Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023 Exécuté par Céline et Stéphane (administrateur) sur CÉLINE (SAMSUNG ELECTRONICS CO., LTD. 350V5C/350V5X/350V4C/350V4X/351V5C/351V5X/351V4C/351V4X/3540VC/3540VX/3440VC/3440VX) (27-09-2023 19:04:22) Exécuté depuis C:\Users\Céline et Stéphane\Desktop\FRST64.exe Profils chargés: Céline et Stéphane Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe (C:\Users\Céline et Stéphane\AppData\Local\Facebook\Games\FacebookGameroom.exe ->) (Facebook, Inc. -> The CefSharp Authors) [Fichier non signé] C:\Users\Céline et Stéphane\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe (explorer.exe ->) (Facebook, Inc. -> Facebook) [Fichier non signé] C:\Users\Céline et Stéphane\AppData\Local\Facebook\Games\FacebookGameroom.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe (svchost.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros -> Qualcomm Atheros) [Fichier non signé] HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-02-21] (Samsung Electronics CO., LTD. -> Samsung Electronics) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-25] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel® Services Manager -> Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\...\Run: [HP OfficeJet Pro 8720 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [120200 2016-02-26] (pdfforge GmbH -> pdfforge GmbH) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.149\Installer\chrmstp.exe [2023-09-20] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> "C:\Program Files (x86)\AVG\Browser\Application\74.0.791.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-10-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-10-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] Startup: C:\Users\Céline et Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-02-06] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\Céline et Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-12-07] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Céline et Stéphane\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {E0871293-2A77-445E-BE00-5BE75FC4F42D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.) Task: {860A1686-DE79-40E7-B4EE-CE0D7597AEFB} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-celine.schuhmann@outlook.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {0AE63197-2A98-40E0-B478-6947F025A732} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-25] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {98796A4E-17F7-4064-85DF-493623328B72} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-25] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {ADA253C6-E098-4656-83C4-7BE70AD96548} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (Pas de fichier) Task: {78EE8684-00E3-4BBC-A9F6-3C06A1DB4BE9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A19A9FB3-8FE0-490D-A95F-7D5D721959BD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fa6f6062-6c1d-4d78-ae9a-317489cf52b1" --version "6.16.10662" --silent Task: {FDD2CB65-3CE3-48FA-99AA-7D84070924F2} - System32\Tasks\CCleanerSkipUAC - Céline et Stéphane => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {5FD4FD5F-6903-4502-B163-8D041C0868D7} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2830974330-3213038589-3334289725-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-29] (Microsoft Windows -> Microsoft) Task: {B0B3A766-1EC5-44CD-8BAF-54003CF3FFBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {C4586E0F-F8E0-42D7-827E-CD2203025933} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.) Task: {DA475B85-4D92-4B0E-A0E0-7984BDCB8DD3} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {AB3B0AC9-A30B-4081-816C-3B5FB0CCABA5} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8720 => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.) Task: {999FF4A7-679D-407A-895E-0A93B35DC1F9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {E7FE3FE6-BBD1-48BD-A439-46FAB45D1809} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {A181EB2C-B033-4DF5-B52C-92628A4F4681} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {EFC7356F-73D7-472E-B46A-62C56364039A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973768 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {D61ACF13-7A52-42BD-AE7C-55B0A59D2E4A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1142320 