Publicité
Publicité
Commentaire : doc 2
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Exécuté par jmgna (administrateur) sur DESKTOP-N0BOCTH (Acer Aspire E1-771) (22-03-2022 15:44:32)
Exécuté depuis C:\Users\jmgna\Desktop
Profils chargés: jmgna
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1586 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(C:\Program Files\Apoint2K\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_launcher.exe [14751752 2020-02-04] (mquadr.at software engineering und consulting GmbH -> Swisscom)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23993176 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [EA39668C0923BF9650DF54EE420584A9D38CB5B6._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [uTorrent] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-11-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [ut] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Stable] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-23] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {4637ae8b-45ce-11e6-ad8d-6002b466c740} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {92495a38-82b2-11eb-a220-6002b466c740} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {ba45b9f5-022c-11eb-a1e7-6002b466c740} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-21] (Google LLC -> Google LLC)
Startup: C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-11]
ShortcutTarget: MEGAsync.lnk -> C:\Users\jmgna\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01BC8CF5-917F-4977-9848-4B013000207F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-166249747-1253889427-3841345064-1001 => C:\Users\jmgna\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-10-10] (Mega Limited -> Mega Limited)
Task: {447823A9-3209-4C0C-BC83-B4E697AC3CB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (Pas de fichier)
Task: {4A2B14D2-0901-49F9-AC02-D5D79B266AC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {592937B3-3E51-4A74-9145-92A1EB244347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (Pas de fichier)
Task: {6D5B6D69-7847-47EC-AF5E-AA1F1FA5D518} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {71381F10-CC19-4E59-9EDF-7C1DFFBAA904} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7455A09C-72D8-4373-94A5-212C94492F39} - \Microsoft\Windows\Setup\EM -> Pas de fichier <==== ATTENTION
Task: {7F473037-F4D2-47B9-B08F-375C2A0A3B4D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {95FDAE5A-2055-467C-AEF0-733CBE4C1C0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {96D629E7-033D-4FF3-9328-7B40EF4BD29B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B3F7546-45DE-45B9-B0D8-DC20E6E4FA15} - \Microsoft\Windows\AppListBackup\Backup -> Pas de fichier <==== ATTENTION
Task: {A27052E7-C90C-4D5C-A0A1-129B0A514600} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {B3C1C63F-98F1-41E0-AA08-F5BC7AAB0AC2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] () [Fichier non signé]
Task: {B5409C8F-039B-466B-A816-DC38BD339411} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7C32EE0-9EA0-450A-B57B-0EA1F1D1359C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA0F38B4-0358-40CF-8BA6-730FE410796D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC)
Task: {CB9C1C84-0DAF-41DE-9D30-4625EF4157F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E26F5EAE-CA00-4AB7-BF4A-67D204E8DBD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (Pas de fichier)
Task: {F66F0C21-214B-44B1-8D91-CAEDFD077685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (Pas de fichier)
Task: {FA504341-F61E-4CC1-AED7-CB0A3D742465} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\ASR-Startup.job => C:\Program Files (x86)\Advanced System Repair Pro 1.9.3.8.0\AdvancedSystemRepairPro.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-21]
Edge Extension: (Halo – Arrival) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddgdgdmkcagpbibgcilbidjfokdngfld [2021-07-31]
Edge Extension: (Total Adblock - Ad Blocker) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkkldohdhcfhpjchcefpkfhjfeapdmek [2022-02-17]
FireFox:
========
FF DefaultProfile: iqivk9tf.default
FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default [2022-01-13]
FF Homepage: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2021-04-14 03:26:16&bName=
FF Extension: (Avira Browser Safety) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default\Extensions\abs@avira.com [2022-01-13]
FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734 [2022-03-21]
FF Extension: (AdBlocker Ultimate) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\adblockultimate@adblockultimate.net.xpi [2021-12-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-18]
FF Extension: (Google Translator for Firefox) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\translator@zoli.bod.xpi [2021-07-31]
