Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2022 Exécuté par Sandrine (administrateur) sur SANDRINE-PC (HP-Pavilion RY922AA-ABF s3040.fr) (31-12-2022 13:26:48) Exécuté depuis C:\Users\Sandrine\Downloads Profils chargés: Sandrine Plate-forme: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksdeui.exe (explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe <2> (explorer.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\vkise.exe (explorer.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe <17> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (IObit CO., LTD -> IObit) C:\Program Files\IObit\Driver Booster\10.1.0\Pub\PubPlatform.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\Internet Security Essentials\isesrv.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe (taskeng.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [18296096 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3527630875-1213178696-848893664-1000\...\Run: [CCleanerBrowserAutoLaunch_FEADC1B1F85D0A69178DA670B9DF0B89] => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Windows NT x86\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppwn7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [28552 2007-04-09] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 3630 series): C:\Windows\system32\HPDiscoPME311.dll [658848 2019-03-19] (HP Inc -> HP Inc.) HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [314880 2019-03-15] (HP Inc -> HP Inc.) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\Windows\system32\hpzllwn7.dll [37888 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company) HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\Windows\system32\mdimon.dll [28040 2007-04-09] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\108.0.19666.127\Installer\chrmstp.exe [2022-12-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-09] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0CB678F8-29B2-445E-972E-65F37C5706BC} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {1556A33E-407B-48DB-8932-70981258A508} - System32\Tasks\CCleanerSkipUAC - Sandrine => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {16D29A24-EC04-47B9-83C4-A6F9DE69FE2F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {3C241A63-F1EA-4818-9435-550BC61567E8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [10899264 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {5777B1AA-EEAF-49B9-B509-508A4AA57743} - System32\Tasks\Driver Booster SkipUAC (Sandrine) => C:\Program Files\IObit\Driver Booster\10.1.0\DriverBooster.exe [9001448 2022-11-21] (IObit CO., LTD -> IObit) Task: {5C108BB4-457F-4D1B-9CBD-D90FF63575BB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4208464 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d7e717e0-bb9a-414a-b4a3-63aa3eee3f98" --version "6.07.10191" --silent Task: {61566206-45C7-4FC1-B8D8-D471261B94F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform) Task: {6787C61E-8BBD-4461-B84B-ABA4951DFBBF} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {7A69102D-AE00-4571-B356-BBE22F08CAAA} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {8A866512-6751-47DB-9175-9C4E18455E2F} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\10.1.0\AutoUpdate.exe [2516968 2022-11-14] (IObit CO., LTD -> IObit) Task: {90DE3AA2-DDEE-4A8B-AB2E-29580CCB6095} - System32\Tasks\Opera scheduled Autoupdate 1639491446 => C:\Users\Sandrine\AppData\Local\Programs\Opera\launcher.exe [1962440 2022-12-20] (Opera Norway AS -> Opera Software) Task: {9987E2FF-17BA-45B5-BBF8-FF381507AF7C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {BB9C6134-6787-49A0-9A7F-24504DA5BC3D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {C07B7777-C063-443A-A96E-956573147FDD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {C0D77605-8D9E-4514-9EA8-C938A0D78290} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2550648 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {D038C985-822A-405F-9D66-521F669E2F84} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4769920 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {D0846659-9DCF-414B-97A3-1D01CF5C471C} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [4422560 2019-03-19] (HP Inc -> HP Inc.) Task: {D2A518B5-8E02-4131-B3EB-5B1D577A2E4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {FF6928AD-33B7-473A-9D89-B77BCD0DF990} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\10.1.0\Scheduler.exe [157784 2022-10-26] (IObit CO., LTD -> IObit) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1B244CEC-815C-4657-A33A-344BF13E8489}: [NameServer] 198.51.100.1,198.51.100.2 Tcpip\..