2023-09-20] (Microsoft Corporation -> Microsoft Corporation) Task: {F3823F86-801D-4EEE-9058-73CF47E7C7CD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {21614B8C-0BD2-434D-8632-DFEDA1364C7A} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [3148800 2015-08-18] (Samsung Electronics CO., LTD.) [Fichier non signé] Task: {A8C89B3D-C3FA-40C5-9C1F-92D29B62AF1D} - System32\Tasks\WLANStartup => "%programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe" (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{F811A574-8392-4A1E-B776-9B8BA0CCDD6F}: [DhcpNameServer] 192.168.0.254 Edge: ======= Edge Profile: C:\Users\Céline et Stéphane\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-27] FireFox: ======== FF DefaultProfile: 3w5anm5p.default FF ProfilePath: C:\Users\Céline et Stéphane\AppData\Roaming\TomTom\HOME\Profiles\924dqnqg.default [2015-06-23] FF ProfilePath: C:\Users\Céline et Stéphane\AppData\Roaming\Mozilla\Firefox\Profiles\3w5anm5p.default [2023-09-27] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: samsung.com/AllSharePlayPCPlugin -> C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll [2013-02-21] (Samsung) [Fichier non signé] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Céline et Stéphane\AppData\Local\Google\Chrome\User Data\Default [2023-09-27] CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Céline et Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-26] CHR Extension: (Google Docs hors connexion) - C:\Users\Céline et Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Céline et Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-20] CHR HKLM\...\Chrome\Extension: [Ìÿ] - CHR HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [Ìÿ] - CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [Ìÿ] - ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-25] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung Electronics CO., LTD. -> Samsung) R2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-02-21] (Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054128 2023-08-16] (Microsoft Corporation -> Microsoft Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-09-26] (Malwarebytes Inc. -> Malwarebytes) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [Fichier non signé] S2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-02-09] (Adlice -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-27 19:03 - 2023-09-27 19:03 - 000000000 ____D C:\Users\Céline et Stéphane\Desktop\FRST-OlderVersion 2023-09-27 18:34 - 2023-09-27 18:34 - 000248636 _____ C:\Users\Céline et Stéphane\Desktop\ZHPDiag.html 2023-09-27 16:57 - 2023-09-27 16:57 - 000000000 ___RD C:\Users\Céline et Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2023-09-27 16:55 - 2023-09-27 16:55 - 000010472 _____ C:\Users\Céline et Stéphane\Documents\ZHPCleaner.txt 2023-09-27 15:56 - 2023-09-27 15:56 - 000010469 _____ C:\Users\Céline et Stéphane\Desktop\ZHPCleaner (R).txt 2023-09-27 09:49 - 2023-09-27 09:49 - 000001754 _____ C:\Users\Céline et Stéphane\Desktop\MBAM.txt 2023-09-26 20:29 - 2023-09-26 20:29 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-09-26 20:29 - 2023-09-26 20:29 - 000002206 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-09-26 20:28 - 2023-09-26 20:28 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-09-26 20:28 - 2023-09-26 20:28 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-09-26 19:46 - 2023-09-27 16:54 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\Malwarebytes 2023-09-26 19:46 - 2023-09-26 19:46 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-09-26 19:46 - 2023-09-26 19:46 - 000001964 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-09-26 19:42 - 2023-09-26 19:43 - 000000000 ____D C:\Program Files\Malwarebytes 2023-09-26 19:40 - 2023-09-26 19:40 - 002606880 _____ (Malwarebytes) C:\Users\Céline et Stéphane\Desktop\MBSetup.exe 2023-09-26 19:39 - 2023-09-26 19:39 - 000003659 _____ C:\Users\Céline et Stéphane\Desktop\AdwCleaner[C00].txt 2023-09-26 19:31 - 2023-09-26 19:36 - 000000000 ____D C:\AdwCleaner 2023-09-26 19:30 - 2023-09-26 19:30 - 008791352 _____ (Malwarebytes) C:\Users\Céline et Stéphane\Desktop\adwcleaner_8.4.0.exe 2023-09-26 19:23 - 2023-09-27 15:11 - 000010559 _____ C:\Users\Céline et Stéphane\Desktop\ZHPCleaner (S).txt 2023-09-26 18:54 - 2023-09-26 18:55 - 003343008 _____ (Nicolas Coolman) C:\Users\Céline et Stéphane\Desktop\ZHPCleaner (1).exe 2023-09-25 15:54 - 2023-09-25 15:54 - 000000000 ____D C:\Users\Céline et Stéphane\Documents\Modèles Office personnalisés 2023-09-25 15:20 - 2023-09-25 15:20 - 000048622 _____ C:\Users\Céline et Stéphane\Desktop\Shortcut.txt 2023-09-25 15:12 - 2023-09-25 15:20 - 000065596 _____ C:\Users\Céline et Stéphane\Desktop\Addition.txt 2023-09-25 15:04 - 2023-09-27 19:05 - 000028028 _____ C:\Users\Céline et Stéphane\Desktop\FRST.txt 2023-09-25 15:04 - 2023-09-27 19:05 - 000000000 ____D C:\FRST 2023-09-25 15:00 - 2023-09-27 19:03 - 002382848 _____ (Farbar) C:\Users\Céline et Stéphane\Desktop\FRST64.exe 2023-09-25 14:50 - 2023-09-27 18:34 - 000195870 _____ C:\Users\Céline et Stéphane\Desktop\ZHPDiag.txt 2023-09-25 14:36 - 2023-09-25 14:36 - 000000877 _____ C:\Users\Céline et Stéphane\Desktop\ZHPSuite.lnk 2023-09-25 14:34 - 2023-09-25 14:34 - 003511456 _____ (Nicolas Coolman) C:\Users\Céline et Stéphane\Desktop\ZHPSuite.exe 2023-09-20 17:07 - 2023-09-20 17:07 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Roaming\com.adobe.dunamis 2023-09-20 17:07 - 2023-09-20 17:07 - 000000000 ____D C:\Users\Céline et Stéphane\.ms-ad 2023-09-20 15:36 - 2023-09-20 15:37 - 001373744 _____ (Google LLC) C:\Users\Céline et Stéphane\Downloads\ChromeSetup.exe 2023-09-20 09:37 - 2023-09-20 09:37 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-09-20 09:11 - 2023-09-20 09:11 - 000003402 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 2023-09-20 09:10 - 2023-09-27 17:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2023-09-20 09:10 - 2023-09-20 09:11 - 000003434 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2023-09-20 09:00 - 2023-09-27 09:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-09-20 09:00 - 2023-09-20 09:00 - 000003354 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-09-20 09:00 - 2023-09-20 09:00 - 000002830 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Céline et Stéphane 2023-09-20 08:55 - 2023-09-20 08:55 - 000002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2023-09-20 08:55 - 2023-09-20 08:55 - 000002184 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2023-09-20 08:55 - 2023-09-20 08:55 - 000000000 ____D C:\Program Files\Google ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-27 18:52 - 2013-04-18 10:28 - 000000000 ____D C:\Program Files (x86)\Google 2023-09-27 18:35 - 2013-11-04 23:23 - 000000000 __RDO C:\Users\Céline et Stéphane\SkyDrive 2023-09-27 18:34 - 2019-02-07 18:44 - 000000135 _____ C:\Users\Céline 2023-09-27 18:34 - 2017-09-07 18:34 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Roaming\ZHP 2023-09-27 17:48 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2023-09-27 16:56 - 2014-03-13 11:26 - 000000000 ____D C:\Program Files\CCleaner 2023-09-27 16:45 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-09-27 16:44 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI 2023-09-27 16:40 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-09-27 16:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-09-27 13:38 - 2013-09-30 06:16 - 000005872 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-09-27 13:38 - 2013-09-30 05:56 - 000167136 _____ C:\WINDOWS\system32\perfh00C.dat 2023-09-27 13:38 - 2013-09-30 05:56 - 000042268 _____ C:\WINDOWS\system32\perfc00C.dat 2023-09-27 13:37 - 2013-10-30 14:19 - 000003980 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{62036447-2800-4EFE-A8F4-5921B6B06CAA} 2023-09-27 02:00 - 2013-04-18 11:00 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\Adobe 2023-09-26 22:03 - 2013-04-18 10:05 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2830974330-3213038589-3334289725-1001 2023-09-26 21:16 - 2013-04-18 09:57 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\CrashDumps 2023-09-26 20:26 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2023-09-26 20:22 - 2015-11-07 12:56 - 000000000 ____D C:\ProgramData\Avg 2023-09-26 20:22 - 2013-08-22 16:44 - 000500136 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-09-26 20:21 - 2015-11-08 22:47 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Roaming\AVG 2023-09-26 