Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023 Exécuté par user (administrateur) sur DESKTOP-BBIGLHA (Hewlett-Packard HP ProBook 4530s) (11-10-2023 14:04:27) Exécuté depuis C:\Users\user\Desktop\FRST64(1).exe Profils chargés: user Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.2364 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (C:\Users\user\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\user\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15> (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Pioneer DJ Corporation -> Pioneer DJ Corporation.) C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\user\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxAccounts.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2308.3.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\UniConverter 14 for Windows\WSVCUUpdateHelper.exe (Pas de fichier) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1107094190-2299827454-724418502-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [44288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.150\Installer\chrmstp.exe [2023-10-09] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {BBB1DA3A-5BCC-4E4C-96D7-0A48464D9A0A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {D2BD3220-719C-4910-A810-A79C7E1F93A1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c664a6cf-2796-443a-ba91-08ff0a44cfda" --version "6.16.10662" --silent Task: {A57AC20E-C497-4F93-8149-78549EF0D52D} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {0EF531BC-A9EB-4134-A1F8-110ADBD1AE07} - System32\Tasks\ESTsoft RunAsStdUser 60498281Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.) Task: {21EFA7DF-A001-4582-8424-5DDF18ACDCD0} - System32\Tasks\ESTsoft RunAsStdUser 990102828Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [4292440 2010-04-21] (ESTsoft Corp. -> ESTsoft Corp.) Task: {7837B5F7-E379-4F79-9E6B-289D19CAF70F} - System32\Tasks\GoogleUpdateTaskMachineCore{53F3B2E1-3B56-4E9B-AFCA-03E5A1844BDF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC) Task: {24AF5AAF-2649-4CF8-AAD4-39451C0C6293} - System32\Tasks\GoogleUpdateTaskMachineUA{D3858A47-52F0-4A24-8049-AC2E01A24C81} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-03] (Google LLC -> Google LLC) Task: {45DD11FF-7009-45AC-A85C-9E27AD60D850} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {BC415869-922D-4C3E-8CDD-230129FE87E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2CE9C9E5-F4B2-477F-9E42-2AEF2AF9300C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {59BE712C-C5D3-4ABA-A75B-2161D269D26B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6DFA8F9B-1711-4CB3-8357-ADB48E490B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2A4FC640-B585-48A2-8406-BACD012AF038} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-11] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {1E9033C0-BE60-4013-987C-399A6CC47104} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-11] (Mozilla Corporation -> Mozilla Foundation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{148f463d-9f0a-487d-9166-6403ad302327}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{4aaae619-3444-477e-97cd-cb971bf86e91}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-11] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-10-06] Edge Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29] Edge Extension: (Edge relevant text changes) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-21] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF DefaultProfile: iz4j2vb2.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\iz4j2vb2.default [2022-03-02] FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release [2023-10-11] FF Notifications: Mozilla\Firefox\Profiles\0xdh51cj.default-release -> hxxps://www.greenweez.com; hxxps://www.youtube.com; hxxps://www.huffingtonpost.fr; hxxps://fr.aliexpress.com FF Extension: (uBlock Origin) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-09-30] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0xdh51cj.