FF Extension: (smritiman) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{1754c630-66d8-4ce3-a2f0-5188a33f0573}.xpi [2021-07-31]
FF Extension: (abstract colorful owl by candelora) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{2a608150-0a07-4e71-b644-3edb9abd8d35}.xpi [2021-09-29]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2021-11-27]
FF Extension: (R A I E S) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{6ca6151e-1a42-4058-ab26-89ebb2dd0f86}.xpi [2021-07-31]
FF Extension: (Fluffy Little White Birds by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{8be36b23-4549-4cde-af33-c753bfe61659}.xpi [2022-01-05]
FF Extension: (SciFi) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{a7f8e0cd-f3f4-41bb-9043-d3fc0e9e0b92}.xpi [2021-09-29]
FF Extension: (Fall Puppy) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{b74e6c60-9306-4a5a-b1cd-6911d5b44181}.xpi [2021-07-31]
FF Extension: (Phoenix in the clouds) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{cc7f2c6a-0b09-4db8-bb39-9135dac20fab}.xpi [2021-07-31]
FF Extension: (Strands of Gold by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{ced087e8-01fe-4ff3-b168-b6fff293f019}.xpi [2021-07-31]
FF Extension: (My Vinyl) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{f7c1330c-e6b9-42ca-9e14-2b2d29d02e48}.xpi [2021-07-31]
FF Extension: (Northern Lake FT by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2021-09-29]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default [2022-03-22]
CHR DownloadDir: C:\Users\jmgna\Desktop
CHR HomePage: Default -> hxxp://www.google.ch/firefox?client=firefox-a&rls=org.mozilla:fr:official
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-21]
CHR Extension: (Docs) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-21]
CHR Extension: (Google Drive) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-21]
CHR Extension: (YouTube) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-03-21]
CHR Extension: (Sheets) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-21]
CHR Extension: (Save image as Type) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabfmnliflodkdafenbcpjdlppllnemd [2022-03-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-21]
CHR Extension: (Gmail) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-21]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-166249747-1253889427-3841345064-1001) Opera GXStable - "C:\Users\jmgna\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AthDfu; C:\WINDOWS\System32\Drivers\AthDfu.sys [55448 2013-05-31] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [437800 2021-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 MpKslf1041fc9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9BF9D33-CFAB-46AA-90AE-17B4D2EDD824}\MpKslDrv.sys [137464 2022-03-22] (Microsoft Windows -> Microsoft Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-22 15:44 - 2022-03-22 15:47 - 000027236 _____ C:\Users\jmgna\Desktop\FRST.txt
2022-03-22 15:40 - 2022-03-22 15:40 - 002364928 _____ (Farbar) C:\Users\jmgna\Desktop\FRST64.exe
2022-03-22 11:14 - 2022-03-22 11:14 - 000000000 ___HD C:\$SysReset
2022-03-22 09:15 - 2022-03-22 09:16 - 000001394 _____ C:\Users\jmgna\Desktop\BUDGET.lnk
2022-03-21 17:07 - 2022-03-21 17:07 - 000000114 ___RH C:\Users\jmgna\Downloads\Stinger.opt
2022-03-21 16:56 - 2022-03-21 16:56 - 000000000 ____D C:\Program Files\McAfee
2022-03-21 16:55 - 2022-03-21 17:07 - 000000000 ____D C:\Program Files\stinger
2022-03-21 15:29 - 2022-03-21 15:29 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-21 15:29 - 2022-03-21 15:29 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-21 15:28 - 2022-03-21 15:28 - 000000000 ____D C:\Program Files\Google
2022-03-21 14:03 - 2022-03-21 14:04 - 075038802 _____ C:\Users\jmgna\Downloads\Decrypt Software.avi
2022-03-21 13:29 - 2022-03-21 13:30 - 000000000 ____D C:\WINDOWS\LastGood
2022-03-21 11:17 - 2022-03-21 11:18 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-03-21 09:06 - 2022-03-21 09:06 - 000001107 _____ C:\Users\jmgna\Downloads\_readme.txt
2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ C:\Users\jmgna\AppData\Local\bowsakkdestx.txt
2022-03-21 09:06 - 2022-03-21 09:06 - 000000000 ____D C:\SystemID
2022-03-21 08:54 - 2022-03-21 08:55 - 027525120 _____ C:\WINDOWS\system32\config\BCD00000
2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\Yandex
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\79a68ccd-7c0c-41e7-bf99-7ac40ed2656f
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\ProgramData\WDZ68N2BOQ51SWYS4A1CJ0KJ8
2022-03-21 08:51 - 2022-03-21 11:09 - 000000000 ____D C:\Program Files (x86)\AtomTweaker
2022-03-19 19:17 - 2022-03-19 19:17 - 000000000 ____D C:\Users\jmgna\Downloads\Telegram Desktop
2022-03-19 08:22 - 2022-03-19 08:22 - 000000382 _____ C:\WINDOWS\Tasks\ASR-Startup.job