20:21 - 2014-11-26 10:26 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\Avg 2023-09-26 20:21 - 2014-05-04 22:37 - 000000000 ____D C:\Program Files (x86)\AVG 2023-09-26 20:09 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2023-09-26 20:08 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-09-26 20:08 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender 2023-09-26 20:08 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System 2023-09-26 20:08 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-09-26 20:07 - 2015-01-03 12:15 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-09-26 20:07 - 2014-07-09 17:00 - 000000000 ___SD C:\WINDOWS\system32\CompatTel 2023-09-26 20:07 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup 2023-09-26 20:07 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-09-26 20:07 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-09-26 20:07 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-09-26 19:43 - 2014-12-30 11:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-09-26 19:36 - 2012-11-26 08:05 - 000000000 ____D C:\ProgramData\SAMSUNG 2023-09-26 19:36 - 2012-11-26 07:05 - 000000000 ____D C:\Program Files\Samsung 2023-09-26 19:36 - 2012-11-26 07:05 - 000000000 ____D C:\Program Files (x86)\Samsung 2023-09-26 18:36 - 2019-02-06 11:04 - 000000000 ____D C:\ProgramData\GlarySoft 2023-09-26 18:36 - 2019-02-06 10:58 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Roaming\GlarySoft 2023-09-26 18:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2023-09-26 18:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2023-09-26 12:29 - 2019-02-05 17:46 - 000000000 ____D C:\Users\Céline et Stéphane\Desktop\Livre 2023-09-26 12:29 - 2013-04-20 18:41 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Roaming\Microsoft\Word 2023-09-26 12:16 - 2013-04-18 09:56 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\Packages 2023-09-26 12:05 - 2013-08-20 10:35 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-09-26 11:55 - 2015-07-16 20:29 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-09-25 14:57 - 2014-04-28 10:05 - 005185024 ___SH C:\Users\Céline et Stéphane\Desktop\Thumbs.db 2023-09-25 14:36 - 2017-09-07 18:34 - 000000000 ____D C:\Users\Céline et Stéphane\AppData\Local\ZHP 2023-09-20 18:50 - 2014-04-09 13:04 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2023-09-20 18:49 - 2014-04-09 13:04 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2023-09-20 18:48 - 2014-04-18 16:59 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2023-09-20 17:07 - 2013-10-29 22:29 - 000000000 ____D C:\Users\Céline et Stéphane 2023-09-20 09:39 - 2015-11-05 11:38 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-09-20 08:47 - 2019-03-28 12:23 - 000003798 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-09-20 08:47 - 2019-03-28 12:23 - 000003670 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-09-20 08:39 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-09-20 08:34 - 2014-11-06 14:19 - 000000000 ____D C:\Program Files\Microsoft Office 15 ==================== Fichiers à la racine de certains dossiers ======== 2019-02-09 16:12 - 2019-02-09 16:12 - 003308928 _____ () C:\Users\Céline et Stéphane\ZHPCleaner.exe 2014-11-25 12:42 - 2014-12-18 20:43 - 000000187 _____ () C:\Users\Céline et Stéphane\AppData\Roaming\WB.CFG 2014-08-06 13:15 - 2016-03-07 01:17 - 000006656 _____ () C:\Users\Céline et Stéphane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-28 12:44 - 2014-12-17 20:42 - 000000001 _____ () C:\Users\Céline et Stéphane\AppData\Local\DSI.DAT 2013-04-25 18:15 - 2013-04-25 18:15 - 000004096 ____H () C:\Users\Céline et Stéphane\AppData\Local\keyfile3.drm ==================== SigCheckExt ========================= 2006-12-01 23:37 - 2006-12-01 23:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll 2012-10-31 13:57 - 2012-10-31 13:57 - 000361600 _____ (Qualcomm Atheros Commnucations) C:\WINDOWS\system32\AthCredentialProvider.