Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 Exécuté par KIKIZEBEST (administrateur) sur KIKIZEBEST-PC (TOSHIBA SATELLITE P500) (13-11-2023 19:33:39) Exécuté depuis C:\Users\KIKIZEBEST\Desktop\FRST64.exe Profils chargés: KIKIZEBEST Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\104.0.4944.36\opera_crashreporter.exe (nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe <21> (services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe <2> (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\drivers\o2flash.exe (svchost.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.52331.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe Impossible d'accéder au processus -> FreemakeUtilsService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [MicrosoftEdgeAutoLaunch_200444D055E1FAACE422774EF5EDB99D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3894824 2023-11-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\KIKIZEBEST\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub) HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [] => [X] HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Policies\system: [shell] explorer.exe <==== ATTENTION HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 3830 series): C:\Windows\system32\HPDiscoPME511.dll [840328 2017-03-27] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {AB53099B-25C8-4DC3-92E6-EE6FE862F9C5} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION Task: {D2B3F135-08FB-47BA-8CFD-B8C7B36DEFB2} - \Microsoft\Windows\Setup\EOSNotify2 -> Pas de fichier <==== ATTENTION Task: {10AADE69-3DAB-4C3C-9CFE-BFE2BA424433} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {5B70D0D4-700C-46B1-8759-36790DC1506C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software) Task: {A0B8C4FC-E0C6-4615-873A-E51E9B4549FB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {6F096BD6-AA71-4870-9AE9-16A9D1F6C2B5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "607be473-25dd-4a2b-9250-1a6f5cf4700a" --version "6.17.10746" --silent Task: {8F6395A8-A1E0-4CAD-BC3D-71593238D9E0} - System32\Tasks\CCleanerSkipUAC - KIKIZEBEST => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {6BE1839E-CC79-4970-A327-E2700E71AB2E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5329808 2023-10-11] (Microsoft Windows -> Microsoft Corporation) Task: {13A53D53-06B8-497F-AC58-03955F7D1F61} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.) Task: {ABAAB98A-DE9C-464E-A655-1412F2B4873E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier) Task: {4F8DC2FD-733A-463B-B96E-B18D4782563A} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier) Task: {1B1C03E1-21E1-47EE-B9A9-67F80B67D61A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier) Task: {F35CD96A-E43A-4FD3-A06A-D9ED543BAB64} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier) Task: {8793E292-7997-4C7E-B7D4-A6B16B5CFC32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier) Task: {8708D4BA-CE50-487F-9A04-3B5FF3C1EBF5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier) Task: {4BC1366C-A9CA-467C-B8E2-370BC7463018} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier) Task: {6D2A8226-32AE-49CB-81EC-74BD18DA6632} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier) Task: {6AD664C6-0D24-458B-84A2-E27D218F3123} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier) Task: {0A6ED9C4-3122-49E6-B6B6-941005929EF8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier) Task: {0A237144-3A45-427C-8076-46529D88A49D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier) Task: {3DC822E5-68D8-44E2-B4F8-BB64DFBBEEB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier) Task: {444C8714-F952-4397-BBCD-29D6F1969327} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier) Task: {4A524E49-18BE-4530-91DF-26DFD07ACCC2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier) Task: {6AB2F28C-E348-477A-A594-AAA7DF70328F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier) Task: {4BA8157F-FB1F-4602-9892-9227C9410969} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier) Task: {36939138-C033-4CD0-B7CF-DAD7738B5BD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier) Task: {A5D427DA-668B-42F4-BA75-8522579363F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier) Task: {4CCAEBA4-7671-473A-8982-0C42AEF73455} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier) Task: {387920C6-4DA1-4D6E-983D-F9D2122F7422} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier) Task: {A9529898-BB0F-4615-80D7-CE5D7F9D56B8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier) Task: {D701F294-4690-403B-9C5D-F1F1A0E040FB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier) Task: {F296F4AA-B2B8-4799-B3F1-9C2D4EAF68CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier) Task: {5F5E4289-D87A-4B26-AD6E-28575BEF9C79} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier) Task: {D366E9EC-2D71-4BD9-8B5A-30828E9CF0F2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {27735D62-238C-4F18-BE11-D4C07A4C8F74} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {36539C71-8E55-407A-9398-3002E01027FD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {BBA1EE36-318C-41EF-9814-4B0392EBC91D} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {8D2EA610-AFC7-4118-81B4-97B9ABB51FB1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {5FD6FF48-C749-4FAE-BE28-58FA3C7E2EA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {91F2A08E-804F-481B-9EBC-BF1ED1F63856} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F759FC6E-D8AF-4EB3-B0F8-099B8F86764D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {068F2968-6C89-432A-8CC2-AD86EC50055D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0C2477F8-FA4A-4ED6-96D4-4B6D952C7051} - System32\Tasks\Opera scheduled Autoupdate 1548525376 => C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\launcher.exe [2642848 2023-10-30] (Opera Norway AS -> Opera Software) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones) Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [NameServer] 1.0.0.1,208.67.222.220,192.168.0.1 Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [NameServer] 1.0.0.1,208.67.222.220 Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{888e49a3-0ab3-434f-874d-6598b9abddd2}: [NameServer] 1.0.0.1,208.67.222.220 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-12] Edge Extension: (Avira Safe Shopping) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-11-12] Edge Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-12] Edge Extension: (Google Docs hors connexion) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-12] Edge Extension: (Edge relevant text changes) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-12] Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] FireFox: ======== FF DefaultProfile: pmhvk7af.default FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default [2023-07-21] FF Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default\Extensions\passwordmanager@avira.com [2019-11-19] FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\ssc3cy3r.default-release-1609066141487 [2023-07-21] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Opera: ======= OPR DefaultProfile: Default ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe [718168 2023-07-13] (Dynabook Inc. -> Dynabook Inc.) R2 DSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe [473280 2022-08-25] (Dynabook Inc. -> Dynabook Inc.) S2 DSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe [330136 2023-07-13] (Dynabook Inc. -> Dynabook Inc.) R2 DSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe [480144 2023-07-13] (Dynabook Inc. -> Dynabook Inc.) R2 dynabookSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe [24153096 2023-07-13] (Dynabook Inc. -> Dynabook Inc.) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-31] (Mixbyte Inc -> Freemake) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-12] (Malwarebytes Inc. -> Malwarebytes) R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iSkysoft Video Converter Ultimate Windows (FR)(CPC)\Transfer\DriverInstall.exe [107800 2019-07-09] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare) S3 Browser; %SystemRoot%\System32\browser.dll [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 64146C88; C:\WINDOWS\system32\drivers\64146C88.sys [255928 2023-10-23] (Malwarebytes Corporation -> Malwarebytes) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 dhotkey; C:\WINDOWS\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.) R0 dhpevm; C:\WINDOWS\System32\drivers\dhpevm.SYS [29368 2022-08-25] (Dynabook Inc. -> Dynabook Inc.) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project) R1 dsrvctldrv; C:\WINDOWS\System32\drivers\dsrvctldrv.sys [30232 2023-07-13] (Dynabook Inc. -> Dynabook Inc.) R0 DVALZ_O; C:\WINDOWS\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.) S3 hidshim; C:\WINDOWS\system32\DRIVERS\hidshim.sys [6656 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> ) S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> ) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 nuvotoncir; C:\WINDOWS\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation) S3 nuvotonhidcir; C:\WINDOWS\system32\DRIVERS\nuvotonhidcir.sys [32256 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation) R3 O2SDGx64; C:\WINDOWS\System32\drivers\o2sdgx64.sys [56576 2012-09-06] (O2Micro -> O2Micro) S3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2019-01-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA) U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH) U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.) S0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.) R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) S0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation) S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-13 19:33 - 2023-11-13 19:34 - 000028095 _____ C:\Users\KIKIZEBEST\Desktop\FRST.txt 2023-11-13 19:29 - 2023-11-13 19:30 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\a envoyer 2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe 2023-11-13 19:12 - 2023-11-13 19:12 - 000000772 _____ C:\Users\KIKIZEBEST\Desktop\ZHPSuite.lnk 2023-11-12 22:17 - 2023-11-13 15:30 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Malwarebytes 2023-11-12 22:17 - 2023-11-12 22:17 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-11-12 22:17 - 2023-11-12 22:17 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-11-12 22:13 - 2023-11-12 22:13 - 002606880 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\MBSetup.exe 2023-11-12 21:59 - 2023-11-12 22:48 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\2e nettoyage 2023-11-12 21:42 - 2023-11-12 21:42 - 008791352 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\adwcleaner_8.4.0.exe 2023-11-12 20:58 - 2023-11-12 20:58 - 000000923 _____ C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.lnk 2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe 2023-11-11 12:04 - 2023-11-11 12:04 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1111E7AC.sys 2023-11-11 12:03 - 2023-11-11 12:42 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\mbar 2023-11-10 19:07 - 2023-11-10 19:07 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\ARGENT SANG 2023-11-10 18:59 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\uTorrent Web 2023-11-08 17:23 - 2023-11-09 05:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2023-11-01 08:15 - 2023-11-01 08:15 - 000000000 ____D C:\WINDOWS\Panther 2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe 2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe 2023-10-30 19:43 - 2023-11-13 19:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\REPAIR 3010 2023-10-26 11:53 - 2023-10-31 14:15 - 006646784 _____ C:\WINDOWS\system32\rtp.db 2023-10-14 10:29 - 2023-10-14 10:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\LASKO 2023-10-12 08:48 - 2023-10-12 08:48 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Backup 2023-10-11 10:56 - 2023-10-11 10:56 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-10-11 10:19 - 2023-10-11 10:19 - 000000000 ___HD C:\$WinREAgent 2023-10-06 11:42 - 2023-10-06 11:42 - 000000000 ____D C:\ProgramData\PLUG 2023-10-04 20:48 - 2023-11-13 19:10 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\molotov 2023-10-04 20:48 - 2023-10-04 20:48 - 000002393 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov.lnk 2023-09-29 18:31 - 2023-09-29 18:31 - 000936171 _____ C:\Users\KIKIZEBEST\Desktop\Base de données Vin.xlsx 2023-09-14 17:48 - 2023-09-20 19:49 - 001164893 _____ C:\Users\KIKIZEBEST\Desktop\xcbvxf.xlsx 2023-09-11 11:01 - 2023-09-11 11:03 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FOOT BARLIN 2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe 2023-08-26 06:45 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\TORR 2023-08-18 07:26 - 2023-08-18 07:26 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FAILLES2 ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-13 19:34 - 2022-06-05 12:01 - 000000000 ____D C:\FRST 2023-11-13 19:30 - 2019-03-17 19:04 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\ZHP 2023-11-13 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-13 19:12 - 2020-10-02 13:29 - 000000000 ____D C:\Users\KIKIZEBEST 2023-11-13 18:45 - 2020-10-02 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-11-13 18:07 - 2022-10-08 20:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-11-13 15:33 - 2020-10-02 16:51 - 001693648 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-13 15:33 - 2019-12-07 15:49 - 000739230 _____ C:\WINDOWS\system32\perfh00C.dat 2023-11-13 15:33 - 2019-12-07 15:49 - 000147924 _____ C:\WINDOWS\system32\perfc00C.dat 2023-11-13 15:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-11-13 15:29 - 2020-10-02 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-11-13 15:01 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-11-13 08:58 - 2021-07-06 08:12 - 000000000 ____D C:\Program Files (x86)\Steam 2023-11-12 22:44 - 2019-01-26 18:34 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\CHEZ MOI 2023-11-12 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-12 22:16 - 2023-03-17 18:20 - 000000000 ____D C:\Program Files\Malwarebytes 2023-11-12 22:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-11-12 22:16 - 2019-02-15 20:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-11-11 12:42 - 2019-03-01 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2023-11-11 12:30 - 2019-02-10 09:58 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Word 2023-11-11 11:53 - 2020-10-19 22:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-11 11:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-10 19:07 - 2019-04-13 13:19 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\BitTorrentHelper 2023-11-09 20:35 - 2021-04-22 09:08 - 000000000 ____D C:\KVRT2020_Data 2023-11-09 18:48 - 2019-03-27 19:21 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\CrashDumps 2023-11-09 18:46 - 2023-06-25 09:58 - 000000000 ____D C:\Program Files\CCleaner 2023-11-09 16:19 - 2019-01-26 18:56 - 000001525 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2023-11-09 12:32 - 2015-02-02 12:28 - 000014492 _____ C:\Users\KIKIZEBEST\Desktop\LISTE ANNIVERSAIRES.xlsx 2023-11-09 05:25 - 2019-01-26 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-11-08 18:49 - 2019-01-26 19:05 - 000001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2023-11-08 16:45 - 2022-06-03 09:04 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\OISEAUX SEMAINE 2023-11-08 13:13 - 2020-04-22 13:11 - 000001426 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-11-08 13:11 - 2019-01-26 23:11 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Excel 2023-11-07 21:38 - 2019-01-26 20:29 - 000000000 ____D C:\Users\KIKIZEBEST\Documents\MyHeritage 2023-11-07 08:16 - 2020-01-17 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-11-06 21:38 - 2021-01-03 21:25 - 000013133 _____ C:\Users\KIKIZEBEST\Desktop\GMAIL.xlsx 2023-11-03 11:31 - 2020-01-17 15:20 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Packages 2023-11-03 11:29 - 2020-09-30 10:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-03 08:04 - 2023-06-25 09:58 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-11-01 20:46 - 2020-01-17 16:14 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\D3DSCache 2023-10-31 19:43 - 2019-04-05 19:22 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Facebook 2023-10-31 14:24 - 2019-01-26 20:07 - 000000000 ____D C:\Program Files (x86)\Avira 2023-10-31 14:22 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Avira 2023-10-31 14:16 - 2010-11-21 04:27 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2023-10-31 14:12 - 2019-05-02 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2023-10-31 14:10 - 2020-10-20 06:37 - 000002935 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint (1).lnk 2023-10-31 14:10 - 2020-10-20 06:37 - 000002923 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word (1).lnk 2023-10-31 14:07 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Package Cache 2023-10-31 12:59 - 2019-03-03 15:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\NVIDIA Corporation 2023-10-31 12:59 - 2019-03-03 15:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2023-10-31 12:59 - 2019-01-26 18:22 - 000000000 ____D C:\ProgramData\NVIDIA 2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-10-31 12:57 - 2019-05-20 07:58 - 000000000 ____D C:\Program Files\Java 2023-10-31 12:56 - 2020-07-30 09:20 - 000000000 ____D C:\ProgramData\GlarySoft 2023-10-31 12:56 - 2020-07-30 09:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\GlarySoft 2023-10-31 08:09 - 2020-10-19 22:57 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-31 08:09 - 2020-10-19 22:57 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-31 07:18 - 2020-10-02 16:42 - 000008192 ___SH C:\DumpStack.log.tmp 2023-10-30 13:04 - 2022-07-28 06:28 - 000020348 _____ C:\Users\KIKIZEBEST\Desktop\glycemie.xlsx 2023-10-27 19:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-10-25 12:56 - 2023-06-25 09:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-10-24 18:58 - 2023-06-25 09:58 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-10-24 07:40 - 2023-04-25 18:01 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\JV FAIT 2023-10-24 07:38 - 2023-05-08 20:32 - 001601536 _____ C:\Users\KIKIZEBEST\Desktop\Gestion-bibliotheque-Excel-gratuit (Enregistré automatiquement).xlsx 2023-10-23 08:10 - 2023-03-17 11:54 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\64146C88.sys 2023-10-22 15:54 - 2019-02-01 18:33 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\vlc 2023-10-21 17:14 - 2020-02-07 07:39 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\FSDART 2023-10-21 07:40 - 2020-02-07 07:39 - 000000000 ____D C:\ProgramData\F-Secure 2023-10-20 17:29 - 2020-10-02 16:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task ==================== Fichiers à la racine de certains dossiers ======== 