022-08-18 11:06 - 2016-02-16 17:52 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-08-18 11:05 - 2017-06-26 18:28 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-08-18 10:08 - 2021-05-08 23:39 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-18 09:21 - 2018-08-28 09:39 - 000000531 _____ C:\Users\jacad\Desktop\Jacques.website 2022-08-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-18 07:40 - 2016-02-17 16:34 - 000000000 ____D C:\Users\jacad\Desktop\Raccourcis Aplications 2022-08-18 07:13 - 2016-02-17 18:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-18 06:58 - 2016-02-17 18:07 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-18 06:46 - 2021-09-23 18:25 - 000000000 ____D C:\Users\jacad\OneDrive\Documents\Office Pro plus 2019 + Dropbox 2022-08-17 15:55 - 2021-02-24 19:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-17 15:42 - 2018-08-22 09:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-08-17 15:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-08-17 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-08-17 15:29 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-08-17 15:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-08-17 15:18 - 2018-08-07 11:26 - 000000000 ____D C:\ProgramData\Packages 2022-08-17 14:59 - 2021-05-09 00:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-08-17 14:57 - 2017-06-26 16:16 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-08-17 10:16 - 2021-09-18 17:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-17 10:15 - 2018-08-22 09:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-17 08:44 - 2021-05-09 00:12 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-17 08:44 - 2021-05-09 00:12 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-17 08:27 - 2021-05-08 16:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-08-17 08:20 - 2017-06-26 18:28 - 000001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2022-08-17 08:20 - 2017-06-26 18:28 - 000001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2022-08-16 15:44 - 2021-09-23 17:44 - 000000000 ___RD C:\Users\jacad\OneDrive\Documents\Fichiers Outlook 2022-08-16 14:26 - 2021-05-08 23:41 - 000000000 ____D C:\Users\jacad 2022-08-16 14:18 - 2021-05-08 17:45 - 000002444 _____ C:\Users\jacad\Desktop\Outlook.lnk 2022-08-16 13:31 - 2021-05-09 00:12 - 000004276 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2022-08-16 13:31 - 2021-05-09 00:12 - 000004044 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore ==================== SigCheckExt ========================= 2016-02-17 17:24 - 2009-12-08 17:19 - 000290304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrfxDA5c.dll 2016-02-17 17:24 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll 2016-02-17 17:24 - 2010-09-23 10:13 - 000051712 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll 2016-02-17 17:24 - 2005-04-22 06:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll 2016-02-17 17:24 - 2010-09-23 10:14 - 000058880 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll 2016-08-04 17:41 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2016-02-17 17:24 - 2012-03-19 06:09 - 000316928 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll 2018-08-06 16:58 - 2019-04-12 17:23 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll 2019-07-29 18:15 - 2019-07-29 18:15 - 000719817 _____ C:\WINDOWS\unins000.exe 2016-02-17 17:24 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2016-02-17 17:24 - 2007-12-13 23:16 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2016-02-17 17:24 - 2012-07-09 17:19 - 000005120 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2015-10-30 09:19 - 2016-10-15 07:17 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 09:19 - 2016-10-15 07:17 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2016-02-17 17:24 - 2012-03-19 13:09 - 000245760 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2017-08-13 08:49 - 2017-08-13 08:49 - 000248120 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll 2022-08-19 15:37 - 2022-08-19 15:37 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64(1).exe 2022-08-19 15:34 - 2022-08-19 15:35 - 002371072 _____ (Farbar) C:\Users\jacad\Downloads\FRST64.exe 2022-08-17 10:22 - 2022-08-17 10:22 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(1).exe 2022-08-18 18:01 - 2022-08-18 18:01 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(2).exe 2022-08-19 06:55 - 2022-08-19 06:55 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite(3).exe 2022-08-17 10:21 - 2022-08-17 10:21 - 003490504 _____ (Nicolas Coolman) C:\Users\jacad\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {821777d2-b04d-11eb-a71f-bfdd0650928f} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Chargeur de d‚marrage Windows ----------------------------- identificateur {6c0d9a66-b045-11eb-96a1-cbce44dc7980} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6c0d9a67-b045-11eb-96a1-cbce44dc7980} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{6c0d9a67-b045-11eb-96a1-cbce44dc7980} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {6c0d9a66-b045-11eb-96a1-cbce44dc7980} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {821777d2-b04d-11eb-a71f-bfdd0650928f} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {821777d2-b04d-11eb-a71f-bfdd0650928f} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {6c0d9a66-b045-11eb-96a1-cbce44dc7980} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {6c0d9a67-b045-11eb-96a1-cbce44dc7980} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================