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000049152 _____ C:\WINDOWS\system32\boost_date_time-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000158720 _____ C:\WINDOWS\system32\boost_filesystem-vc90-mt-1_47.dll 2012-08-21 11:27 - 2012-08-21 11:27 - 000918016 _____ C:\WINDOWS\system32\boost_regex-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000299520 _____ C:\WINDOWS\system32\boost_serialization-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000016896 _____ C:\WINDOWS\system32\boost_system-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000058880 _____ C:\WINDOWS\system32\boost_thread-vc90-mt-1_47.dll 2012-10-05 17:27 - 2012-10-05 17:27 - 000905216 _____ C:\WINDOWS\system32\ContentDirectoryPresenter64.dll 2012-08-21 19:06 - 2012-08-21 19:06 - 000030720 _____ C:\WINDOWS\system32\MediaDB64.dll 2012-01-23 06:15 - 2012-01-23 06:15 - 000122880 _____ (Multicore Ware) C:\WINDOWS\system32\SlotMaximizerAg.dll 2012-01-23 06:15 - 2012-01-23 06:15 - 002478592 _____ (Multicore Ware) C:\WINDOWS\system32\SlotMaximizerBe.dll 2012-11-26 08:28 - 2012-08-06 07:14 - 001731072 _____ (Samsung Electronics) C:\WINDOWS\MSetCaller.exe 2013-07-08 15:42 - 2011-09-29 15:20 - 001986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudFile.dll 2013-07-08 15:42 - 2011-09-29 15:20 - 001212416 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioInfos.dll 2013-07-08 15:42 - 2011-09-29 15:20 - 000458752 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudPlayer.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000038912 _____ C:\WINDOWS\SysWOW64\boost_date_time-vc90-mt-1_47.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 000130048 _____ C:\WINDOWS\SysWOW64\boost_filesystem-vc90-mt-1_47.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 000704000 _____ C:\WINDOWS\SysWOW64\boost_regex-vc90-mt-1_47.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 000227840 _____ C:\WINDOWS\SysWOW64\boost_serialization-vc90-mt-1_47.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 000012800 _____ C:\WINDOWS\SysWOW64\boost_system-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 000046592 _____ C:\WINDOWS\SysWOW64\boost_thread-vc90-mt-1_47.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 2013-07-08 15:42 - 2011-09-29 15:19 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2012-10-05 17:27 - 2012-10-05 17:27 - 000704000 _____ C:\WINDOWS\SysWOW64\ContentDirectoryPresenter.dll 2012-11-26 07:55 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2013-07-08 15:42 - 2011-09-29 15:19 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetfr.DLL 2013-04-18 19:06 - 2013-04-18 19:06 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2012-04-20 06:59 - 2012-04-20 06:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2013-04-18 19:06 - 2013-04-18 19:06 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 000025600 _____ C:\WINDOWS\SysWOW64\MediaDB.dll 1999-03-15 12:52 - 1999-03-15 12:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42FRA.DLL 2013-04-18 19:06 - 2013-04-18 19:06 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 1999-04-06 17:06 - 1999-04-06 17:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPRPFR.DLL 2000-05-11 13:06 - 2000-05-11 13:06 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL 2000-05-24 06:45 - 2000-05-24 06:45 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 1998-08-09 19:07 - 1998-08-09 19:07 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL 2012-11-26 08:13 - 2012-11-26 08:13 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2006-04-19 07:00 - 2006-04-19 07:00 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2005-12-09 07:30 - 2005-12-09 07:30 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll 2013-04-18 19:06 - 2013-04-18 19:06 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe 2013-04-18 19:06 - 2013-04-18 19:06 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll 2000-04-03 17:52 - 2000-04-03 17:52 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL 2013-09-20 12:54 - 2013-07-18 14:33 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2012-01-23 06:29 - 2012-01-23 06:29 - 000122880 _____ (Multicore Ware) C:\WINDOWS\SysWOW64\SlotMaximizerAg.dll 2012-01-23 06:29 - 2012-01-23 06:29 - 002478592 _____ (Multicore Ware) C:\WINDOWS\SysWOW64\SlotMaximizerBe.dll 2014-05-11 21:01 - 2010-08-30 08:34 - 000536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2013-07-08 15:42 - 2011-09-29 15:19 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL 2013-07-08 15:42 - 2011-09-29 15:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2013-07-08 