2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ C:\Users\jmgna\AppData\Local\recently-used.xbel
2022-03-11 09:12 - 2022-03-11 09:12 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 09:11 - 2022-03-11 09:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 09:10 - 2022-03-11 09:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 09:09 - 2022-03-11 09:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 09:09 - 2022-03-11 09:09 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 07:59 - 2022-03-11 07:59 - 000000000 ___HD C:\$WinREAgent
2022-03-03 10:52 - 2022-03-03 10:52 - 000019611 _____ C:\Users\jmgna\AppData\LocalLow\WMveuky95hM.zip
2022-03-03 10:52 - 2022-03-03 10:52 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\wT6wL5h
2022-03-03 10:03 - 2022-03-03 10:03 - 000000036 _____ C:\Users\jmgna\MJKJDeviceGUID
2022-02-21 11:12 - 2022-03-03 08:30 - 000001426 _____ C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-02-21 11:12 - 2022-02-21 11:12 - 000001442 _____ C:\Users\jmgna\Desktop\Navigateur Opera GX.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-22 15:48 - 2019-06-02 13:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-22 15:46 - 2019-09-22 15:48 - 000000000 ____D C:\FRST
2022-03-22 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-22 15:33 - 2016-05-05 06:07 - 000000000 __SHD C:\Users\jmgna\IntelGraphicsProfiles
2022-03-22 11:11 - 2020-06-16 15:39 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MediaMonkey
2022-03-22 10:53 - 2019-06-02 15:17 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\AIMP
2022-03-22 10:36 - 2021-11-24 08:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\TeraCopy
2022-03-22 10:36 - 2020-11-01 14:39 - 000000000 ____D C:\Users\jmgna
2022-03-22 09:20 - 2016-12-16 16:49 - 000000000 ____D C:\Ma Musique
2022-03-22 09:19 - 2016-05-12 06:33 - 000000000 ___RD C:\Users\jmgna\3D Objects
2022-03-22 08:58 - 2022-01-02 10:08 - 000000000 ____D C:\Users\jmgna\Downloads\PMT Avril 2022
2022-03-22 08:58 - 2021-10-22 18:01 - 000000000 ____D C:\Users\jmgna\Documents\Sanitas 2022
2022-03-21 20:46 - 2019-06-02 16:12 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MusicBee
2022-03-21 19:30 - 2020-11-02 07:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 16:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 15:49 - 2020-11-10 10:41 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2022-03-21 15:49 - 2019-08-21 18:34 - 000000000 ____D C:\Program Files\CCleaner
2022-03-21 15:11 - 2020-11-02 07:37 - 001778692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-21 15:11 - 2019-12-07 15:49 - 000795802 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-21 15:11 - 2019-12-07 15:49 - 000151166 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-21 15:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-21 14:41 - 2019-07-08 11:44 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\ZHP
2022-03-21 14:08 - 2021-08-08 07:34 - 000000000 ____D C:\Users\jmgna\Downloads\Logiciel
2022-03-21 13:38 - 2019-06-02 15:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\audacity
2022-03-21 13:35 - 2020-07-28 08:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-21 13:35 - 2020-07-28 08:30 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-21 13:29 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-03-21 13:28 - 2020-11-02 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 13:28 - 2020-11-02 07:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-21 13:27 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 11:09 - 2022-01-19 18:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Telegram Desktop
2022-03-21 11:09 - 2021-10-05 13:00 - 000000000 ___HD C:\Users\jmgna\AppData\Local\cache
2022-03-21 11:09 - 2021-04-07 08:06 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-21 11:09 - 2020-12-30 15:48 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-03-21 11:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX3
2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-03-21 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-03-21 10:43 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Local\Spotify
2022-03-21 10:07 - 2021-11-12 17:05 - 000027795 ___SH C:\Users\jmgna\Downloads\Folder.jpg.ssoi
2022-03-21 10:07 - 2021-11-12 17:05 - 000006839 ___SH C:\Users\jmgna\Downloads\AlbumArtSmall.jpg.ssoi
2022-03-21 10:07 - 2019-05-22 16:13 - 000000496 ____H C:\Users\jmgna\Documents\~$dio MP3.rtf.ssoi
2022-03-21 10:07 - 2017-05-17 09:30 - 000053582 ____H C:\Users\jmgna\Downloads\Thumbs.db.ssoi
2022-03-21 10:07 - 2017-02-21 17:10 - 000000496 ____H C:\Users\jmgna\Downloads\~$Doc1.pdf.ssoi
2022-03-21 10:05 - 2021-11-12 20:30 - 000000000 ___HD C:\Users\jmgna\.obs64
2022-03-21 10:05 - 2020-03-26 08:30 - 003293670 _____ C:\Users\jmgna\ZHPCleaner.exe.ssoi
