Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Exécuté par Pascal (administrateur) sur DESKTOP-IG3EAVC (HP-Pavilion WC963AA-ABF p6355fr) (04-04-2021 21:01:27)
Exécuté depuis C:\Users\Pascal\Downloads
Profils chargés: Pascal
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3520614324-3008203260-1982206474-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F229D8-774A-4153-9F3C-138C8A455074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04808CCE-5084-4B38-AF63-95D9F9BE8E52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {27FBEBC5-190E-4CC0-812F-2A55A37300E2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4568DE25-CDDE-4CDA-98D5-973C121C8D0C} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [1540648 2021-03-03] (NCH Software, Inc. -> NCH Software)
Task: {630707DE-D94C-4F6D-852A-E9E1B30B0E0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0E2D82-3BC0-4598-92CC-DDF6B8B43127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8244B273-8A5B-414D-A34B-9FA831E51569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1FC2708-76F2-4431-9E6B-BE5FC0114548} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {D8D626D7-D567-40B8-90D6-7904298485C5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-02] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d89aa4f8-6991-4ffb-92fb-bd9ec95e9ebc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-04]
Edge StartupUrls: Default -> "hxxps://mail01.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX"
Edge DefaultSearchURL: Default -> hxxps://static.jeanmarcmorandini.com/sites/jeanmarcmorandini.com/files/favicon_1.png
Edge Extension: (Office) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gggmmkjegpiggikcnhidnjjhmicpibll [2020-12-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-03]
Edge Extension: (Brûlé aux mains lors de son effroyable accident à Bahreïn, le pilote français Romain Grosjean annonce dans une vidéo, mettre fin à sa carrière en F1 - Regardez) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phlgiemfjphbfkglejjoaohkbajjiobi [2020-12-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 5penrpxb.default
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\5penrpxb.default [2020-06-17]
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 [2021-04-04]
FF Homepage: Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 -> hxxps://webmail1n.orange.fr/webmail/fr_FR/inbox.html?FOLDER=SF_INBOX|hxxps://www.facebook.com/
FF Extension: (Pas de nom) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12]
FF Extension: (uBlock Origin) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2020-08-24]
FF Extension: (summer dawn) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{51a9bbc8-2d3b-4e5d-9fb4-0fb4019bf4d2}.xpi [2020-08-24]
FF Extension: (Painted sea dreams) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{52cccb91-1a4c-4785-9697-8dd898b5be7e}.xpi [2020-08-24]
FF Extension: (Matrix 1 animated) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{8af4f4ff-a5ce-4e59-b057-5146c9f1ded7}.xpi [2020-08-24]
FF Extension: (Christmas_Lights_03) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{aaaa902e-d0aa-4052-8b99-840f02b28b27}.xpi [2020-12-29]
FF Extension: (Flowers on fire) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{ad087853-d443-42e2-97dc-09e11eaabb4f}.xpi [2020-08-24]
FF Extension: (Christmas Lights Animation) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{c48107ac-9775-42e5-b553-700c991af522}.xpi [2020-08-24]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2021-02-08]
FF Extension: (Cars Firefoxed) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{f29c4a56-63a9-4e3a-9233-f3f2ffaba9a9}.xpi [2020-08-24]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3520614324-3008203260-1982206474-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6278712 2021-02-01] (devolo AG -> devolo AG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-02-01] (devolo AG -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\Users\Pascal\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATTENTION
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-04 21:01 - 2021-04-04 21:02 - 000014921 _____ C:\Users\Pascal\Downloads\FRST.txt
2021-04-04 21:00 - 2021-04-04 21:01 - 000000000 ____D C:\FRST
2021-04-04 21:00 - 2021-04-04 21:00 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2021-04-04 20:48 - 2021-04-04 20:48 - 000256403 _____ C:\Users\Pascal\Desktop\04042021 20h48 zhpdiag.txt
2021-04-04 18:26 - 2021-04-04 18:37 - 000000000 ____D C:\Users\Pascal\Desktop\bearwww
