Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par KIKIZEBEST (administrateur) sur KIKIZEBEST-PC (TOSHIBA SATELLITE P500) (13-11-2023 19:33:39)
Exécuté depuis C:\Users\KIKIZEBEST\Desktop\FRST64.exe
Profils chargés: KIKIZEBEST
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\104.0.4944.36\opera_crashreporter.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe <21>
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(svchost.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.52331.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Impossible d'accéder au processus -> FreemakeUtilsService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [MicrosoftEdgeAutoLaunch_200444D055E1FAACE422774EF5EDB99D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3894824 2023-11-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\KIKIZEBEST\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [] => [X]
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 3830 series): C:\Windows\system32\HPDiscoPME511.dll [840328 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {AB53099B-25C8-4DC3-92E6-EE6FE862F9C5} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {D2B3F135-08FB-47BA-8CFD-B8C7B36DEFB2} - \Microsoft\Windows\Setup\EOSNotify2 -> Pas de fichier <==== ATTENTION
Task: {10AADE69-3DAB-4C3C-9CFE-BFE2BA424433} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {5B70D0D4-700C-46B1-8759-36790DC1506C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {A0B8C4FC-E0C6-4615-873A-E51E9B4549FB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6F096BD6-AA71-4870-9AE9-16A9D1F6C2B5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "607be473-25dd-4a2b-9250-1a6f5cf4700a" --version "6.17.10746" --silent
Task: {8F6395A8-A1E0-4CAD-BC3D-71593238D9E0} - System32\Tasks\CCleanerSkipUAC - KIKIZEBEST => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6BE1839E-CC79-4970-A327-E2700E71AB2E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5329808 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {13A53D53-06B8-497F-AC58-03955F7D1F61} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {ABAAB98A-DE9C-464E-A655-1412F2B4873E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier)
Task: {4F8DC2FD-733A-463B-B96E-B18D4782563A} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier)
Task: {1B1C03E1-21E1-47EE-B9A9-67F80B67D61A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {F35CD96A-E43A-4FD3-A06A-D9ED543BAB64} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {8793E292-7997-4C7E-B7D4-A6B16B5CFC32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {8708D4BA-CE50-487F-9A04-3B5FF3C1EBF5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {4BC1366C-A9CA-467C-B8E2-370BC7463018} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {6D2A8226-32AE-49CB-81EC-74BD18DA6632} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {6AD664C6-0D24-458B-84A2-E27D218F3123} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {0A6ED9C4-3122-49E6-B6B6-941005929EF8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {0A237144-3A45-427C-8076-46529D88A49D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {3DC822E5-68D8-44E2-B4F8-BB64DFBBEEB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {444C8714-F952-4397-BBCD-29D6F1969327} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {4A524E49-18BE-4530-91DF-26DFD07ACCC2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {6AB2F28C-E348-477A-A594-AAA7DF70328F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {4BA8157F-FB1F-4602-9892-9227C9410969} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {36939138-C033-4CD0-B7CF-DAD7738B5BD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {A5D427DA-668B-42F4-BA75-8522579363F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {4CCAEBA4-7671-473A-8982-0C42AEF73455} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {387920C6-4DA1-4D6E-983D-F9D2122F7422} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {A9529898-BB0F-4615-80D7-CE5D7F9D56B8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {D701F294-4690-403B-9C5D-F1F1A0E040FB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {F296F4AA-B2B8-4799-B3F1-9C2D4EAF68CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {5F5E4289-D87A-4B26-AD6E-28575BEF9C79} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {D366E9EC-2D71-4BD9-8B5A-30828E9CF0F2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {27735D62-238C-4F18-BE11-D4C07A4C8F74} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {36539C71-8E55-407A-9398-3002E01027FD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BBA1EE36-318C-41EF-9814-4B0392EBC91D} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {8D2EA610-AFC7-4118-81B4-97B9ABB51FB1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5FD6FF48-C749-4FAE-BE28-58FA3C7E2EA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91F2A08E-804F-481B-9EBC-BF1ED1F63856} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F759FC6E-D8AF-4EB3-B0F8-099B8F86764D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {068F2968-6C89-432A-8CC2-AD86EC50055D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C2477F8-FA4A-4ED6-96D4-4B6D952C7051} - System32\Tasks\Opera scheduled Autoupdate 1548525376 => C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\launcher.exe [2642848 2023-10-30] (Opera Norway AS -> Opera Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [NameServer] 1.0.0.1,208.67.222.220,192.168.0.1
Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [NameServer] 1.0.0.1,208.67.222.220
Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{888e49a3-0ab3-434f-874d-6598b9abddd2}: [NameServer] 1.0.0.1,208.67.222.220
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-12]
Edge Extension: (Avira Safe Shopping) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-11-12]
Edge Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-12]
Edge Extension: (Google Docs hors connexion) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-12]
Edge Extension: (Edge relevant text changes) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-12]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: pmhvk7af.default
FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default [2023-07-21]
FF Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default\Extensions\passwordmanager@avira.com [2019-11-19]
FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\ssc3cy3r.default-release-1609066141487 [2023-07-21]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe [718168 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe [473280 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe [330136 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe [480144 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe [24153096 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-31] (Mixbyte Inc -> Freemake)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-12] (Malwarebytes Inc. -> Malwarebytes)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iSkysoft Video Converter Ultimate Windows (FR)(CPC)\Transfer\DriverInstall.exe [107800 2019-07-09] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 64146C88; C:\WINDOWS\system32\drivers\64146C88.sys [255928 2023-10-23] (Malwarebytes Corporation -> Malwarebytes)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 dhotkey; C:\WINDOWS\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.)
R0 dhpevm; C:\WINDOWS\System32\drivers\dhpevm.SYS [29368 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project)
R1 dsrvctldrv; C:\WINDOWS\System32\drivers\dsrvctldrv.sys [30232 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\WINDOWS\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
S3 hidshim; C:\WINDOWS\system32\DRIVERS\hidshim.sys [6656 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> )
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nuvotoncir; C:\WINDOWS\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation)
S3 nuvotonhidcir; C:\WINDOWS\system32\DRIVERS\nuvotonhidcir.sys [32256 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation)
R3 O2SDGx64; C:\WINDOWS\System32\drivers\o2sdgx64.sys [56576 2012-09-06] (O2Micro -> O2Micro)
S3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2019-01-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA)
U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH)
U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
S0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-13 19:33 - 2023-11-13 19:34 - 000028095 _____ C:\Users\KIKIZEBEST\Desktop\FRST.txt
2023-11-13 19:29 - 2023-11-13 19:30 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\a envoyer
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 000000772 _____ C:\Users\KIKIZEBEST\Desktop\ZHPSuite.lnk
2023-11-12 22:17 - 2023-11-13 15:30 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Malwarebytes
2023-11-12 22:17 - 2023-11-12 22:17 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-12 22:17 - 2023-11-12 22:17 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-12 22:13 - 2023-11-12 22:13 - 002606880 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\MBSetup.exe
2023-11-12 21:59 - 2023-11-12 22:48 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\2e nettoyage
2023-11-12 21:42 - 2023-11-12 21:42 - 008791352 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\adwcleaner_8.4.0.exe
2023-11-12 20:58 - 2023-11-12 20:58 - 000000923 _____ C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.lnk
2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe
2023-11-11 12:04 - 2023-11-11 12:04 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1111E7AC.sys
2023-11-11 12:03 - 2023-11-11 12:42 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\mbar
2023-11-10 19:07 - 2023-11-10 19:07 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\ARGENT SANG
2023-11-10 18:59 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\uTorrent Web