2022-03-21 10:05 - 2018-11-06 16:18 - 000000000 ____D C:\Users\jmgna\.gimp-2.8
2022-03-21 10:05 - 2018-09-06 10:15 - 000000000 ____D C:\Users\jmgna\.config
2022-03-21 10:05 - 2017-07-29 17:36 - 000000622 _____ C:\Users\jmgna\moi nouveau.sde.ssoi
2022-03-21 10:05 - 2017-07-23 15:56 - 000000366 _____ C:\Users\jmgna\.gtk-bookmarks.ssoi
2022-03-21 10:05 - 2016-12-21 20:19 - 000000000 ___HD C:\Users\jmgna\.obs32
2022-03-21 10:05 - 2016-10-28 10:34 - 000000000 ____D C:\Users\jmgna\.android
2022-03-21 10:05 - 2016-06-22 14:22 - 002662734 _____ C:\Users\jmgna\ZHPDiag3.exe.ssoi
2022-03-21 10:05 - 2016-05-07 07:21 - 000000000 ____D C:\Users\jmgna\.oracle_jre_usage
2022-03-21 09:06 - 2016-05-06 20:22 - 000000000 ____D C:\AdwCleaner
2022-03-21 08:18 - 2019-05-16 10:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify
2022-03-21 07:57 - 2019-12-07 10:03 - 027000832 _____ C:\WINDOWS\system32\config\BCD000000
2022-03-21 07:45 - 2019-06-02 16:24 - 000000000 ____D C:\Program Files (x86)\Sidify
2022-03-19 09:00 - 2021-01-28 11:34 - 000000879 _____ C:\Users\jmgna\Desktop\ZHPCleaner.lnk
2022-03-19 08:33 - 2020-01-07 16:48 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MPC-HC
2022-03-18 09:27 - 2021-06-16 08:54 - 000000606 _____ C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job
2022-03-18 09:26 - 2021-11-29 10:28 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-18 09:26 - 2021-11-29 10:28 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-03-16 20:16 - 2019-06-04 09:22 - 000000000 ____D C:\Users\jmgna\AppData\Local\babl-0.1
2022-03-16 17:03 - 2019-06-19 18:20 - 000000000 ____D C:\Users\jmgna\AppData\Local\gtk-2.0
2022-03-16 13:39 - 2018-09-04 19:52 - 000001127 _____ C:\Users\jmgna\Desktop\S E R I E S.lnk
2022-03-15 08:00 - 2019-06-25 09:38 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\spek
2022-03-15 07:07 - 2019-06-02 13:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-11 19:52 - 2020-11-02 07:16 - 000475312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 19:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 09:23 - 2020-09-30 16:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 09:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 09:08 - 2020-11-02 07:21 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 07:59 - 2019-06-03 08:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 07:54 - 2019-06-03 08:45 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-03 10:57 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Spotify
2022-03-01 16:02 - 2019-06-15 21:03 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\uTorrent
2022-03-01 15:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-27 16:07 - 2019-06-07 17:19 - 000000000 ____D C:\Users\jmgna\AppData\Local\BitTorrentHelper
2022-02-26 13:51 - 2021-09-22 08:43 - 000000000 ____D C:\Users\jmgna\Documents\26.02.2022
2022-02-21 11:54 - 2022-02-19 20:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-21 11:13 - 2021-04-14 16:26 - 000000000 ____D C:\Users\jmgna\AppData\Local\Opera Software
2022-02-21 11:11 - 2021-08-11 07:57 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Opera Software
2022-02-20 12:21 - 2016-11-18 14:54 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\Mozilla
==================== Fichiers à la racine de certains dossiers ========
2019-06-21 10:21 - 2018-09-12 14:15 - 000000160 _____ () C:\ProgramData\dbdacm.dll
2020-03-26 08:30 - 2022-02-18 14:13 - 003293336 _____ (Nicolas Coolman) C:\Users\jmgna\ZHPCleaner.exe
2016-06-22 14:22 - 2017-02-12 09:33 - 002662400 _____ () C:\Users\jmgna\ZHPDiag3.exe
2022-01-14 12:55 - 2022-01-14 12:55 - 000269824 ___SH () C:\Users\jmgna\AppData\Roaming\jwegddu
2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT () C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp
2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ () C:\Users\jmgna\AppData\Local\bowsakkdestx.txt
2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ () C:\Users\jmgna\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {11a09118-585a-11e8-a9c8-a268ef347b35}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
displaymessageoverride PushButtonReset
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
nx OptIn
bootmenupolicy Standard
usefirmwarepcisettings No
Chargeur de d‚marrage Windows
-----------------------------
identificateur {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a}
bootstatdevice partition=C:
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
bootstatfilepath \$SysReset\Logs\WinRE\bootstat.dat
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {e466e2cb-853a-11e9-af0b-bc15b8ac668a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par jmgna (administrateur) sur DESKTOP-N0BOCTH (Acer Aspire E1-771) (22-03-2022 15:44:32)
Exécuté depuis C:\Users\jmgna\Desktop