2021-04-03 22:52 - 2021-03-15 19:22 - 000894448 _____ (CGSecurity) C:\Users\Pascal\Documents\testdisk_win.exe
2021-04-03 22:42 - 2021-04-03 22:42 - 000012230 _____ C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21.html
2021-04-03 22:42 - 2021-04-03 22:42 - 000000000 ____D C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21_fichiers
2021-04-03 22:34 - 2021-04-03 22:34 - 000008989 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).html
2021-04-03 22:34 - 2021-04-03 22:34 - 000002722 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).txt
2021-04-03 22:31 - 2021-04-03 22:31 - 000008802 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).html
2021-04-03 22:31 - 2021-04-03 22:31 - 000002602 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).txt
2021-04-03 22:07 - 2021-04-03 22:07 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner.exe
2021-04-03 22:07 - 2021-04-03 22:07 - 000000876 _____ C:\Users\Pascal\Desktop\ZHPCleaner.lnk
2021-04-03 21:27 - 2021-04-03 21:27 - 000000000 ____D C:\Users\Pascal\Desktop\Peugeot Update
2021-04-03 21:05 - 2021-04-03 21:05 - 000613217 _____ C:\Users\Pascal\Desktop\ZHPDiag.html 03042021.html
2021-04-03 21:05 - 2021-04-03 21:05 - 000000000 ____D C:\Users\Pascal\Desktop\ZHPDiag.html 03042021_fichiers
2021-04-03 21:02 - 2021-04-04 20:41 - 000256403 _____ C:\Users\Pascal\Desktop\ZHPDiag.txt
2021-04-03 20:52 - 2021-04-04 20:47 - 000000729 _____ C:\Users\Pascal\Desktop\ZHPDiag.lnk
2021-04-03 20:52 - 2021-04-03 22:07 - 000000000 ____D C:\Users\Pascal\AppData\Local\ZHP
2021-04-03 20:51 - 2021-04-03 20:52 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(1).exe
2021-04-02 22:38 - 2021-04-02 22:38 - 001447178 _____ (Igor Pavlov) C:\Users\Pascal\Downloads\7z1900-x64.exe
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\Program Files\7-Zip
2021-04-02 21:47 - 2021-04-03 22:35 - 000000000 ____D C:\Program Files\Recuva
2021-04-02 21:47 - 2021-04-02 21:47 - 007638224 _____ (Piriform Software Ltd) C:\Users\Pascal\Downloads\rcsetup153.exe
2021-04-02 21:47 - 2021-04-02 21:47 - 000001659 _____ C:\ProgramData\Desktop\Recuva.lnk
2021-04-02 21:47 - 2021-04-02 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-04-02 21:04 - 2021-04-02 21:04 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-04-02 21:03 - 2021-04-02 21:03 - 036629064 _____ (EaseUS ) C:\Users\Pascal\Downloads\DRW13.5_Free.exe
2021-04-02 21:03 - 2021-04-02 21:03 - 000001034 _____ C:\ProgramData\Desktop\EaseUS Data Recovery Wizard.lnk
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\Program Files\EaseUS
2021-04-02 21:02 - 2021-04-02 21:03 - 002065800 _____ C:\Users\Pascal\Downloads\DRW_Free_RSS_new_Installer_20210402.4843.exe
2021-04-02 16:48 - 2021-04-02 16:49 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-04-02 16:38 - 2021-04-02 16:38 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(4).exe
2021-04-02 16:36 - 2021-04-02 16:36 - 000001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000001263 _____ C:\ProgramData\Desktop\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000000000 ____D C:\Users\Pascal\Suite NCH Software
2021-04-02 16:33 - 2021-04-02 16:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-02 14:51 - 2021-04-02 14:51 - 000007190 _____ C:\Users\Pascal\Desktop\license_0D011A0BB9D4EA98C3FB_001315031601451350.key
2021-04-02 14:33 - 2021-04-03 21:27 - 000001884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-03 21:27 - 000001854 _____ C:\ProgramData\Desktop\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-02 14:37 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(3).tar
2021-04-02 13:52 - 2021-04-02 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-02 13:42 - 2021-04-02 13:42 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(3).exe
2021-04-02 12:37 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Downloads\UpdateInfo.xml
2021-04-02 12:35 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Downloads\SWL
2021-04-02 12:21 - 2021-04-02 12:25 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(2).tar
2021-04-02 02:50 - 2021-04-02 14:51 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Peugeot Update
2021-04-02 02:50 - 2021-04-02 12:57 - 000000000 ____D C:\Program Files\Peugeot Update
2021-04-02 02:36 - 2021-04-02 02:38 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(1).tar
2021-04-02 01:45 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Documents\UpdateInfo.xml
2021-04-02 01:43 - 2021-04-02 01:43 - 000000000 ____D C:\Users\Pascal\Documents\SWL
2021-04-02 01:38 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Documents\ExpressZip - PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.temp