2023-11-08 17:23 - 2023-11-09 05:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-11-01 08:15 - 2023-11-01 08:15 - 000000000 ____D C:\WINDOWS\Panther
2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe
2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe
2023-10-30 19:43 - 2023-11-13 19:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\REPAIR 3010
2023-10-26 11:53 - 2023-10-31 14:15 - 006646784 _____ C:\WINDOWS\system32\rtp.db
2023-10-14 10:29 - 2023-10-14 10:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\LASKO
2023-10-12 08:48 - 2023-10-12 08:48 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Backup
2023-10-11 10:56 - 2023-10-11 10:56 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-11 10:19 - 2023-10-11 10:19 - 000000000 ___HD C:\$WinREAgent
2023-10-06 11:42 - 2023-10-06 11:42 - 000000000 ____D C:\ProgramData\PLUG
2023-10-04 20:48 - 2023-11-13 19:10 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\molotov
2023-10-04 20:48 - 2023-10-04 20:48 - 000002393 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov.lnk
2023-09-29 18:31 - 2023-09-29 18:31 - 000936171 _____ C:\Users\KIKIZEBEST\Desktop\Base de données Vin.xlsx
2023-09-14 17:48 - 2023-09-20 19:49 - 001164893 _____ C:\Users\KIKIZEBEST\Desktop\xcbvxf.xlsx
2023-09-11 11:01 - 2023-09-11 11:03 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FOOT BARLIN
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-08-26 06:45 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\TORR
2023-08-18 07:26 - 2023-08-18 07:26 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FAILLES2
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-13 19:34 - 2022-06-05 12:01 - 000000000 ____D C:\FRST
2023-11-13 19:30 - 2019-03-17 19:04 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\ZHP
2023-11-13 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-13 19:12 - 2020-10-02 13:29 - 000000000 ____D C:\Users\KIKIZEBEST
2023-11-13 18:45 - 2020-10-02 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-13 18:07 - 2022-10-08 20:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-13 15:33 - 2020-10-02 16:51 - 001693648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-13 15:33 - 2019-12-07 15:49 - 000739230 _____ C:\WINDOWS\system32\perfh00C.dat
2023-11-13 15:33 - 2019-12-07 15:49 - 000147924 _____ C:\WINDOWS\system32\perfc00C.dat
2023-11-13 15:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-13 15:29 - 2020-10-02 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-13 15:01 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-13 08:58 - 2021-07-06 08:12 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-12 22:44 - 2019-01-26 18:34 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\CHEZ MOI
2023-11-12 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-12 22:16 - 2023-03-17 18:20 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-12 22:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-12 22:16 - 2019-02-15 20:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-11 12:42 - 2019-03-01 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2023-11-11 12:30 - 2019-02-10 09:58 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Word
2023-11-11 11:53 - 2020-10-19 22:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-11 11:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-10 19:07 - 2019-04-13 13:19 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\BitTorrentHelper
2023-11-09 20:35 - 2021-04-22 09:08 - 000000000 ____D C:\KVRT2020_Data
2023-11-09 18:48 - 2019-03-27 19:21 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\CrashDumps
2023-11-09 18:46 - 2023-06-25 09:58 - 000000000 ____D C:\Program Files\CCleaner
2023-11-09 16:19 - 2019-01-26 18:56 - 000001525 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-09 12:32 - 2015-02-02 12:28 - 000014492 _____ C:\Users\KIKIZEBEST\Desktop\LISTE ANNIVERSAIRES.xlsx
2023-11-09 05:25 - 2019-01-26 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-08 18:49 - 2019-01-26 19:05 - 000001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-11-08 16:45 - 2022-06-03 09:04 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\OISEAUX SEMAINE
2023-11-08 13:13 - 2020-04-22 13:11 - 000001426 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-08 13:11 - 2019-01-26 23:11 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Excel
2023-11-07 21:38 - 2019-01-26 20:29 - 000000000 ____D C:\Users\KIKIZEBEST\Documents\MyHeritage
2023-11-07 08:16 - 2020-01-17 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 21:38 - 2021-01-03 21:25 - 000013133 _____ C:\Users\KIKIZEBEST\Desktop\GMAIL.xlsx
2023-11-03 11:31 - 2020-01-17 15:20 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Packages
2023-11-03 11:29 - 2020-09-30 10:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-03 08:04 - 2023-06-25 09:58 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-01 20:46 - 2020-01-17 16:14 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\D3DSCache