Profils chargés: jmgna
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1586 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(C:\Program Files\Apoint2K\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_launcher.exe [14751752 2020-02-04] (mquadr.at software engineering und consulting GmbH -> Swisscom)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23993176 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [EA39668C0923BF9650DF54EE420584A9D38CB5B6._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [uTorrent] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-11-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [ut] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Stable] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-23] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {4637ae8b-45ce-11e6-ad8d-6002b466c740} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {92495a38-82b2-11eb-a220-6002b466c740} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {ba45b9f5-022c-11eb-a1e7-6002b466c740} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-21] (Google LLC -> Google LLC)
Startup: C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-11]
ShortcutTarget: MEGAsync.lnk -> C:\Users\jmgna\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01BC8CF5-917F-4977-9848-4B013000207F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-166249747-1253889427-3841345064-1001 => C:\Users\jmgna\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-10-10] (Mega Limited -> Mega Limited)
Task: {447823A9-3209-4C0C-BC83-B4E697AC3CB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (Pas de fichier)
Task: {4A2B14D2-0901-49F9-AC02-D5D79B266AC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {592937B3-3E51-4A74-9145-92A1EB244347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (Pas de fichier)
Task: {6D5B6D69-7847-47EC-AF5E-AA1F1FA5D518} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {71381F10-CC19-4E59-9EDF-7C1DFFBAA904} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7455A09C-72D8-4373-94A5-212C94492F39} - \Microsoft\Windows\Setup\EM -> Pas de fichier <==== ATTENTION
Task: {7F473037-F4D2-47B9-B08F-375C2A0A3B4D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {95FDAE5A-2055-467C-AEF0-733CBE4C1C0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {96D629E7-033D-4FF3-9328-7B40EF4BD29B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B3F7546-45DE-45B9-B0D8-DC20E6E4FA15} - \Microsoft\Windows\AppListBackup\Backup -> Pas de fichier <==== ATTENTION
Task: {A27052E7-C90C-4D5C-A0A1-129B0A514600} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {B3C1C63F-98F1-41E0-AA08-F5BC7AAB0AC2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] () [Fichier non signé]
Task: {B5409C8F-039B-466B-A816-DC38BD339411} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7C32EE0-9EA0-450A-B57B-0EA1F1D1359C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA0F38B4-0358-40CF-8BA6-730FE410796D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC)
Task: {CB9C1C84-0DAF-41DE-9D30-4625EF4157F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E26F5EAE-CA00-4AB7-BF4A-67D204E8DBD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (Pas de fichier)
Task: {F66F0C21-214B-44B1-8D91-CAEDFD077685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (Pas de fichier)
Task: {FA504341-F61E-4CC1-AED7-CB0A3D742465} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\WINDOWS\Tasks\ASR-Startup.job => C:\Program Files (x86)\Advanced System Repair Pro 1.9.3.8.0\AdvancedSystemRepairPro.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-21]
Edge Extension: (Halo – Arrival) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddgdgdmkcagpbibgcilbidjfokdngfld [2021-07-31]
Edge Extension: (Total Adblock - Ad Blocker) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkkldohdhcfhpjchcefpkfhjfeapdmek [2022-02-17]
FireFox:
========
FF DefaultProfile: iqivk9tf.default
FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default [2022-01-13]
FF Homepage: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2021-04-14 03:26:16&bName=
FF Extension: (Avira Browser Safety) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default\Extensions\abs@avira.com [2022-01-13]
FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734 [2022-03-21]
FF Extension: (AdBlocker Ultimate) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\adblockultimate@adblockultimate.net.xpi [2021-12-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-18]
FF Extension: (Google Translator for Firefox) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\translator@zoli.bod.xpi [2021-07-31]
FF Extension: (smritiman) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{1754c630-66d8-4ce3-a2f0-5188a33f0573}.xpi [2021-07-31]