2021-04-02 01:26 - 2021-04-02 01:28 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-03-22 22:39 - 2021-03-22 22:39 - 017051671 _____ C:\Users\Pascal\Downloads\sissel_p3GfFpcD_GDuo.mp4
2021-03-22 22:22 - 2021-03-22 22:22 - 000185527 _____ C:\Users\Pascal\Downloads\auto_resize_image-1.1.0-tb.xpi
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 21:28 - 2021-03-13 21:28 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 21:27 - 2021-03-13 21:27 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 21:27 - 2021-03-13 21:27 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-04 20:47 - 2020-08-27 10:40 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\ZHP
2021-04-04 20:47 - 2020-08-14 11:14 - 000000000 ____D C:\Users\Pascal
2021-04-04 20:47 - 2020-06-17 18:20 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2021-04-04 20:34 - 2020-08-14 11:27 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-04 20:34 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-04 20:34 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-04 20:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-04 20:33 - 2020-06-20 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-04 20:32 - 2020-06-17 21:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Users\Pascal\AppData\Local\Google
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-04 20:31 - 2020-06-17 21:13 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Mozilla
2021-04-04 20:30 - 2020-08-14 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-04 20:30 - 2020-08-14 11:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-04 20:30 - 2020-06-17 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-04 20:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-04 18:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-03 22:05 - 2020-08-14 11:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-03 21:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-03 18:24 - 2020-06-22 20:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 18:24 - 2020-06-22 20:16 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-02 22:05 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\Anciennes données de Firefox
2021-04-02 19:22 - 2020-06-17 21:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-02 16:36 - 2020-08-14 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-04-02 16:36 - 2020-07-23 22:01 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-04-02 16:33 - 2020-06-17 21:13 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-02 14:43 - 2020-08-14 22:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-02 14:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-02 13:21 - 2020-08-24 10:37 - 000000000 ____D C:\Users\Pascal\Desktop\OpenOffice 4.1.7 (fr) Installation Files
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\test
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\defaultuser0
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\SWL
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\Introduction Ce que vous devez savoir sur le russe — Maîtriser le russe dans les 60 jours qui viennent... même en partant de zéro_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\25032020 Buy Cheap Xbox ONE Membership Deal, PSN Gift card, Game keys on Goodoffer24_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\- Modules pour Firefox_fichiers
2021-04-02 13:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-02 13:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-04-02 10:39 - 2020-06-21 01:56 - 000000000 ____D C:\Users\Pascal\AppData\Local\CrashDumps
2021-04-02 01:32 - 2020-07-23 22:01 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-15 20:27 - 2020-06-18 00:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 00:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-14 11:19 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Zoom
2021-03-13 23:01 - 2020-08-14 11:25 - 000456488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 20:28 - 2020-06-17 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 20:25 - 2020-06-17 18:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 11:46 - 2020-08-16 23:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2020-06-17 18:20 - 2021-04-04 20:47 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2020-06-17 18:20 - 2020-03-23 21:57 - 003426688 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPSuite.exe