\Interfaces\{4F7D1A70-A489-460A-B67A-B00BB27BB1D7}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\Sandrine\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-19] Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default [2022-12-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Sandrine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-18] Opera: ======= OPR Profile: C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable [2022-12-31] OPR Notifications: Opera Stable -> hxxps://fr.mail.yahoo.com; hxxps://www.aufeminin.com; hxxps://www.femmeactuelle.fr; hxxps://www.instagram.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-21] OPR Extension: (Opera Wallet) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-21] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-14] OPR Extension: (Old Layout for Facebook) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\klgiknehmpglcgkibdodkmjbliggfkch [2022-08-08] OPR Extension: (Google Traduction) - C:\Users\Sandrine\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2022-12-21] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\108.0.19666.127\elevation_service.exe [1473184 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [9017152 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2001512 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé] S3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé] S3 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [Fichier non signé] S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) R2 KSDE5.8; C:\Program Files\Kaspersky Lab\Kaspersky VPN 5.8\ksde.exe [32008 2022-10-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Fichier non signé] S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [229432 2022-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [99240 2019-10-14] (Alcorlink Corp. -> ) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [25432 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [668488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40440 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [53032 2022-10-13] (AnchorFree Inc -> The OpenVPN Project) S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] (Logitech Inc -> ) S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc -> Logitech Inc.) S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc -> Logitech Inc.) S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc -> Logitech Inc.) S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [573440 2009-08-22] (Realtek Semiconductor Corporation) [Fichier non signé] S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-31 13:26 - 2022-12-31 13:29 - 000018089 _____ C:\Users\Sandrine\Downloads\FRST.txt 2022-12-31 13:25 - 2022-12-31 13:27 - 000000000 ____D C:\FRST 2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe 2022-12-31 13:19 - 2022-12-31 13:19 - 000245122 _____ C:\Users\Sandrine\Desktop\ZHPDiag.txt 2022-12-31 12:54 - 2022-12-31 12:54 - 000000000 ____D C:\Users\Sandrine\AppData\Local\ZHP 2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe 2022-12-23 09:04 - 2022-12-23 09:05 - 000125731 _____ C:\Users\Sandrine\Downloads\claude binet.jpeg 2022-12-21 10:40 - 2022-12-21 10:41 - 007930294 _____ C:\Users\Sandrine\Downloads\cheveux-11-12-2022-01-2023.pdf 2022-12-20 18:55 - 2022-12-20 18:55 - 000055633 _____ C:\Users\Sandrine\Downloads\ob_fe8537_nativite.jpeg 2022-12-20 18:44 - 2022-12-20 18:44 - 000102443 _____ C:\Users\Sandrine\Downloads\end-neuvaine-de-noel-1.pdf 2022-12-13 18:42 - 2022-12-13 18:42 - 000185671 _____ C:\Users\Sandrine\Downloads\transits planétaires 2 roland legrand.jpeg 2022-12-13 18:41 - 2022-12-13 18:42 - 000177282 _____ C:\Users\Sandrine\Downloads\transits planétaires roland legrand.jpeg 2022-12-12 16:31 - 2022-12-12 16:31 - 000042653 _____ C:\Users\Sandrine\Downloads\invoice-58699-63974945540ea.pdf 2022-12-11 18:13 - 2022-12-11 18:14 - 001368253 _____ C:\Users\Sandrine\Downloads\medecine-integree.com-Inscrivez vous à notre newsletter .pdf 2022-12-09 17:47 - 2022-12-09 17:47 - 000000923 _____ C:\Users\Sandrine\Documents\sablés des chats bredels.txt 2022-12-02 08:53 - 2022-12-02 08:53 - 000048173 _____ C:\Users\Sandrine\Downloads\Vinted-FR-S612956646.pdf 2022-12-02 08:48 - 2022-12-02 08:50 - 000048173 _____ C:\Users\Sandrine\Downloads\Bordereau-Vinted-4771299968.pdf 2022-12-01 16:11 - 2022-12-01 16:11 - 000100434 _____ C:\Users\Sandrine\Downloads\l'ancre et carte 34 alexandre.jpeg 2022-12-01 16:10 - 2022-12-01 16:10 - 000111721 _____ C:\Users\Sandrine\Downloads\le coeur et l'anneau alexandre.jpeg 2022-12-01 16:09 - 2022-12-01 16:09 - 000114087 _____ C:\Users\Sandrine\Downloads\la faux et la verge Elvira.jpeg 2022-12-01 16:08 - 2022-12-01 16:08 - 000099671 _____ C:\Users\Sandrine\Downloads\le bouquet Elvira.jpeg 2022-11-27 18:22 - 2022-12-13 11:28 - 000000000 ____D C:\Users\Sandrine\Documents\Prophéties 2022-11-27 09:38 - 2022-12-21 09:34 - 000003202 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Sandrine) 2022-11-27 09:38 - 2022-12-21 09:34 - 000003102 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler 2022-11-27 09:38 - 2022-12-21 09:34 - 000003094 _____ C:\Windows\system32\Tasks\Driver Booster Update 2022-11-27 09:37 - 2022-11-27 09:38 - 000002249 _____ C:\Users\Public\Desktop\Driver Booster 10.lnk 2022-11-27 09:37 - 2022-11-27 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 10 2022-11-24 16:55 - 2022-11-24 16:55 - 000148009 _____ C:\Users\Sandrine\Downloads\8R44363850070.pdf 2022-11-24 11:20 - 2022-11-24 11:20 - 000391648 _____ C:\Users\Sandrine\Downloads\marie-julie-jahenny.pdf 2022-11-24 09:50 - 2022-11-24 09:50 - 001158389 _____ C:\Users\Sandrine\Downloads\Anges-_-Qui-etes-vous.pdf 2022-11-23 09:08 - 2022-11-23 09:10 - 000000000 ____D C:\Users\Sandrine\Documents\Tarot de Marseille 2022-11-14 20:09 - 2022-11-14 20:09 - 000263487 _____ C:\Users\Sandrine\Downloads\bon de réduction le petit basque.pdf 2022-11-11 16:43 - 2022-11-11 16:43 - 000105503 _____ C:\Users\Sandrine\Downloads\1667479770.jpeg 2022-11-10 09:22 - 2022-12-31 10:49 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2022-11-10 09:22 - 2022-12-15 14:40 - 000003364 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2022-11-08 17:21 - 2022-11-08 17:21 - 000001161 _____ C:\Users\Sandrine\Documents\parfaits cookies de Christophe Bau.txt 2022-11-06 11:58 - 2022-11-06 11:58 - 000126140 _____ C:\Users\Sandrine\Downloads\affiche Natacha Marilyn Monroe.jpeg 2022-11-01 09:18 - 2022-12-28 20:44 - 000000000 ____D C:\Users\Sandrine\Documents\Oracle Gé 2022-10-31 17:35 - 2022-10-31 17:35 - 000112800 _____ C:\Users\Sandrine\Downloads\cadrans-radiesthesie-pour-tout-le-monde.pdf 2022-10-30 13:31 - 2022-10-30 13:31 - 000029543 _____ C:\Users\Sandrine\Downloads\vocabulaire_anglais brittany ferry.pdf 2022-10-30 10:02 - 2022-10-30 10:05 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk 2022-10-30 10:02 - 2022-10-30 10:05 - 000001062 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk 2022-10-25 20:57 - 2022-12-31 13:08 - 000005234 _____ C:\Windows\system32\Drivers\fvstore.dat 2022-10-25 20:57 - 2022-10-25 20:57 - 000000000 ___HD C:\VTRoot 2022-10-14 18:48 - 2022-10-14 20:05 - 000001200 _____ C:\Users\Sandrine\Documents\Muffins légers avec un yaourt.txt 2022-10-13 14:08 - 2022-10-13 14:08 - 000053032 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\kltap.sys 2022-10-05 17:09 - 2022-10-05 17:10 - 000256064 _____ C:\Users\Sandrine\Downloads\sels de schuessler.pdf 2022-10-05 11:25 - 2022-12-19 18:12 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Telegram Desktop 2022-10-05 11:25 - 2022-10-05 11:25 - 000001007 _____ C:\Users\Sandrine\Desktop\Telegram.lnk 2022-10-05 11:25 - 2022-10-05 11:25 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2022-10-05 11:22 - 2022-10-05 11:24 - 033965464 _____ (Telegram FZ-LLC ) C:\Users\Sandrine\Downloads\tsetup.4.2.4.exe 2022-10-05 08:55 - 2022-10-05 08:55 - 000499891 _____ C:\Users\Sandrine\Downloads\Le programme de formation 2023-2024 (5).pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-31 13:30 - 2022-01-11 12:01 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat 2022-12-31 13:19 - 2016-05-11 