FF Extension: (abstract colorful owl by candelora) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{2a608150-0a07-4e71-b644-3edb9abd8d35}.xpi [2021-09-29]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2021-11-27]
FF Extension: (R A I E S) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{6ca6151e-1a42-4058-ab26-89ebb2dd0f86}.xpi [2021-07-31]
FF Extension: (Fluffy Little White Birds by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{8be36b23-4549-4cde-af33-c753bfe61659}.xpi [2022-01-05]
FF Extension: (SciFi) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{a7f8e0cd-f3f4-41bb-9043-d3fc0e9e0b92}.xpi [2021-09-29]
FF Extension: (Fall Puppy) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{b74e6c60-9306-4a5a-b1cd-6911d5b44181}.xpi [2021-07-31]
FF Extension: (Phoenix in the clouds) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{cc7f2c6a-0b09-4db8-bb39-9135dac20fab}.xpi [2021-07-31]
FF Extension: (Strands of Gold by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{ced087e8-01fe-4ff3-b168-b6fff293f019}.xpi [2021-07-31]
FF Extension: (My Vinyl) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{f7c1330c-e6b9-42ca-9e14-2b2d29d02e48}.xpi [2021-07-31]
FF Extension: (Northern Lake FT by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2021-09-29]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default [2022-03-22]
CHR DownloadDir: C:\Users\jmgna\Desktop
CHR HomePage: Default -> hxxp://www.google.ch/firefox?client=firefox-a&rls=org.mozilla:fr:official
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-21]
CHR Extension: (Docs) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-21]
CHR Extension: (Google Drive) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-21]
CHR Extension: (YouTube) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-03-21]
CHR Extension: (Sheets) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-21]
CHR Extension: (Save image as Type) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabfmnliflodkdafenbcpjdlppllnemd [2022-03-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-21]
CHR Extension: (Gmail) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-21]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-166249747-1253889427-3841345064-1001) Opera GXStable - "C:\Users\jmgna\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-03-11] (Microsoft Windows -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AthDfu; C:\WINDOWS\System32\Drivers\AthDfu.sys [55448 2013-05-31] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [437800 2021-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R3 MpKslf1041fc9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9BF9D33-CFAB-46AA-90AE-17B4D2EDD824}\MpKslDrv.sys [137464 2022-03-22] (Microsoft Windows -> Microsoft Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-22 15:44 - 2022-03-22 15:47 - 000027236 _____ C:\Users\jmgna\Desktop\FRST.txt
2022-03-22 15:40 - 2022-03-22 15:40 - 002364928 _____ (Farbar) C:\Users\jmgna\Desktop\FRST64.exe
2022-03-22 11:14 - 2022-03-22 11:14 - 000000000 ___HD C:\$SysReset
2022-03-22 09:15 - 2022-03-22 09:16 - 000001394 _____ C:\Users\jmgna\Desktop\BUDGET.lnk
2022-03-21 17:07 - 2022-03-21 17:07 - 000000114 ___RH C:\Users\jmgna\Downloads\Stinger.opt
2022-03-21 16:56 - 2022-03-21 16:56 - 000000000 ____D C:\Program Files\McAfee
2022-03-21 16:55 - 2022-03-21 17:07 - 000000000 ____D C:\Program Files\stinger
2022-03-21 15:29 - 2022-03-21 15:29 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-21 15:29 - 2022-03-21 15:29 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-21 15:28 - 2022-03-21 15:28 - 000000000 ____D C:\Program Files\Google
2022-03-21 14:03 - 2022-03-21 14:04 - 075038802 _____ C:\Users\jmgna\Downloads\Decrypt Software.avi
2022-03-21 13:29 - 2022-03-21 13:30 - 000000000 ____D C:\WINDOWS\LastGood
2022-03-21 11:17 - 2022-03-21 11:18 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-03-21 09:06 - 2022-03-21 09:06 - 000001107 _____ C:\Users\jmgna\Downloads\_readme.txt
2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ C:\Users\jmgna\AppData\Local\bowsakkdestx.txt
2022-03-21 09:06 - 2022-03-21 09:06 - 000000000 ____D C:\SystemID
2022-03-21 08:54 - 2022-03-21 08:55 - 027525120 _____ C:\WINDOWS\system32\config\BCD00000
2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\Yandex
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\79a68ccd-7c0c-41e7-bf99-7ac40ed2656f
2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\ProgramData\WDZ68N2BOQ51SWYS4A1CJ0KJ8
2022-03-21 08:51 - 2022-03-21 11:09 - 000000000 ____D C:\Program Files (x86)\AtomTweaker
2022-03-19 19:17 - 2022-03-19 19:17 - 000000000 ____D C:\Users\jmgna\Downloads\Telegram Desktop
2022-03-19 08:22 - 2022-03-19 08:22 - 000000382 _____ C:\WINDOWS\Tasks\ASR-Startup.job
2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ C:\Users\jmgna\AppData\Local\recently-used.xbel
