Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Exécuté par Pascal (administrateur) sur DESKTOP-IG3EAVC (HP-Pavilion WC963AA-ABF p6355fr) (05-04-2021 20:35:19)
Exécuté depuis C:\Users\Pascal\Downloads
Profils chargés: Pascal
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3520614324-3008203260-1982206474-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F229D8-774A-4153-9F3C-138C8A455074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04808CCE-5084-4B38-AF63-95D9F9BE8E52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {27FBEBC5-190E-4CC0-812F-2A55A37300E2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4568DE25-CDDE-4CDA-98D5-973C121C8D0C} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [1540648 2021-03-03] (NCH Software, Inc. -> NCH Software)
Task: {630707DE-D94C-4F6D-852A-E9E1B30B0E0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0E2D82-3BC0-4598-92CC-DDF6B8B43127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8244B273-8A5B-414D-A34B-9FA831E51569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1FC2708-76F2-4431-9E6B-BE5FC0114548} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d89aa4f8-6991-4ffb-92fb-bd9ec95e9ebc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-05]
Edge StartupUrls: Default -> "hxxps://mail01.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX"
Edge DefaultSearchURL: Default -> hxxps://static.jeanmarcmorandini.com/sites/jeanmarcmorandini.com/files/favicon_1.png
Edge Extension: (Office) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gggmmkjegpiggikcnhidnjjhmicpibll [2020-12-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-03]
Edge Extension: (Brûlé aux mains lors de son effroyable accident à Bahreïn, le pilote français Romain Grosjean annonce dans une vidéo, mettre fin à sa carrière en F1 - Regardez) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phlgiemfjphbfkglejjoaohkbajjiobi [2020-12-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 5penrpxb.default
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\5penrpxb.default [2021-04-05]
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 [2021-04-05]
FF Homepage: Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 -> hxxps://webmail1n.orange.fr/webmail/fr_FR/inbox.html?FOLDER=SF_INBOX|hxxps://www.facebook.com/
FF Extension: (Pas de nom) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12]
FF Extension: (uBlock Origin) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2020-08-24]
FF Extension: (summer dawn) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{51a9bbc8-2d3b-4e5d-9fb4-0fb4019bf4d2}.xpi [2020-08-24]
FF Extension: (Painted sea dreams) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{52cccb91-1a4c-4785-9697-8dd898b5be7e}.xpi [2020-08-24]
FF Extension: (Matrix 1 animated) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{8af4f4ff-a5ce-4e59-b057-5146c9f1ded7}.xpi [2020-08-24]
FF Extension: (Christmas_Lights_03) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{aaaa902e-d0aa-4052-8b99-840f02b28b27}.xpi [2020-12-29]
FF Extension: (Flowers on fire) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{ad087853-d443-42e2-97dc-09e11eaabb4f}.xpi [2020-08-24]
FF Extension: (Christmas Lights Animation) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{c48107ac-9775-42e5-b553-700c991af522}.xpi [2020-08-24]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2021-02-08]
FF Extension: (Cars Firefoxed) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{f29c4a56-63a9-4e3a-9233-f3f2ffaba9a9}.xpi [2020-08-24]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3520614324-3008203260-1982206474-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6278712 2021-02-01] (devolo AG -> devolo AG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-02-01] (devolo AG -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 20:33 - 2021-04-05 20:33 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(3).exe
2021-04-05 20:23 - 2021-04-05 20:23 - 000256022 _____ C:\Users\Pascal\Desktop\05042021 ZHPDiag.txt
2021-04-05 20:21 - 2021-04-05 20:21 - 000256022 _____ C:\Users\Pascal\Desktop\ZHPDiag.txt
2021-04-05 20:16 - 2021-04-05 20:16 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(2).exe
2021-04-05 20:12 - 2021-04-05 20:12 - 000002522 _____ C:\Users\Pascal\Desktop\05042021 ZHPCleaner (R).txt