10:43 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\ZHP 2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-12-31 10:54 - 2009-07-14 05:34 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-12-31 10:45 - 2022-09-15 10:08 - 000003446 _____ C:\Windows\system32\pubfreeware.ini 2022-12-31 10:30 - 2020-10-02 11:13 - 000000000 ____D C:\Program Files\CCleaner 2022-12-31 10:00 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-12-30 20:32 - 2015-10-11 17:48 - 000000000 ____D C:\Users\Sandrine\Documents\Astrologie 2022-12-28 20:46 - 2014-08-10 17:25 - 000000000 ____D C:\Users\Sandrine\Documents\Esotérisme 2022-12-23 11:37 - 2022-01-03 15:25 - 000004122 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1639491446 2022-12-22 10:10 - 2019-10-14 17:03 - 000000000 ____D C:\ProgramData\ProductData 2022-12-21 09:03 - 2022-04-14 09:42 - 000000000 ____D C:\Program Files\CCleaner Browser 2022-12-20 15:58 - 2022-08-08 18:39 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly) 2022-12-18 09:22 - 2014-08-10 16:38 - 000000000 ____D C:\Users\Sandrine\Documents\patisseries 2022-12-15 14:40 - 2021-12-15 10:24 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-12-13 17:38 - 2015-04-06 14:56 - 000000000 ____D C:\Users\Sandrine\AppData\Roaming\vlc 2022-12-13 14:43 - 2022-04-14 09:42 - 000003542 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA 2022-12-13 14:43 - 2022-04-14 09:42 - 000003414 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore 2022-12-13 11:28 - 2014-08-10 17:01 - 000000000 ____D C:\Users\Sandrine\Documents\cuisine 2022-12-08 10:29 - 2009-07-14 05:53 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Fichiers à la racine de certains dossiers ======== 2014-02-11 15:31 - 2014-02-11 15:31 - 000000043 _____ () C:\Users\Sandrine\AppData\Roaming\WB.CFG 2016-05-11 11:05 - 2016-05-15 19:15 - 000007601 _____ () C:\Users\Sandrine\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2013-12-17 03:15 - 2013-12-17 03:15 - 000019008 _____ (Un4seen Developments) C:\Windows\system32\basscd.dll 2013-12-17 03:15 - 2013-12-17 03:15 - 000025152 _____ (Un4seen Developments) C:\Windows\system32\bassflac.dll 2013-12-17 03:15 - 2013-12-17 03:15 - 000054328 _____ (Un4seen Developments) C:\Windows\system32\bassopus.dll 2013-12-17 03:15 - 2013-12-17 03:15 - 000025664 _____ (Un4seen Developments) C:\Windows\system32\basswv.dll 1998-07-12 22:00 - 1998-07-12 22:00 - 000028672 _____ (Microsoft Corporation ) C:\Windows\system32\Cmct3FR.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\CmDlgFR.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\DBLstFR.dll 2010-07-23 08:54 - 2010-07-23 08:54 - 000024576 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbmiapi.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000025600 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboid.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpboidps.dll 2010-07-23 08:54 - 2010-07-23 08:54 - 000041472 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbpro.dll 2010-07-23 08:54 - 2010-07-23 08:54 - 000007680 _____ (Hewlett-Packard Company) C:\Windows\system32\hpbprops.dll 2010-01-19 14:10 - 2010-01-19 14:10 - 000063488 _____ (Hewlett-Packard) C:\Windows\system32\HPBWSDR.DLL 2009-11-27 11:16 - 2009-11-27 11:16 - 000180224 _____ (hp) C:\Windows\system32\hplbddrv.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000050688 _____ (Hewlett-Packard) C:\Windows\system32\HPZidr12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000044032 _____ (Hewlett-Packard) C:\Windows\system32\HPZinw12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000053760 _____ (Hewlett-Packard) C:\Windows\system32\HPZipm12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000034816 _____ (Hewlett-Packard) C:\Windows\system32\HPZipr12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000029696 _____ (Hewlett-Packard) C:\Windows\system32\hpzipt12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000020480 _____ (Hewlett-Packard) C:\Windows\system32\hpzisn12.dll 2009-09-23 19:27 - 2009-09-23 19:27 - 000155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1930.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\InetFR.