2022-03-11 09:12 - 2022-03-11 09:12 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 09:11 - 2022-03-11 09:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 09:10 - 2022-03-11 09:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 09:09 - 2022-03-11 09:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 09:09 - 2022-03-11 09:09 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 07:59 - 2022-03-11 07:59 - 000000000 ___HD C:\$WinREAgent
2022-03-03 10:52 - 2022-03-03 10:52 - 000019611 _____ C:\Users\jmgna\AppData\LocalLow\WMveuky95hM.zip
2022-03-03 10:52 - 2022-03-03 10:52 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\wT6wL5h
2022-03-03 10:03 - 2022-03-03 10:03 - 000000036 _____ C:\Users\jmgna\MJKJDeviceGUID
2022-02-21 11:12 - 2022-03-03 08:30 - 000001426 _____ C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-02-21 11:12 - 2022-02-21 11:12 - 000001442 _____ C:\Users\jmgna\Desktop\Navigateur Opera GX.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-22 15:48 - 2019-06-02 13:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-22 15:46 - 2019-09-22 15:48 - 000000000 ____D C:\FRST
2022-03-22 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-22 15:33 - 2016-05-05 06:07 - 000000000 __SHD C:\Users\jmgna\IntelGraphicsProfiles
2022-03-22 11:11 - 2020-06-16 15:39 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MediaMonkey
2022-03-22 10:53 - 2019-06-02 15:17 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\AIMP
2022-03-22 10:36 - 2021-11-24 08:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\TeraCopy
2022-03-22 10:36 - 2020-11-01 14:39 - 000000000 ____D C:\Users\jmgna
2022-03-22 09:20 - 2016-12-16 16:49 - 000000000 ____D C:\Ma Musique
2022-03-22 09:19 - 2016-05-12 06:33 - 000000000 ___RD C:\Users\jmgna\3D Objects
2022-03-22 08:58 - 2022-01-02 10:08 - 000000000 ____D C:\Users\jmgna\Downloads\PMT Avril 2022
2022-03-22 08:58 - 2021-10-22 18:01 - 000000000 ____D C:\Users\jmgna\Documents\Sanitas 2022
2022-03-21 20:46 - 2019-06-02 16:12 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MusicBee
2022-03-21 19:30 - 2020-11-02 07:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-21 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-21 16:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-21 15:49 - 2020-11-10 10:41 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2022-03-21 15:49 - 2019-08-21 18:34 - 000000000 ____D C:\Program Files\CCleaner
2022-03-21 15:11 - 2020-11-02 07:37 - 001778692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-21 15:11 - 2019-12-07 15:49 - 000795802 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-21 15:11 - 2019-12-07 15:49 - 000151166 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-21 15:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-21 14:41 - 2019-07-08 11:44 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\ZHP
2022-03-21 14:08 - 2021-08-08 07:34 - 000000000 ____D C:\Users\jmgna\Downloads\Logiciel
2022-03-21 13:38 - 2019-06-02 15:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\audacity
2022-03-21 13:35 - 2020-07-28 08:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-21 13:35 - 2020-07-28 08:30 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-21 13:29 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-03-21 13:28 - 2020-11-02 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 13:28 - 2020-11-02 07:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-21 13:27 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 11:09 - 2022-01-19 18:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Telegram Desktop
2022-03-21 11:09 - 2021-10-05 13:00 - 000000000 ___HD C:\Users\jmgna\AppData\Local\cache
2022-03-21 11:09 - 2021-04-07 08:06 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-21 11:09 - 2020-12-30 15:48 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-03-21 11:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX3
2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-03-21 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-03-21 10:43 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Local\Spotify
2022-03-21 10:07 - 2021-11-12 17:05 - 000027795 ___SH C:\Users\jmgna\Downloads\Folder.jpg.ssoi
2022-03-21 10:07 - 2021-11-12 17:05 - 000006839 ___SH C:\Users\jmgna\Downloads\AlbumArtSmall.jpg.ssoi
2022-03-21 10:07 - 2019-05-22 16:13 - 000000496 ____H C:\Users\jmgna\Documents\~$dio MP3.rtf.ssoi
2022-03-21 10:07 - 2017-05-17 09:30 - 000053582 ____H C:\Users\jmgna\Downloads\Thumbs.db.ssoi
2022-03-21 10:07 - 2017-02-21 17:10 - 000000496 ____H C:\Users\jmgna\Downloads\~$Doc1.pdf.ssoi
2022-03-21 10:05 - 2021-11-12 20:30 - 000000000 ___HD C:\Users\jmgna\.obs64
2022-03-21 10:05 - 2020-03-26 08:30 - 003293670 _____ C:\Users\jmgna\ZHPCleaner.exe.ssoi