2021-04-05 20:11 - 2021-04-05 20:11 - 000002522 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).txt
2021-04-05 20:02 - 2021-04-05 20:02 - 000002333 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).txt
2021-04-05 19:47 - 2021-04-05 19:47 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner(1).exe
2021-04-05 19:42 - 2021-04-05 19:42 - 000006027 _____ C:\Users\Pascal\Desktop\05042021Fixlog.txt
2021-04-05 19:18 - 2021-04-05 19:18 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(2).exe
2021-04-05 18:36 - 2021-04-05 19:24 - 000006027 _____ C:\Users\Pascal\Downloads\Fixlog.txt
2021-04-05 18:35 - 2021-04-05 18:35 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(1).exe
2021-04-04 21:05 - 2021-04-04 21:05 - 000058309 _____ C:\Users\Pascal\Downloads\Shortcut.txt
2021-04-04 21:03 - 2021-04-04 21:05 - 000030823 _____ C:\Users\Pascal\Downloads\Addition.txt
2021-04-04 21:01 - 2021-04-05 20:36 - 000014274 _____ C:\Users\Pascal\Downloads\FRST.txt
2021-04-04 21:00 - 2021-04-05 20:35 - 000000000 ____D C:\FRST
2021-04-04 21:00 - 2021-04-04 21:00 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2021-04-04 18:26 - 2021-04-04 23:08 - 000000000 ____D C:\Users\Pascal\Desktop\bearwww
2021-04-03 22:52 - 2021-03-15 19:22 - 000894448 _____ (CGSecurity) C:\Users\Pascal\Documents\testdisk_win.exe
2021-04-03 22:42 - 2021-04-03 22:42 - 000012230 _____ C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21.html
2021-04-03 22:42 - 2021-04-03 22:42 - 000000000 ____D C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21_fichiers
2021-04-03 22:34 - 2021-04-05 20:11 - 000008722 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).html
2021-04-03 22:31 - 2021-04-05 20:02 - 000008424 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).html
2021-04-03 22:07 - 2021-04-03 22:07 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner.exe
2021-04-03 22:07 - 2021-04-03 22:07 - 000000876 _____ C:\Users\Pascal\Desktop\ZHPCleaner.lnk
2021-04-03 21:27 - 2021-04-03 21:27 - 000000000 ____D C:\Users\Pascal\Desktop\Peugeot Update
2021-04-03 21:05 - 2021-04-03 21:05 - 000613217 _____ C:\Users\Pascal\Desktop\ZHPDiag.html 03042021.html
2021-04-03 21:05 - 2021-04-03 21:05 - 000000000 ____D C:\Users\Pascal\Desktop\ZHPDiag.html 03042021_fichiers
2021-04-03 20:52 - 2021-04-04 20:47 - 000000729 _____ C:\Users\Pascal\Desktop\ZHPDiag.lnk
2021-04-03 20:52 - 2021-04-03 22:07 - 000000000 ____D C:\Users\Pascal\AppData\Local\ZHP
2021-04-03 20:51 - 2021-04-03 20:52 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(1).exe
2021-04-02 22:38 - 2021-04-02 22:38 - 001447178 _____ (Igor Pavlov) C:\Users\Pascal\Downloads\7z1900-x64.exe
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\Program Files\7-Zip
2021-04-02 21:47 - 2021-04-03 22:35 - 000000000 ____D C:\Program Files\Recuva
2021-04-02 21:47 - 2021-04-02 21:47 - 007638224 _____ (Piriform Software Ltd) C:\Users\Pascal\Downloads\rcsetup153.exe
2021-04-02 21:47 - 2021-04-02 21:47 - 000001659 _____ C:\ProgramData\Desktop\Recuva.lnk
2021-04-02 21:47 - 2021-04-02 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-04-02 21:04 - 2021-04-02 21:04 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-04-02 21:03 - 2021-04-02 21:03 - 036629064 _____ (EaseUS ) C:\Users\Pascal\Downloads\DRW13.5_Free.exe
2021-04-02 21:03 - 2021-04-02 21:03 - 000001034 _____ C:\ProgramData\Desktop\EaseUS Data Recovery Wizard.lnk
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\Program Files\EaseUS
2021-04-02 21:02 - 2021-04-02 21:03 - 002065800 _____ C:\Users\Pascal\Downloads\DRW_Free_RSS_new_Installer_20210402.4843.exe
2021-04-02 16:48 - 2021-04-02 16:49 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-04-02 16:38 - 2021-04-02 16:38 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(4).exe
2021-04-02 16:36 - 2021-04-02 16:36 - 000001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000001263 _____ C:\ProgramData\Desktop\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000000000 ____D C:\Users\Pascal\Suite NCH Software
2021-04-02 16:33 - 2021-04-05 18:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-02 14:51 - 2021-04-02 14:51 - 000007190 _____ C:\Users\Pascal\Desktop\license_0D011A0BB9D4EA98C3FB_001315031601451350.key