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\JETCOMP.exe 1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\MFC42FRA.DLL 2022-01-11 16:09 - 2022-01-11 16:09 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\MSCc2FR.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCmCFR.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msexch35.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000252688 _____ (Microsoft Corporation) C:\Windows\system32\msexcl35.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 001050896 _____ (Microsoft Corporation) C:\Windows\system32\msjet35.dll 2000-04-26 12:35 - 2000-04-26 12:35 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\msjint35.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 001238288 _____ (Microsoft Corporation) C:\Windows\system32\msjt4jlt.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000024848 _____ (Microsoft Corporation) C:\Windows\system32\msjter35.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000168720 _____ (Microsoft Corporation) C:\Windows\system32\msltus35.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\MSMskFR.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000250128 _____ (Microsoft Corporation) C:\Windows\system32\mspdox35.dll 1999-04-06 17:06 - 1999-04-06 17:06 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MSPRPFR.DLL 2000-04-26 12:34 - 2000-04-26 12:34 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x35.dll 2000-05-11 13:06 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\MSRDO20.DLL 2000-04-26 12:34 - 2000-04-26 12:34 - 000415504 _____ (Microsoft Corporation) C:\Windows\system32\msrepl35.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000044304 _____ (Microsoft Corporation) C:\Windows\system32\msrpfs35.dll 2000-04-03 19:05 - 2000-04-03 19:05 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll 1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\MSSTKPRP.DLL 2000-04-26 12:34 - 2000-04-26 12:34 - 000166672 _____ (Microsoft Corporation) C:\Windows\system32\mstext35.dll 2009-05-21 19:21 - 2009-05-21 19:21 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2009-05-21 17:57 - 2009-05-21 17:57 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll 2000-04-26 12:34 - 2000-04-26 12:34 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\msxbse35.dll 2009-05-14 06:22 - 2009-05-14 06:22 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\msxml4r.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\RchTxFR.dll 2000-04-03 17:52 - 2000-04-03 17:52 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\RDOCURS.DLL 1998-03-25 05:54 - 1998-03-25 05:54 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\SCP32.DLL 1998-06-17 23:00 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\Windows\system32\VB5DB.DLL 2000-10-01 22:00 - 2000-10-01 22:00 - 000119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL 1999-11-25 02:40 - 1999-11-25 02:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\VBAME.DLL 2000-04-26 12:34 - 2000-04-26 12:34 - 000368912 _____ (Microsoft Corporation) C:\Windows\system32\VBAR332.DLL 2022-01-06 13:40 - 2022-01-06 13:41 - 000836478 _____ (Philippe GEORGES ) C:\Users\Sandrine\Downloads\assetup.exe 2022-12-31 13:24 - 2022-12-31 13:25 - 002078720 _____ (Farbar) C:\Users\Sandrine\Downloads\FRST.exe 2022-03-18 12:38 - 2022-04-14 09:47 - 026411008 _____ C:\Users\Sandrine\Downloads\iobit-driver-booster_9-2-0-178_fr_430351.exe 2022-12-31 12:51 - 2022-12-31 12:52 - 003510472 _____ (Nicolas Coolman) C:\Users\Sandrine\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30} nx OptIn Chargeur de d‚marrage Windows ----------------------------- identificateur {3a68da5d-486a-11e2-bcc0-e6cd2df7fb30} device ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\Winre.wim,{3a68da5e-486a-11e2-bcc0-e6cd2df7fb30} systemroot \windows nx OptIn winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {3a68da5b-486a-11e2-bcc0-e6cd2df7fb30} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys pae Yes debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems Yes ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {3a68da5e-486a-11e2-bcc0-e6cd2df7fb30} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\3a68da5d-486a-11e2-bcc0-e6cd2df7fb30\boot.sdi LastRegBack: 2022-12-23 09:39 ==================== Fin de FRST.txt ========================