2023-10-31 19:43 - 2019-04-05 19:22 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Facebook
2023-10-31 14:24 - 2019-01-26 20:07 - 000000000 ____D C:\Program Files (x86)\Avira
2023-10-31 14:22 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Avira
2023-10-31 14:16 - 2010-11-21 04:27 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-31 14:12 - 2019-05-02 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-10-31 14:10 - 2020-10-20 06:37 - 000002935 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint (1).lnk
2023-10-31 14:10 - 2020-10-20 06:37 - 000002923 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word (1).lnk
2023-10-31 14:07 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-31 12:59 - 2019-03-03 15:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\NVIDIA Corporation
2023-10-31 12:59 - 2019-03-03 15:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-10-31 12:59 - 2019-01-26 18:22 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-10-31 12:57 - 2019-05-20 07:58 - 000000000 ____D C:\Program Files\Java
2023-10-31 12:56 - 2020-07-30 09:20 - 000000000 ____D C:\ProgramData\GlarySoft
2023-10-31 12:56 - 2020-07-30 09:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\GlarySoft
2023-10-31 08:09 - 2020-10-19 22:57 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-31 08:09 - 2020-10-19 22:57 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-31 07:18 - 2020-10-02 16:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-30 13:04 - 2022-07-28 06:28 - 000020348 _____ C:\Users\KIKIZEBEST\Desktop\glycemie.xlsx
2023-10-27 19:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-25 12:56 - 2023-06-25 09:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-24 18:58 - 2023-06-25 09:58 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-24 07:40 - 2023-04-25 18:01 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\JV FAIT
2023-10-24 07:38 - 2023-05-08 20:32 - 001601536 _____ C:\Users\KIKIZEBEST\Desktop\Gestion-bibliotheque-Excel-gratuit (Enregistré automatiquement).xlsx
2023-10-23 08:10 - 2023-03-17 11:54 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\64146C88.sys
2023-10-22 15:54 - 2019-02-01 18:33 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\vlc
2023-10-21 17:14 - 2020-02-07 07:39 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\FSDART
2023-10-21 07:40 - 2020-02-07 07:39 - 000000000 ____D C:\ProgramData\F-Secure
2023-10-20 17:29 - 2020-10-02 16:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
==================== Fichiers à la racine de certains dossiers ========
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2022-10-25 12:24 - 2022-10-25 12:24 - 000000872 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\2d845f61-6fd4-4c25-be56-ac054468b3a2.tmp
2022-09-08 06:45 - 2022-09-08 06:45 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\44f702b9-2129-4c5e-be6e-edb29f149574.tmp
2022-08-14 13:28 - 2022-08-14 13:28 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\771d365c-3b53-455a-93ab-a0f3b1bebabb.tmp
2022-04-22 17:59 - 2022-04-22 17:59 - 000000705 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\c5c5984a-b917-4dd0-9614-c28d14f59a3f.tmp
2022-05-16 18:06 - 2022-05-16 18:06 - 000000867 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\e47d4395-7f92-4ee6-8f33-c7b629bbb655.tmp
2022-11-21 09:07 - 2022-11-21 09:07 - 000128964 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\316672665_5992031394194217_2706564476730116414_n.jpg
2019-02-24 01:24 - 2019-12-19 15:18 - 000097520 _____ () C:\Users\KIKIZEBEST\AppData\Local\ars.cache
2019-02-24 01:24 - 2019-12-19 15:18 - 000392277 _____ () C:\Users\KIKIZEBEST\AppData\Local\census.cache
2021-12-31 10:36 - 2021-12-31 10:36 - 000003584 _____ () C:\Users\KIKIZEBEST\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-23 19:52 - 2019-02-23 19:52 - 000000036 _____ () C:\Users\KIKIZEBEST\AppData\Local\housecall.guid.cache
2023-03-27 14:05 - 2023-03-27 14:05 - 000002377 _____ () C:\Users\KIKIZEBEST\AppData\Local\recently-used.xbel
2019-01-28 13:23 - 2019-11-12 20:11 - 000007618 _____ () C:\Users\KIKIZEBEST\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2019-11-20 07:58 - 2013-04-06 00:27 - 000324608 _____ (IntelleSoft) C:\WINDOWS\system32\BugTrap-x64.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2019-11-20 07:58 - 2017-07-30 06:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll
2019-11-20 07:58 - 2019-02-26 11:51 - 028414044 _____ C:\WINDOWS\system32\x265vfw.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2019-09-23 15:45 - 2013-09-17 08:23 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2019-01-26 20:29 - 2003-07-06 14:07 - 000372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libssl-1_1.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2020-01-24 17:27 - 2011-06-29 12:18 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2003-04-18 15:29 - 2003-04-18 15:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2019-01-26 20:29 - 2002-03-07 01:19 - 000454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2019-01-26 20:29 - 2010-06-17 19:49 - 002029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2021-03-17 15:30 - 2021-03-17 15:30 - 000012067 _____ C:\WINDOWS\SysWOW64\SIntf16.dll