2021-04-02 14:33 - 2021-04-03 21:27 - 000001884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-03 21:27 - 000001854 _____ C:\ProgramData\Desktop\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-02 14:37 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(3).tar
2021-04-02 13:52 - 2021-04-02 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-02 13:42 - 2021-04-02 13:42 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(3).exe
2021-04-02 12:37 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Downloads\UpdateInfo.xml
2021-04-02 12:35 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Downloads\SWL
2021-04-02 12:21 - 2021-04-02 12:25 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(2).tar
2021-04-02 02:50 - 2021-04-02 14:51 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Peugeot Update
2021-04-02 02:50 - 2021-04-02 12:57 - 000000000 ____D C:\Program Files\Peugeot Update
2021-04-02 02:36 - 2021-04-02 02:38 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(1).tar
2021-04-02 01:45 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Documents\UpdateInfo.xml
2021-04-02 01:43 - 2021-04-02 01:43 - 000000000 ____D C:\Users\Pascal\Documents\SWL
2021-04-02 01:38 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Documents\ExpressZip - PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.temp
2021-04-02 01:26 - 2021-04-02 01:28 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-03-22 22:39 - 2021-03-22 22:39 - 017051671 _____ C:\Users\Pascal\Downloads\sissel_p3GfFpcD_GDuo.mp4
2021-03-22 22:22 - 2021-03-22 22:22 - 000185527 _____ C:\Users\Pascal\Downloads\auto_resize_image-1.1.0-tb.xpi
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 21:28 - 2021-03-13 21:28 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 21:27 - 2021-03-13 21:27 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 21:27 - 2021-03-13 21:27 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 20:21 - 2020-08-27 10:40 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\ZHP
2021-04-05 20:14 - 2020-06-17 21:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-05 20:13 - 2020-06-17 21:13 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Mozilla
2021-04-05 19:32 - 2020-08-14 11:27 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-05 19:32 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-05 19:32 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-05 19:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-05 19:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-05 19:24 - 2020-08-14 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-05 19:24 - 2020-08-14 11:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 19:24 - 2020-06-17 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-05 19:24 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-05 19:07 - 2020-08-14 11:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 18:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-05 18:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-05 18:38 - 2020-07-31 21:45 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Temp
2021-04-05 18:36 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-04-04 20:47 - 2020-08-14 11:14 - 000000000 ____D C:\Users\Pascal
2021-04-04 20:47 - 2020-06-17 18:20 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2021-04-04 20:33 - 2020-06-20 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Users\Pascal\AppData\Local\Google
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-03 18:24 - 2020-06-22 20:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 18:24 - 2020-06-22 20:16 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-02 22:05 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\Anciennes données de Firefox
2021-04-02 19:22 - 2020-06-17 21:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-02 16:36 - 2020-08-14 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-04-02 16:36 - 2020-07-23 22:01 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-04-02 16:33 - 2020-06-17 21:13 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-02 14:43 - 2020-08-14 22:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-02 14:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-02 13:21 - 2020-08-24 10:37 - 000000000 ____D C:\Users\Pascal\Desktop\OpenOffice 4.1.7 (fr) Installation Files