2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe 2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe 2022-10-25 12:24 - 2022-10-25 12:24 - 000000872 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\2d845f61-6fd4-4c25-be56-ac054468b3a2.tmp 2022-09-08 06:45 - 2022-09-08 06:45 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\44f702b9-2129-4c5e-be6e-edb29f149574.tmp 2022-08-14 13:28 - 2022-08-14 13:28 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\771d365c-3b53-455a-93ab-a0f3b1bebabb.tmp 2022-04-22 17:59 - 2022-04-22 17:59 - 000000705 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\c5c5984a-b917-4dd0-9614-c28d14f59a3f.tmp 2022-05-16 18:06 - 2022-05-16 18:06 - 000000867 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\e47d4395-7f92-4ee6-8f33-c7b629bbb655.tmp 2022-11-21 09:07 - 2022-11-21 09:07 - 000128964 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\316672665_5992031394194217_2706564476730116414_n.jpg 2019-02-24 01:24 - 2019-12-19 15:18 - 000097520 _____ () C:\Users\KIKIZEBEST\AppData\Local\ars.cache 2019-02-24 01:24 - 2019-12-19 15:18 - 000392277 _____ () C:\Users\KIKIZEBEST\AppData\Local\census.cache 2021-12-31 10:36 - 2021-12-31 10:36 - 000003584 _____ () C:\Users\KIKIZEBEST\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-02-23 19:52 - 2019-02-23 19:52 - 000000036 _____ () C:\Users\KIKIZEBEST\AppData\Local\housecall.guid.cache 2023-03-27 14:05 - 2023-03-27 14:05 - 000002377 _____ () C:\Users\KIKIZEBEST\AppData\Local\recently-used.xbel 2019-01-28 13:23 - 2019-11-12 20:11 - 000007618 _____ () C:\Users\KIKIZEBEST\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2019-11-20 07:58 - 2013-04-06 00:27 - 000324608 _____ (IntelleSoft) C:\WINDOWS\system32\BugTrap-x64.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll 2019-11-20 07:58 - 2017-07-30 06:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll 2019-11-20 07:58 - 2019-02-26 11:51 - 028414044 _____ C:\WINDOWS\system32\x265vfw.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2019-09-23 15:45 - 2013-09-17 08:23 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2019-01-26 20:29 - 2003-07-06 14:07 - 000372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libssl-1_1.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL 2021-02-24 22:40 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll 2020-01-24 17:27 - 2011-06-29 12:18 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2003-04-18 15:29 - 2003-04-18 15:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2019-01-26 20:29 - 2002-03-07 01:19 - 000454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll 2019-01-26 20:29 - 2010-06-17 19:49 - 002029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL 2021-03-17 15:30 - 2021-03-17 15:30 - 000012067 _____ C:\WINDOWS\SysWOW64\SIntf16.dll 2021-03-17 15:30 - 2021-03-17 15:30 - 000017212 _____ C:\WINDOWS\SysWOW64\SIntf32.dll 2021-03-17 15:30 - 2021-03-17 15:30 - 000021840 _____ C:\WINDOWS\SysWOW64\SIntfNT.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll 1998-09-14 20:43 - 1998-09-14 20:43 - 000065536 _____ C:\WINDOWS\SysWOW64\TWAIN32d.dll 2021-02-24 22:40 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll 2019-01-26 23:26 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE 2017-07-30 09:50 - 2017-07-30 09:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll 2019-02-26 11:56 - 2019-02-26 11:56 - 006418389 _____ C:\WINDOWS\SysWOW64\x265vfw.dll 2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe 2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe 2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe 2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe 2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de démarrage Windows ----------------------------- identificateur {1c646c21-2152-11e9-b63b-9a0427bba6cf} device ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf} systemroot \windows nx OptIn winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {1c646c25-2152-11e9-b63b-9a0427bba6cf} device ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf} systemroot \windows nx OptIn winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {bb42aa50-3932-11ea-935d-9d9b8109c306} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {bb42aa4d-3932-11ea-935d-9d9b8109c306} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {1c646c22-2152-11e9-b63b-9a0427bba6cf} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\boot.sdi Options de périphérique ----------------------- identificateur {1c646c26-2152-11e9-b63b-9a0427bba6cf} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\boot.sdi Options de périphérique ----------------------- identificateur {bb42aa51-3932-11ea-935d-9d9b8109c306} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================