15:42 - 2011-09-29 15:20 - 000348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\WMAFile.dll 2012-11-26 08:09 - 2012-09-05 09:50 - 000008072 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\wmof64.dll 2012-11-26 08:09 - 2012-09-05 09:50 - 000024968 _____ (Samsung Electronics Co. Ltd.) C:\WINDOWS\SysWOW64\wsabi.dll 2009-10-06 09:16 - 2009-10-06 09:16 - 000819200 _____ C:\WINDOWS\SysWOW64\xvidcore.dll 2013-04-18 11:33 - 2013-02-21 16:59 - 002063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe 2019-02-09 16:12 - 2019-02-09 16:12 - 003308928 _____ C:\Users\Céline et Stéphane\ZHPCleaner.exe 2023-09-25 15:00 - 2023-09-27 19:03 - 002382848 _____ (Farbar) C:\Users\Céline et Stéphane\Desktop\FRST64.exe 2023-09-26 18:54 - 2023-09-26 18:55 - 003343008 _____ (Nicolas Coolman) C:\Users\Céline et Stéphane\Desktop\ZHPCleaner (1).exe 2019-02-13 16:55 - 2019-02-13 16:54 - 003310464 _____ C:\Users\Céline et Stéphane\Desktop\ZHPCleaner.exe 2023-09-25 14:34 - 2023-09-25 14:34 - 003511456 _____ (Nicolas Coolman) C:\Users\Céline et Stéphane\Desktop\ZHPSuite.exe 2018-11-20 13:45 - 2018-11-20 13:54 - 132955891 _____ C:\Users\Céline et Stéphane\Downloads\Apache_OpenOffice_4.1.6_Win_x86_install_fr.exe 2014-04-03 17:50 - 2014-04-03 17:50 - 008697544 _____ (Georgy Berdyshev) C:\Users\Céline et Stéphane\Downloads\CDex-win32-1.70-b4-2009.exe 2019-03-20 01:06 - 2019-03-20 01:06 - 026429142 _____ C:\Users\Céline et Stéphane\Downloads\free-devis-factures.exe 2016-09-29 12:46 - 2016-09-29 12:46 - 005202180 _____ C:\Users\Céline et Stéphane\Downloads\pf7-setup-fr-7.2.1.exe 2019-01-17 14:15 - 2019-01-17 14:16 - 055582032 _____ (Literature and Latte) C:\Users\Céline et Stéphane\Downloads\Scrivener-installer.exe 2019-02-13 16:54 - 2019-02-13 16:54 - 003310464 _____ C:\Users\Céline et Stéphane\Downloads\ZHPCleaner.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {92fce250-d031-11ea-bf38-806e6f6e6963} {92fce251-d031-11ea-bf38-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} integrityservices Enable default {current} resumeobject {695783ba-3819-11e2-9cc1-b888e360e44f} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {92fce250-d031-11ea-bf38-806e6f6e6963} description UEFI: IP4 Realtek PCIe GBE Family Controller Application logicielle (101fffff) -------------------------------- identificateur {92fce251-d031-11ea-bf38-806e6f6e6963} description UEFI: IP6 Realtek PCIe GBE Family Controller Chargeur de démarrage Windows ----------------------------- identificateur {695783b7-3819-11e2-9cc1-b888e360e44f} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{695783b8-3819-11e2-9cc1-b888e360e44f} path \windows\system32\winload.efi description Windows Recovery Environment locale en-gb inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{695783b8-3819-11e2-9cc1-b888e360e44f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {695783bc-3819-11e2-9cc1-b888e360e44f} integrityservices Enable recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {695783ba-3819-11e2-9cc1-b888e360e44f} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {695783bc-3819-11e2-9cc1-b888e360e44f} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{695783bd-3819-11e2-9cc1-b888e360e44f} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{695783bd-3819-11e2-9cc1-b888e360e44f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {695783b3-3819-11e2-9cc1-b888e360e44f} device partition=C: path \windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {695783b7-3819-11e2-9cc1-b888e360e44f} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {695783ba-3819-11e2-9cc1-b888e360e44f} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {695783bc-3819-11e2-9cc1-b888e360e44f} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} badmemorylist 0x10007 Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {695783b8-3819-11e2-9cc1-b888e360e44f} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de périphérique ----------------------- identificateur {695783b9-3819-11e2-9cc1-b888e360e44f} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de périphérique ----------------------- identificateur {695783bd-3819-11e2-9cc1-b888e360e44f} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2023-09-27 17:08 ==================== Fin de FRST.txt ========================