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\test
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\defaultuser0
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\SWL
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\Introduction Ce que vous devez savoir sur le russe — Maîtriser le russe dans les 60 jours qui viennent... même en partant de zéro_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\25032020 Buy Cheap Xbox ONE Membership Deal, PSN Gift card, Game keys on Goodoffer24_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\- Modules pour Firefox_fichiers
2021-04-02 13:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-02 13:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-04-02 10:39 - 2020-06-21 01:56 - 000000000 ____D C:\Users\Pascal\AppData\Local\CrashDumps
2021-04-02 01:32 - 2020-07-23 22:01 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-15 20:27 - 2020-06-18 00:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 00:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-14 11:19 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Zoom
2021-03-13 23:01 - 2020-08-14 11:25 - 000456488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 20:28 - 2020-06-17 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 20:25 - 2020-06-17 18:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 11:46 - 2020-08-16 23:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2020-06-17 18:20 - 2021-04-04 20:47 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2020-06-17 18:20 - 2020-03-23 21:57 - 003426688 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Pascal (administrateur) sur DESKTOP-IG3EAVC (HP-Pavilion WC963AA-ABF p6355fr) (05-04-2021 20:35:19)
Exécuté depuis C:\Users\Pascal\Downloads
Profils chargés: Pascal
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3520614324-3008203260-1982206474-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F229D8-774A-4153-9F3C-138C8A455074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04808CCE-5084-4B38-AF63-95D9F9BE8E52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {27FBEBC5-190E-4CC0-812F-2A55A37300E2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4568DE25-CDDE-4CDA-98D5-973C121C8D0C} - System32\Tasks\NCH Software\ExpressZipSevenDays => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [1540648 2021-03-03] (NCH Software, Inc. -> NCH Software)
Task: {630707DE-D94C-4F6D-852A-E9E1B30B0E0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0E2D82-3BC0-4598-92CC-DDF6B8B43127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8244B273-8A5B-414D-A34B-9FA831E51569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1FC2708-76F2-4431-9E6B-BE5FC0114548} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d89aa4f8-6991-4ffb-92fb-bd9ec95e9ebc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-05]
Edge StartupUrls: Default -> "hxxps://mail01.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX"
Edge DefaultSearchURL: Default -> hxxps://static.jeanmarcmorandini.com/sites/jeanmarcmorandini.com/files/favicon_1.png
Edge Extension: (Office) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gggmmkjegpiggikcnhidnjjhmicpibll [2020-12-26]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-03]
Edge Extension: (Brûlé aux mains lors de son effroyable accident à Bahreïn, le pilote français Romain Grosjean annonce dans une vidéo, mettre fin à sa carrière en F1 - Regardez) - C:\Users\Pascal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phlgiemfjphbfkglejjoaohkbajjiobi [2020-12-07]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 5penrpxb.default
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\5penrpxb.default [2021-04-05]
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 [2021-04-05]
FF Homepage: Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895 -> hxxps://webmail1n.orange.fr/webmail/fr_FR/inbox.html?FOLDER=SF_INBOX|hxxps://www.facebook.com/
FF Extension: (Pas de nom) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12]
FF Extension: (uBlock Origin) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2020-08-24]
FF Extension: (summer dawn) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{51a9bbc8-2d3b-4e5d-9fb4-0fb4019bf4d2}.xpi [2020-08-24]