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-20] FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2023-10-09] CHR Extension: (Google Docs hors connexion) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-09] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-03] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 DDJ-SX3_AutoSetup; C:\Program Files (x86)\Pioneer\DDJ-SX3\DDJ-SX3_AutoSetup.exe [114600 2018-04-10] (Pioneer DJ Corporation -> Pioneer DJ Corporation.) R2 NativePushService; C:\Users\user\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-24] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 DDJ-SX3Audio; C:\Windows\system32\drivers\DDJ-SX3Audio64.sys [56328 2018-04-09] (Pioneer DJ Corporation -> Pioneer DJ Corporation.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2022-12-23] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2621128 2015-07-16] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55872 2023-08-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [574872 2023-08-24] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-24] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-11 14:04 - 2023-10-11 14:05 - 000015118 _____ C:\Users\user\Desktop\FRST.txt 2023-10-11 14:02 - 2023-10-11 14:02 - 002383360 _____ (Farbar) C:\Users\user\Desktop\FRST64(1).exe 2023-10-11 13:59 - 2023-10-11 13:59 - 000179090 _____ C:\Users\user\Desktop\ZHPDiag.html 2023-10-11 13:59 - 2023-10-11 13:59 - 000136923 _____ C:\Users\user\Desktop\ZHPDiag.txt 2023-10-11 13:42 - 2023-10-11 13:42 - 003511968 _____ (Nicolas Coolman) C:\Users\user\Desktop\ZHPSuite(2).exe 2023-10-11 13:41 - 2023-10-11 13:42 - 003511968 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite(1).exe 2023-10-11 12:57 - 2023-10-11 12:57 - 000117495 _____ C:\Users\user\Downloads\rib.pdf 2023-10-11 00:16 - 2023-10-11 13:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-10-10 16:13 - 2023-10-10 16:13 - 000003350 _____ C:\Windows\system32\Tasks\ESTsoft RunAsStdUser 60498281Task 2023-10-10 16:13 - 2023-10-10 16:13 - 000000000 ____D C:\Users\user\AppData\Roaming\ESTsoft 2023-10-10 16:13 - 2023-10-10 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESTsoft 2023-10-10 16:13 - 2023-10-10 16:13 - 000000000 ____D C:\ProgramData\ESTsoft 2023-10-10 16:13 - 2023-10-10 16:13 - 000000000 ____D C:\Program Files (x86)\ESTsoft 2023-10-09 23:46 - 2023-10-09 23:46 - 002606880 _____ (Malwarebytes) C:\Users\user\Downloads\MBSetup.exe 2023-10-09 23:43 - 2023-10-09 23:43 - 005200296 _____ (kernel-panik) C:\Users\user\Downloads\kprm_1.9.exe 2023-10-09 23:38 - 2023-10-11 14:04 - 000000000 ____D C:\FRST 2023-10-09 23:27 - 2023-10-09 23:28 - 000000000 ____D C:\AdwCleaner 2023-10-07 21:32 - 2023-10-07 21:32 - 000002577 _____ C:\Users\Public\Desktop\Serato DJ Pro .lnk 2023-10-07 21:32 - 2023-10-07 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato 2023-10-07 21:31 - 2023-10-07 21:31 - 000000000 ____D C:\Program Files\Serato 2023-10-07 21:28 - 2023-10-07 21:29 - 000000000 ____D C:\Users\user\Downloads\Serato DJ Pro 3.0.12 2023-10-07 21:28 - 2023-08-31 11:52 - 1276683672 _____ (Serato Limited) C:\Users\user\Documents\Serato DJ Pro 3.0.12.exe 2023-10-07 21:14 - 2023-10-07 21:26 - 734590982 _____ C:\Users\user\Downloads\-Joint.Security.Area.FRENCH.DVDRip.XviD.Wawacity.vip.avi 2023-10-07 21:02 - 2023-10-07 21:21 - 1276514057 _____ C:\Users\user\Downloads\Serato DJ Pro 3.0.12.zip 2023-10-05 17:32 - 2023-10-05 17:32 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache 2023-10-05 11:56 - 2023-10-05 11:56 - 000054957 _____ C:\Users\user\Downloads\621231438544.pdf 2023-09-21 22:39 - 2023-09-21 23:30 - 4049963395 _____ C:\Users\user\Downloads\Invasion Day.2015 MULTi FRENCH WEB-DL 1080p H264 AC3 5.1.Wawacity.tech.mkv 2023-09-19 23:14 - 2023-09-19 23:17 - 161230624 _____ (Google, Inc.) C:\Users\user\Downloads\GoogleDriveSetup.exe 2023-09-16 22:40 - 2023-09-16 22:40 - 000565482 _____ C:\Users\user\Downloads\frigo.jpeg 2023-08-27 00:06 - 2023-08-27 00:06 - 000000000 ____D C:\Users\user\Downloads\réfrigérateur 2023-08-13 11:20 - 2023-08-13 11:20 - 000000112 ___SH C:\bootTel.dat 2023-08-08 21:14 - 2023-08-08 21:14 - 000000000 ____D C:\Windows\LastGood 2023-08-02 16:48 - 2023-08-02 16:52 - 000000000 ____D C:\Users\user\Downloads\Fwd Fiche commerciale 2023-08-02 16:28 - 2023-08-02 16:33 - 010968242 _____ C:\Users\user\Downloads\Fwd Fiche commerciale.zip 2023-07-31 02:48 - 2023-07-31 02:48 - 023319870 _____ C:\Users\user\Downloads\+++ DANS LES YEUX D'ÉMILIE (arnulfo rework, live by La Petite Culotte).wav 2023-07-31 02:28 - 2023-07-31 