2021-01-04 03:46 - 2021-01-10 18:00 - 000007605 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Pascal (administrateur) sur DESKTOP-IG3EAVC (HP-Pavilion WC963AA-ABF p6355fr) (04-04-2021 21:01:27)
Exécuté depuis C:\Users\Pascal\Downloads
Profils chargés: Pascal
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3520614324-3008203260-1982206474-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F229D8-774A-4153-9F3C-138C8A455074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04808CCE-5084-4B38-AF63-95D9F9BE8E52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {27FBEBC5-190E-4CC0-812F-2A55A37300E2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4568DE25-CDDE-4CDA-98D5-973C121C8D0C} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [1540648 2021-03-03] (NCH Software, Inc. -> NCH Software)
Task: {630707DE-D94C-4F6D-852A-E9E1B30B0E0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0E2D82-3BC0-4598-92CC-DDF6B8B43127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8244B273-8A5B-414D-A34B-9FA831E51569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1FC2708-76F2-4431-9E6B-BE5FC0114548} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {D8D626D7-D567-40B8-90D6-7904298485C5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-02] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d89aa4f8-6991-4ffb-92fb-bd9ec95e9ebc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-04]
Edge StartupUrls: Default -> "hxxps://mail01.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX"
Edge DefaultSearchURL: Default -> hxxps://static.jeanmarcmorandini.com/sites/jeanmarcmorandini.com/files/favicon_1.png
Edge Extension: (Office) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gggmmkjegpiggikcnhidnjjhmicpibll [2020-12-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-03]
Edge Extension: (Brûlé aux mains lors de son effroyable accident à Bahreïn, le pilote français Romain Grosjean annonce dans une vidéo, mettre fin à sa carrière en F1 - Regardez) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phlgiemfjphbfkglejjoaohkbajjiobi [2020-12-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 5penrpxb.default
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\5penrpxb.default [2020-06-17]
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 [2021-04-04]
FF Homepage: Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 -> hxxps://webmail1n.orange.fr/webmail/fr_FR/inbox.html?FOLDER=SF_INBOX|hxxps://www.facebook.com/
FF Extension: (Pas de nom) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12]
FF Extension: (uBlock Origin) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2020-08-24]
FF Extension: (summer dawn) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{51a9bbc8-2d3b-4e5d-9fb4-0fb4019bf4d2}.xpi [2020-08-24]
FF Extension: (Painted sea dreams) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{52cccb91-1a4c-4785-9697-8dd898b5be7e}.xpi [2020-08-24]
FF Extension: (Matrix 1 animated) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{8af4f4ff-a5ce-4e59-b057-5146c9f1ded7}.xpi [2020-08-24]
FF Extension: (Christmas_Lights_03) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{aaaa902e-d0aa-4052-8b99-840f02b28b27}.xpi [2020-12-29]
FF Extension: (Flowers on fire) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{ad087853-d443-42e2-97dc-09e11eaabb4f}.xpi [2020-08-24]
FF Extension: (Christmas Lights Animation) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{c48107ac-9775-42e5-b553-700c991af522}.xpi [2020-08-24]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2021-02-08]
FF Extension: (Cars Firefoxed) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{f29c4a56-63a9-4e3a-9233-f3f2ffaba9a9}.xpi [2020-08-24]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3520614324-3008203260-1982206474-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6278712 2021-02-01] (devolo AG -> devolo AG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-02-01] (devolo AG -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\Users\Pascal\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATTENTION
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-04 21:01 - 2021-04-04 21:02 - 000014921 _____ C:\Users\Pascal\Downloads\FRST.txt
2021-04-04 21:00 - 2021-04-04 21:01 - 000000000 ____D C:\FRST
2021-04-04 21:00 - 2021-04-04 21:00 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2021-04-04 20:48 - 2021-04-04 20:48 - 000256403 _____ C:\Users\Pascal\Desktop\04042021 20h48 zhpdiag.txt
2021-04-04 18:26 - 2021-04-04 18:37 - 000000000 ____D C:\Users\Pascal\Desktop\bearwww
2021-04-03 22:52 - 2021-03-15 19:22 - 000894448 _____ (CGSecurity) C:\Users\Pascal\Documents\testdisk_win.exe