FF Extension: (Painted sea dreams) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{52cccb91-1a4c-4785-9697-8dd898b5be7e}.xpi [2020-08-24]
FF Extension: (Matrix 1 animated) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{8af4f4ff-a5ce-4e59-b057-5146c9f1ded7}.xpi [2020-08-24]
FF Extension: (Christmas_Lights_03) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{aaaa902e-d0aa-4052-8b99-840f02b28b27}.xpi [2020-12-29]
FF Extension: (Flowers on fire) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{ad087853-d443-42e2-97dc-09e11eaabb4f}.xpi [2020-08-24]
FF Extension: (Christmas Lights Animation) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{c48107ac-9775-42e5-b553-700c991af522}.xpi [2020-08-24]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2021-02-08]
FF Extension: (Cars Firefoxed) - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\l6pkip2p.default-release-1598294705895\Extensions\{f29c4a56-63a9-4e3a-9233-f3f2ffaba9a9}.xpi [2020-08-24]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3520614324-3008203260-1982206474-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6278712 2021-02-01] (devolo AG -> devolo AG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-08] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2021-02-01] (devolo AG -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 20:33 - 2021-04-05 20:33 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(3).exe
2021-04-05 20:23 - 2021-04-05 20:23 - 000256022 _____ C:\Users\Pascal\Desktop\05042021 ZHPDiag.txt
2021-04-05 20:21 - 2021-04-05 20:21 - 000256022 _____ C:\Users\Pascal\Desktop\ZHPDiag.txt
2021-04-05 20:16 - 2021-04-05 20:16 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(2).exe
2021-04-05 20:12 - 2021-04-05 20:12 - 000002522 _____ C:\Users\Pascal\Desktop\05042021 ZHPCleaner (R).txt
2021-04-05 20:11 - 2021-04-05 20:11 - 000002522 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).txt
2021-04-05 20:02 - 2021-04-05 20:02 - 000002333 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).txt
2021-04-05 19:47 - 2021-04-05 19:47 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner(1).exe
2021-04-05 19:42 - 2021-04-05 19:42 - 000006027 _____ C:\Users\Pascal\Desktop\05042021Fixlog.txt
2021-04-05 19:18 - 2021-04-05 19:18 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(2).exe
2021-04-05 18:36 - 2021-04-05 19:24 - 000006027 _____ C:\Users\Pascal\Downloads\Fixlog.txt
2021-04-05 18:35 - 2021-04-05 18:35 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64(1).exe
2021-04-04 21:05 - 2021-04-04 21:05 - 000058309 _____ C:\Users\Pascal\Downloads\Shortcut.txt
2021-04-04 21:03 - 2021-04-04 21:05 - 000030823 _____ C:\Users\Pascal\Downloads\Addition.txt
2021-04-04 21:01 - 2021-04-05 20:36 - 000014274 _____ C:\Users\Pascal\Downloads\FRST.txt
2021-04-04 21:00 - 2021-04-05 20:35 - 000000000 ____D C:\FRST
2021-04-04 21:00 - 2021-04-04 21:00 - 002298368 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2021-04-04 18:26 - 2021-04-04 23:08 - 000000000 ____D C:\Users\Pascal\Desktop\bearwww
2021-04-03 22:52 - 2021-03-15 19:22 - 000894448 _____ (CGSecurity) C:\Users\Pascal\Documents\testdisk_win.exe
2021-04-03 22:42 - 2021-04-03 22:42 - 000012230 _____ C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21.html
2021-04-03 22:42 - 2021-04-03 22:42 - 000000000 ____D C:\Users\Pascal\Desktop\03042021 ZHPCleaner-[R]-03042021-22_34_21_fichiers
2021-04-03 22:34 - 2021-04-05 20:11 - 000008722 _____ C:\Users\Pascal\Desktop\ZHPCleaner (R).html
2021-04-03 22:31 - 2021-04-05 20:02 - 000008424 _____ C:\Users\Pascal\Desktop\ZHPCleaner (S).html
2021-04-03 22:07 - 2021-04-03 22:07 - 003325592 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPCleaner.exe
2021-04-03 22:07 - 2021-04-03 22:07 - 000000876 _____ C:\Users\Pascal\Desktop\ZHPCleaner.lnk
2021-04-03 21:27 - 2021-04-03 21:27 - 000000000 ____D C:\Users\Pascal\Desktop\Peugeot Update
2021-04-03 21:05 - 2021-04-03 21:05 - 000613217 _____ C:\Users\Pascal\Desktop\ZHPDiag.html 03042021.html
2021-04-03 21:05 - 2021-04-03 21:05 - 000000000 ____D C:\Users\Pascal\Desktop\ZHPDiag.html 03042021_fichiers
2021-04-03 20:52 - 2021-04-04 20:47 - 000000729 _____ C:\Users\Pascal\Desktop\ZHPDiag.lnk
2021-04-03 20:52 - 2021-04-03 22:07 - 000000000 ____D C:\Users\Pascal\AppData\Local\ZHP