2022-03-21 10:05 - 2018-11-06 16:18 - 000000000 ____D C:\Users\jmgna\.gimp-2.8
2022-03-21 10:05 - 2018-09-06 10:15 - 000000000 ____D C:\Users\jmgna\.config
2022-03-21 10:05 - 2017-07-29 17:36 - 000000622 _____ C:\Users\jmgna\moi nouveau.sde.ssoi
2022-03-21 10:05 - 2017-07-23 15:56 - 000000366 _____ C:\Users\jmgna\.gtk-bookmarks.ssoi
2022-03-21 10:05 - 2016-12-21 20:19 - 000000000 ___HD C:\Users\jmgna\.obs32
2022-03-21 10:05 - 2016-10-28 10:34 - 000000000 ____D C:\Users\jmgna\.android
2022-03-21 10:05 - 2016-06-22 14:22 - 002662734 _____ C:\Users\jmgna\ZHPDiag3.exe.ssoi
2022-03-21 10:05 - 2016-05-07 07:21 - 000000000 ____D C:\Users\jmgna\.oracle_jre_usage
2022-03-21 09:06 - 2016-05-06 20:22 - 000000000 ____D C:\AdwCleaner
2022-03-21 08:18 - 2019-05-16 10:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify
2022-03-21 07:57 - 2019-12-07 10:03 - 027000832 _____ C:\WINDOWS\system32\config\BCD000000
2022-03-21 07:45 - 2019-06-02 16:24 - 000000000 ____D C:\Program Files (x86)\Sidify
2022-03-19 09:00 - 2021-01-28 11:34 - 000000879 _____ C:\Users\jmgna\Desktop\ZHPCleaner.lnk
2022-03-19 08:33 - 2020-01-07 16:48 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MPC-HC
2022-03-18 09:27 - 2021-06-16 08:54 - 000000606 _____ C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job
2022-03-18 09:26 - 2021-11-29 10:28 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-18 09:26 - 2021-11-29 10:28 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-03-16 20:16 - 2019-06-04 09:22 - 000000000 ____D C:\Users\jmgna\AppData\Local\babl-0.1
2022-03-16 17:03 - 2019-06-19 18:20 - 000000000 ____D C:\Users\jmgna\AppData\Local\gtk-2.0
2022-03-16 13:39 - 2018-09-04 19:52 - 000001127 _____ C:\Users\jmgna\Desktop\S E R I E S.lnk
2022-03-15 08:00 - 2019-06-25 09:38 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\spek
2022-03-15 07:07 - 2019-06-02 13:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-11 19:52 - 2020-11-02 07:16 - 000475312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 19:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 09:23 - 2020-09-30 16:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 09:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 09:08 - 2020-11-02 07:21 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 07:59 - 2019-06-03 08:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 07:54 - 2019-06-03 08:45 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-03 10:57 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Spotify
2022-03-01 16:02 - 2019-06-15 21:03 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\uTorrent
2022-03-01 15:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-27 16:07 - 2019-06-07 17:19 - 000000000 ____D C:\Users\jmgna\AppData\Local\BitTorrentHelper
2022-02-26 13:51 - 2021-09-22 08:43 - 000000000 ____D C:\Users\jmgna\Documents\26.02.2022
2022-02-21 11:54 - 2022-02-19 20:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-21 11:13 - 2021-04-14 16:26 - 000000000 ____D C:\Users\jmgna\AppData\Local\Opera Software
2022-02-21 11:11 - 2021-08-11 07:57 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Opera Software
2022-02-20 12:21 - 2016-11-18 14:54 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\Mozilla
==================== Fichiers à la racine de certains dossiers ========
2019-06-21 10:21 - 2018-09-12 14:15 - 000000160 _____ () C:\ProgramData\dbdacm.dll
2020-03-26 08:30 - 2022-02-18 14:13 - 003293336 _____ (Nicolas Coolman) C:\Users\jmgna\ZHPCleaner.exe
2016-06-22 14:22 - 2017-02-12 09:33 - 002662400 _____ () C:\Users\jmgna\ZHPDiag3.exe
2022-01-14 12:55 - 2022-01-14 12:55 - 000269824 ___SH () C:\Users\jmgna\AppData\Roaming\jwegddu
2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT () C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp
2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ () C:\Users\jmgna\AppData\Local\bowsakkdestx.txt
2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ () C:\Users\jmgna\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Chargeur de d‚marrage Windows
-----------------------------
identificateur {11a09118-585a-11e8-a9c8-a268ef347b35}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
displaymessageoverride PushButtonReset
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
nx OptIn
bootmenupolicy Standard
usefirmwarepcisettings No
Chargeur de d‚marrage Windows
-----------------------------
identificateur {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a}
bootstatdevice partition=C:
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
bootstatfilepath \$SysReset\Logs\WinRE\bootstat.dat
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {e466e2c7-853a-11e9-af0b-bc15b8ac668a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {e466e2cb-853a-11e9-af0b-bc15b8ac668a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================