2021-04-03 22:42 - 2021-04-03 22:42 - 000012230 _____ C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21.html
2021-04-03 22:42 - 2021-04-03 22:42 - 000000000 ____D C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21_fichiers
2021-04-03 22:34 - 2021-04-03 22:34 - 000008989 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).html
2021-04-03 22:34 - 2021-04-03 22:34 - 000002722 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).txt
2021-04-03 22:31 - 2021-04-03 22:31 - 000008802 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).html
2021-04-03 22:31 - 2021-04-03 22:31 - 000002602 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).txt
2021-04-03 22:07 - 2021-04-03 22:07 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner.exe
2021-04-03 22:07 - 2021-04-03 22:07 - 000000876 _____ C:\Users\Pascal\Desktop\ZHPCleaner.lnk
2021-04-03 21:27 - 2021-04-03 21:27 - 000000000 ____D C:\Users\Pascal\Desktop\Peugeot Update
2021-04-03 21:05 - 2021-04-03 21:05 - 000613217 _____ C:\Users\Pascal\Desktop\ZHPDiag.html 03042021.html
2021-04-03 21:05 - 2021-04-03 21:05 - 000000000 ____D C:\Users\Pascal\Desktop\ZHPDiag.html 03042021_fichiers
2021-04-03 21:02 - 2021-04-04 20:41 - 000256403 _____ C:\Users\Pascal\Desktop\ZHPDiag.txt
2021-04-03 20:52 - 2021-04-04 20:47 - 000000729 _____ C:\Users\Pascal\Desktop\ZHPDiag.lnk
2021-04-03 20:52 - 2021-04-03 22:07 - 000000000 ____D C:\Users\Pascal\AppData\Local\ZHP
2021-04-03 20:51 - 2021-04-03 20:52 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(1).exe
2021-04-02 22:38 - 2021-04-02 22:38 - 001447178 _____ (Igor Pavlov) C:\Users\Pascal\Downloads\7z1900-x64.exe
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\Program Files\7-Zip
2021-04-02 21:47 - 2021-04-03 22:35 - 000000000 ____D C:\Program Files\Recuva
2021-04-02 21:47 - 2021-04-02 21:47 - 007638224 _____ (Piriform Software Ltd) C:\Users\Pascal\Downloads\rcsetup153.exe
2021-04-02 21:47 - 2021-04-02 21:47 - 000001659 _____ C:\ProgramData\Desktop\Recuva.lnk
2021-04-02 21:47 - 2021-04-02 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-04-02 21:04 - 2021-04-02 21:04 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-04-02 21:03 - 2021-04-02 21:03 - 036629064 _____ (EaseUS ) C:\Users\Pascal\Downloads\DRW13.5_Free.exe
2021-04-02 21:03 - 2021-04-02 21:03 - 000001034 _____ C:\ProgramData\Desktop\EaseUS Data Recovery Wizard.lnk
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\Program Files\EaseUS
2021-04-02 21:02 - 2021-04-02 21:03 - 002065800 _____ C:\Users\Pascal\Downloads\DRW_Free_RSS_new_Installer_20210402.4843.exe
2021-04-02 16:48 - 2021-04-02 16:49 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-04-02 16:38 - 2021-04-02 16:38 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(4).exe
2021-04-02 16:36 - 2021-04-02 16:36 - 000001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000001263 _____ C:\ProgramData\Desktop\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000000000 ____D C:\Users\Pascal\Suite NCH Software
2021-04-02 16:33 - 2021-04-02 16:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-02 14:51 - 2021-04-02 14:51 - 000007190 _____ C:\Users\Pascal\Desktop\license_0D011A0BB9D4EA98C3FB_001315031601451350.key
2021-04-02 14:33 - 2021-04-03 21:27 - 000001884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-03 21:27 - 000001854 _____ C:\ProgramData\Desktop\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-02 14:37 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(3).tar
2021-04-02 13:52 - 2021-04-02 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-02 13:42 - 2021-04-02 13:42 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(3).exe
2021-04-02 12:37 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Downloads\UpdateInfo.xml
2021-04-02 12:35 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Downloads\SWL
2021-04-02 12:21 - 2021-04-02 12:25 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(2).tar
2021-04-02 02:50 - 2021-04-02 14:51 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Peugeot Update
2021-04-02 02:50 - 2021-04-02 12:57 - 000000000 ____D C:\Program Files\Peugeot Update
2021-04-02 02:36 - 2021-04-02 02:38 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(1).tar
2021-04-02 01:45 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Documents\UpdateInfo.xml
2021-04-02 01:43 - 2021-04-02 01:43 - 000000000 ____D C:\Users\Pascal\Documents\SWL
2021-04-02 01:38 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Documents\ExpressZip - PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.temp