2021-04-03 20:51 - 2021-04-03 20:52 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\Downloads\ZHPDiag3(1).exe
2021-04-02 22:38 - 2021-04-02 22:38 - 001447178 _____ (Igor Pavlov) C:\Users\Pascal\Downloads\7z1900-x64.exe
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-04-02 22:38 - 2021-04-02 22:38 - 000000000 ____D C:\Program Files\7-Zip
2021-04-02 21:47 - 2021-04-03 22:35 - 000000000 ____D C:\Program Files\Recuva
2021-04-02 21:47 - 2021-04-02 21:47 - 007638224 _____ (Piriform Software Ltd) C:\Users\Pascal\Downloads\rcsetup153.exe
2021-04-02 21:47 - 2021-04-02 21:47 - 000001659 _____ C:\ProgramData\Desktop\Recuva.lnk
2021-04-02 21:47 - 2021-04-02 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-04-02 21:04 - 2021-04-02 21:04 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-04-02 21:03 - 2021-04-02 21:03 - 036629064 _____ (EaseUS ) C:\Users\Pascal\Downloads\DRW13.5_Free.exe
2021-04-02 21:03 - 2021-04-02 21:03 - 000001034 _____ C:\ProgramData\Desktop\EaseUS Data Recovery Wizard.lnk
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-04-02 21:03 - 2021-04-02 21:03 - 000000000 ____D C:\Program Files\EaseUS
2021-04-02 21:02 - 2021-04-02 21:03 - 002065800 _____ C:\Users\Pascal\Downloads\DRW_Free_RSS_new_Installer_20210402.4843.exe
2021-04-02 16:48 - 2021-04-02 16:49 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-04-02 16:38 - 2021-04-02 16:38 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(4).exe
2021-04-02 16:36 - 2021-04-02 16:36 - 000001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000001263 _____ C:\ProgramData\Desktop\Express Zip - Compresseur de fichiers.lnk
2021-04-02 16:36 - 2021-04-02 16:36 - 000000000 ____D C:\Users\Pascal\Suite NCH Software
2021-04-02 16:33 - 2021-04-05 18:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-02 14:51 - 2021-04-02 14:51 - 000007190 _____ C:\Users\Pascal\Desktop\license_0D011A0BB9D4EA98C3FB_001315031601451350.key
2021-04-02 14:33 - 2021-04-03 21:27 - 000001884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-03 21:27 - 000001854 _____ C:\ProgramData\Desktop\Peugeot Update.lnk
2021-04-02 14:33 - 2021-04-02 14:37 - 1285654528 _____ C:\Users\Pascal\Desktop\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(3).tar
2021-04-02 13:52 - 2021-04-02 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-02 13:42 - 2021-04-02 13:42 - 062574336 _____ (PSA Automobiles SA) C:\Users\Pascal\Downloads\peugeot_update(3).exe
2021-04-02 12:37 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Downloads\UpdateInfo.xml
2021-04-02 12:35 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Downloads\SWL
2021-04-02 12:21 - 2021-04-02 12:25 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(2).tar
2021-04-02 02:50 - 2021-04-02 14:51 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Peugeot Update
2021-04-02 02:50 - 2021-04-02 12:57 - 000000000 ____D C:\Program Files\Peugeot Update
2021-04-02 02:36 - 2021-04-02 02:38 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2(1).tar
2021-04-02 01:45 - 2021-01-11 12:06 - 000000368 _____ C:\Users\Pascal\Documents\UpdateInfo.xml
2021-04-02 01:43 - 2021-04-02 01:43 - 000000000 ____D C:\Users\Pascal\Documents\SWL
2021-04-02 01:38 - 2021-04-02 12:35 - 000000000 ____D C:\Users\Pascal\Documents\ExpressZip - PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.temp
2021-04-02 01:26 - 2021-04-02 01:28 - 1285654528 _____ C:\Users\Pascal\Downloads\PSA_map-eur_20.0.0-r0-NAC_EUR_WAVE2.tar
2021-03-22 22:39 - 2021-03-22 22:39 - 017051671 _____ C:\Users\Pascal\Downloads\sissel_p3GfFpcD_GDuo.mp4
2021-03-22 22:22 - 2021-03-22 22:22 - 000185527 _____ C:\Users\Pascal\Downloads\auto_resize_image-1.1.0-tb.xpi
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 21:28 - 2021-03-13 21:28 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-13 21:28 - 2021-03-13 21:28 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-13 21:27 - 2021-03-13 21:27 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-13 21:27 - 2021-03-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 21:27 - 2021-03-13 21:27 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-13 21:27 - 2021-03-13 21:27 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-05 20:21 - 2020-08-27 10:40 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\ZHP