02:29 - 040953822 _____ C:\Users\user\Downloads\+++ DANS LES YEUX D'ÉMILIE (live by La Petite Culotte).wav 2023-07-31 02:25 - 2023-07-31 02:25 - 036947382 _____ C:\Users\user\Downloads\+++ Si Mama (live by La Petite Culotte).wav 2023-07-31 02:21 - 2023-07-31 02:21 - 042752574 _____ C:\Users\user\Downloads\+++ LA GOFFA LOLITA (live by La Petite Culotte).wav 2023-07-27 20:15 - 2023-07-27 20:15 - 000878039 _____ C:\Users\user\Downloads\file__627731919.pdf 2023-07-27 19:13 - 2023-07-27 19:13 - 000860011 _____ C:\Users\user\Downloads\file__74287290.pdf 2023-07-27 19:08 - 2023-07-27 19:08 - 000860011 _____ C:\Users\user\Downloads\file__400681653.pdf 2023-07-27 18:56 - 2023-07-27 18:56 - 000860011 _____ C:\Users\user\Downloads\file__1681571413.pdf 2023-07-20 15:44 - 2023-07-20 15:44 - 000884242 _____ C:\Users\user\Downloads\file__1965958100.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-11 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-10-11 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-10-11 13:59 - 2022-06-26 12:40 - 000000000 ____D C:\Users\user\AppData\Roaming\ZHP 2023-10-11 13:51 - 2022-02-03 17:25 - 000000000 ____D C:\Program Files (x86)\Google 2023-10-11 13:51 - 2022-02-03 17:08 - 000000000 ____D C:\Windows\SystemTemp 2023-10-11 13:51 - 2022-02-03 16:23 - 001771490 _____ C:\Windows\system32\PerfStringBackup.INI 2023-10-11 13:51 - 2019-12-07 16:50 - 000793152 _____ C:\Windows\system32\perfh00C.dat 2023-10-11 13:51 - 2019-12-07 16:50 - 000150282 _____ C:\Windows\system32\perfc00C.dat 2023-10-11 13:51 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-10-11 13:50 - 2023-06-25 12:47 - 000000000 ____D C:\Users\user\AppData\Local\ZHP 2023-10-11 13:48 - 2022-02-09 11:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-10-11 13:46 - 2022-02-09 12:23 - 000000000 ____D C:\Program Files\CCleaner 2023-10-11 13:46 - 2022-02-06 14:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-10-11 13:46 - 2022-02-03 16:23 - 000000000 ___RD C:\Users\user\OneDrive 2023-10-11 13:46 - 2022-02-03 16:16 - 000008192 ___SH C:\DumpStack.log.tmp 2023-10-11 13:46 - 2022-02-03 16:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-10-11 13:46 - 2022-02-03 16:16 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-10-11 13:43 - 2022-02-05 00:52 - 000000000 ____D C:\Users\user\AppData\Local\ClassicShell 2023-10-11 12:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-10-11 00:19 - 2022-07-15 15:21 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps 2023-10-11 00:18 - 2022-02-06 14:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-10-11 00:11 - 2022-11-17 00:31 - 000000000 ____D C:\Program Files\RUXIM 2023-10-10 21:19 - 2023-04-25 12:25 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2023-10-09 23:26 - 2022-02-03 17:13 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1107094190-2299827454-724418502-1001 2023-10-09 23:26 - 2022-02-03 16:23 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1107094190-2299827454-724418502-1001 2023-10-09 23:26 - 2022-02-03 16:19 - 000002414 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-10-09 23:25 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2023-10-09 21:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-10-08 11:33 - 2023-01-17 02:11 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-10-08 11:33 - 2022-02-03 16:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-10-07 21:32 - 2022-03-23 22:29 - 000000000 ____D C:\ProgramData\Package Cache 2023-10-07 12:51 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-10-05 17:40 - 2022-02-03 16:19 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows 2023-10-05 17:35 - 2022-02-03 16:25 - 000000000 ____D C:\Users\user\AppData\Local\PlaceholderTileLogoFolder 2023-10-05 17:35 - 2022-02-03 16:20 - 000000000 ____D C:\Users\user\AppData\Local\Packages 2023-10-05 17:35 - 2022-02-03 16:20 - 000000000 ____D C:\ProgramData\Packages 2023-10-04 00:26 - 2022-05-18 21:51 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Word 2023-10-02 00:29 - 2022-02-09 11:43 - 000000000 ____D C:\Users\user\Documents\ACTUELLEMENT 2023-09-30 11:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-09-30 11:52 - 2023-05-11 10:38 - 000000000 ____D C:\Users\user\AppData\Local\Malwarebytes 2023-09-21 15:21 - 2022-02-05 22:07 - 000000000 ____D C:\Users\user\AppData\Roaming\vlc 2023-09-20 01:36 - 2022-05-18 21:51 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Office 2023-09-19 19:10 - 2022-02-09 11:37 - 000000000 ____D C:\Users\user\Documents\sorties, balades, restaurants 2023-09-19 08:45 - 2023-04-11 02:21 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{D3858A47-52F0-4A24-8049-AC2E01A24C81} 2023-09-19 08:45 - 2023-04-11 02:21 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{53F3B2E1-3B56-4E9B-AFCA-03E5A1844BDF} 2023-09-18 22:00 - 2023-03-18 15:12 - 000000000 ____D C:\Users\user\Documents\divers 2023-09-18 15:10 - 2023-06-03 07:04 - 000000000 ____D C:\Users\user\Documents\administratif 2023-09-14 20:05 - 2023-04-01 00:50 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2023-09-13 15:54 - 2023-04-01 00:50 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2023-09-13 13:36 - 2022-02-03 16:28 - 000000000 ____D C:\Windows\system32\MRT 2023-09-13 13:33 - 2022-02-03 16:28 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2022-06-27 22:20 - 2023-03-19 18:25 - 003514056 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe 2022-12-23 23:03 - 2022-12-23 23:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_leidian.data 2022-12-23 23:03 - 2022-12-23 23:03 - 000000068 _____ () C:\Users\user\AppData\Roaming\changzhi_mplayer.data ==================== SigCheckExt ========================= 2015-12-16 21:07 - 2015-12-16 21:07 - 000083952 _____ C:\Windows\system32\atig6pxx.dll 2022-03-23 22:42 - 2018-04-10 13:11 - 000236032 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_ASIO64.dll 2022-03-23 22:42 - 2018-04-10 13:24 - 000246272 _____ (Pioneer DJ Corporation.) C:\Windows\system32\DDJ-SX3_Setup64.dll 2016-05-03 10:17 - 2016-05-03 10:17 - 000184832 _____ (Pioneer DJ Corporation.) C:\Windows\system32\Pioneer_DDJ_SX_ASIO.dll 2015-08-09 10:32 - 2015-08-09 10:32 - 000289216 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll 2015-12-16 21:07 - 2015-12-16 21:07 - 039720944 _____ C:\Windows\SysWOW64\amdocl.dll 2015-12-16 21:07 - 2015-12-16 21:07 - 001004032 _____ C:\Windows\SysWOW64\amdocl_as32.exe 2015-12-16 21:07 - 2015-12-16 21:07 - 000807424 _____ C:\Windows\SysWOW64\amdocl_ld32.exe 2015-12-16 21:07 - 2015-12-16 21:07 - 000150512 _____ C:\Windows\SysWOW64\atigktxx.dll 2015-12-16 21:07 - 2015-12-16 21:07 - 000078320 _____ C:\Windows\SysWOW64\atiglpxx.dll 2015-12-16 21:06 - 2015-12-16 21:06 - 000112360 _____ C:\Windows\SysWOW64\atiu9pag.dll 2015-12-16 21:06 - 2015-12-16 21:06 - 000143056 _____ C:\Windows\SysWOW64\atiuxpag.dll 2022-03-23 22:42 - 2018-04-10 13:05 - 000214016 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_ASIO.dll 2022-03-23 22:42 - 2018-04-10 13:24 - 000210944 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\DDJ-SX3_Setup.dll 2016-04-29 05:20 - 2016-04-29 05:20 - 000130560 _____ (Pioneer DJ Corporation.) C:\Windows\SysWOW64\Pioneer_DDJ_SX_ASIO.dll 2015-08-09 10:32 - 2015-08-09 10:32 - 000247744 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE 2022-06-27 22:20 - 2023-03-19 18:25 - 003514056 _____ (Nicolas Coolman) C:\Users\user\ZHPSuite.exe 2023-10-11 14:02 - 2023-10-11 14:02 - 002383360 _____ (Farbar) C:\Users\user\Desktop\FRST64(1).exe 2023-10-11 13:42 - 2023-10-11 13:42 - 003511968 _____ (Nicolas Coolman) C:\Users\user\Desktop\ZHPSuite(2).exe 2023-04-05 11:18 - 2023-04-05 11:18 - 002380288 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2023-10-09 23:43 - 2023-10-09 23:43 - 005200296 _____ (kernel-panik) C:\Users\user\Downloads\kprm_1.9.exe 2023-10-11 13:41 - 2023-10-11 13:42 - 003511968 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite(1).exe 2023-04-05 10:33 - 2023-04-05 10:33 - 003514056 _____ (Nicolas Coolman) C:\Users\user\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=D: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{c1edbf30-84fb-11ec-b3e2-b50606c8a84a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {c1edbf2d-84fb-11ec-b3e2-b50606c8a84a} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {c1edbf2f-84fb-11ec-b3e2-b50606c8a84a} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=D: path \boot\memtest.exe description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {c1edbf30-84fb-11ec-b3e2-b50606c8a84a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================