2021-04-02 01:26 - 2021-04-02 01:28 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-03-22 22:39 - 2021-03-22 22:39 - 017051671 _____ C:\Users\Pascal\Downloads\sissel_p3GfFpcD_GDuo.mp4
2021-03-22 22:22 - 2021-03-22 22:22 - 000185527 _____ C:\Users\Pascal\Downloads\auto_resize_image-1.1.0-tb.xpi
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 21:28 - 2021-03-13 21:28 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 21:27 - 2021-03-13 21:27 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 21:27 - 2021-03-13 21:27 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-04 20:47 - 2020-08-27 10:40 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\ZHP
2021-04-04 20:47 - 2020-08-14 11:14 - 000000000 ____D C:\Users\Pascal
2021-04-04 20:47 - 2020-06-17 18:20 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2021-04-04 20:34 - 2020-08-14 11:27 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-04 20:34 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-04 20:34 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-04 20:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-04 20:33 - 2020-06-20 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-04 20:32 - 2020-06-17 21:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Users\Pascal\AppData\Local\Google
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-04 20:31 - 2020-06-17 21:13 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Mozilla
2021-04-04 20:30 - 2020-08-14 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-04 20:30 - 2020-08-14 11:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-04 20:30 - 2020-06-17 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-04 20:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-04 18:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-03 22:05 - 2020-08-14 11:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-03 21:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-03 18:24 - 2020-06-22 20:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 18:24 - 2020-06-22 20:16 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-02 22:05 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\Anciennes données de Firefox
2021-04-02 19:22 - 2020-06-17 21:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-02 16:36 - 2020-08-14 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-04-02 16:36 - 2020-07-23 22:01 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-04-02 16:33 - 2020-06-17 21:13 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-02 14:43 - 2020-08-14 22:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-02 14:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-02 13:21 - 2020-08-24 10:37 - 000000000 ____D C:\Users\Pascal\Desktop\OpenOffice 4.1.7 (fr) Installation Files
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\test
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\defaultuser0
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\SWL
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\Introduction Ce que vous devez savoir sur le russe — Maîtriser le russe dans les 60 jours qui viennent... même en partant de zéro_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\25032020 Buy Cheap Xbox ONE Membership Deal, PSN Gift card, Game keys on Goodoffer24_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\- Modules pour Firefox_fichiers
2021-04-02 13:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-02 13:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-04-02 10:39 - 2020-06-21 01:56 - 000000000 ____D C:\Users\Pascal\AppData\Local\CrashDumps
2021-04-02 01:32 - 2020-07-23 22:01 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-15 20:27 - 2020-06-18 00:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 00:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-14 11:19 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Zoom
2021-03-13 23:01 - 2020-08-14 11:25 - 000456488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 20:28 - 2020-06-17 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 20:25 - 2020-06-17 18:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 11:46 - 2020-08-16 23:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2020-06-17 18:20 - 2021-04-04 20:47 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2020-06-17 18:20 - 2020-03-23 21:57 - 003426688 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPSuite.exe
2021-01-04 03:46 - 2021-01-10 18:00 - 000007605 _____ () C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================