2021-04-05 20:14 - 2020-06-17 21:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-05 20:13 - 2020-06-17 21:13 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Mozilla
2021-04-05 19:32 - 2020-08-14 11:27 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-05 19:32 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-05 19:32 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-05 19:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-05 19:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-05 19:24 - 2020-08-14 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-05 19:24 - 2020-08-14 11:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 19:24 - 2020-06-17 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-05 19:24 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-05 19:07 - 2020-08-14 11:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 18:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-05 18:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-05 18:38 - 2020-07-31 21:45 - 000000000 ____D C:\Users\Pascal\AppData\LocalLow\Temp
2021-04-05 18:36 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-04-04 20:47 - 2020-08-14 11:14 - 000000000 ____D C:\Users\Pascal
2021-04-04 20:47 - 2020-06-17 18:20 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2021-04-04 20:33 - 2020-06-20 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-04 20:33 - 2020-06-17 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Users\Pascal\AppData\Local\Google
2021-04-04 20:31 - 2020-06-21 01:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-03 18:24 - 2020-06-22 20:16 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 18:24 - 2020-06-22 20:16 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-02 22:05 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\Anciennes données de Firefox
2021-04-02 19:22 - 2020-06-17 21:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-02 16:36 - 2020-08-14 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2021-04-02 16:36 - 2020-07-23 22:01 - 000000000 ____D C:\Program Files (x86)\NCH Software
2021-04-02 16:33 - 2020-06-17 21:13 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-02 14:43 - 2020-08-14 22:35 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-02 14:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-02 13:21 - 2020-08-24 10:37 - 000000000 ____D C:\Users\Pascal\Desktop\OpenOffice 4.1.7 (fr) Installation Files
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\test
2021-04-02 13:21 - 2020-08-14 11:14 - 000000000 ____D C:\Users\defaultuser0
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\SWL
2021-04-02 13:21 - 2020-06-17 18:22 - 000000000 ____D C:\Users\Pascal\Desktop\Introduction Ce que vous devez savoir sur le russe — Maîtriser le russe dans les 60 jours qui viennent... même en partant de zéro_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\25032020 Buy Cheap Xbox ONE Membership Deal, PSN Gift card, Game keys on Goodoffer24_fichiers
2021-04-02 13:21 - 2020-06-17 18:20 - 000000000 ____D C:\Users\Pascal\Desktop\- Modules pour Firefox_fichiers
2021-04-02 13:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-02 13:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-04-02 10:39 - 2020-06-21 01:56 - 000000000 ____D C:\Users\Pascal\AppData\Local\CrashDumps
2021-04-02 01:32 - 2020-07-23 22:01 - 000000000 ____D C:\ProgramData\NCH Software
2021-03-15 20:27 - 2020-06-18 00:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 00:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-14 11:19 - 2020-06-24 21:19 - 000000000 ____D C:\Users\Pascal\AppData\Roaming\Zoom
2021-03-13 23:01 - 2020-08-14 11:25 - 000456488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 20:28 - 2020-06-17 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 20:25 - 2020-06-17 18:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 11:46 - 2020-08-16 23:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2020-06-17 18:20 - 2021-04-04 20:47 - 003273368 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPDiag3.exe
2020-06-17 18:20 - 2020-03-23 21:57 - 003426688 _____ (Nicolas Coolman) C:\Users\Pascal\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================