2021-03-17 15:30 - 2021-03-17 15:30 - 000017212 _____ C:\WINDOWS\SysWOW64\SIntf32.dll
2021-03-17 15:30 - 2021-03-17 15:30 - 000021840 _____ C:\WINDOWS\SysWOW64\SIntfNT.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
1998-09-14 20:43 - 1998-09-14 20:43 - 000065536 _____ C:\WINDOWS\SysWOW64\TWAIN32d.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2019-01-26 23:26 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2017-07-30 09:50 - 2017-07-30 09:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2019-02-26 11:56 - 2019-02-26 11:56 - 006418389 _____ C:\WINDOWS\SysWOW64\x265vfw.dll
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe
2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe
2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {1c646c21-2152-11e9-b63b-9a0427bba6cf}
device ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {1c646c25-2152-11e9-b63b-9a0427bba6cf}
device ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {bb42aa50-3932-11ea-935d-9d9b8109c306}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {bb42aa4d-3932-11ea-935d-9d9b8109c306}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {1c646c22-2152-11e9-b63b-9a0427bba6cf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\boot.sdi
Options de périphérique
-----------------------
identificateur {1c646c26-2152-11e9-b63b-9a0427bba6cf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\boot.sdi
Options de périphérique
-----------------------
identificateur {bb42aa51-3932-11ea-935d-9d9b8109c306}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par KIKIZEBEST (administrateur) sur KIKIZEBEST-PC (TOSHIBA SATELLITE P500) (13-11-2023 19:33:39)
Exécuté depuis C:\Users\KIKIZEBEST\Desktop\FRST64.exe
Profils chargés: KIKIZEBEST
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\104.0.4944.36\opera_crashreporter.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Opera Norway AS -> Opera Software) C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\opera.exe <21>
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (O2Micro Inc. -> O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(svchost.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.52331.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Impossible d'accéder au processus -> FreemakeUtilsService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [MicrosoftEdgeAutoLaunch_200444D055E1FAACE422774EF5EDB99D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3894824 2023-11-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\KIKIZEBEST\AppData\Local\MightyText\Update.exe [1845096 2020-01-09] (Openphone Inc. -> GitHub)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [] => [X]
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-489156515-338945471-3789047452-1001\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 3830 series): C:\Windows\system32\HPDiscoPME511.dll [840328 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {AB53099B-25C8-4DC3-92E6-EE6FE862F9C5} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {D2B3F135-08FB-47BA-8CFD-B8C7B36DEFB2} - \Microsoft\Windows\Setup\EOSNotify2 -> Pas de fichier <==== ATTENTION
Task: {10AADE69-3DAB-4C3C-9CFE-BFE2BA424433} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {5B70D0D4-700C-46B1-8759-36790DC1506C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {A0B8C4FC-E0C6-4615-873A-E51E9B4549FB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6F096BD6-AA71-4870-9AE9-16A9D1F6C2B5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "607be473-25dd-4a2b-9250-1a6f5cf4700a" --version "6.17.10746" --silent
Task: {8F6395A8-A1E0-4CAD-BC3D-71593238D9E0} - System32\Tasks\CCleanerSkipUAC - KIKIZEBEST => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6BE1839E-CC79-4970-A327-E2700E71AB2E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5329808 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {13A53D53-06B8-497F-AC58-03955F7D1F61} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {ABAAB98A-DE9C-464E-A655-1412F2B4873E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier)
Task: {4F8DC2FD-733A-463B-B96E-B18D4782563A} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier)
Task: {1B1C03E1-21E1-47EE-B9A9-67F80B67D61A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {F35CD96A-E43A-4FD3-A06A-D9ED543BAB64} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {8793E292-7997-4C7E-B7D4-A6B16B5CFC32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {8708D4BA-CE50-487F-9A04-3B5FF3C1EBF5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {4BC1366C-A9CA-467C-B8E2-370BC7463018} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {6D2A8226-32AE-49CB-81EC-74BD18DA6632} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {6AD664C6-0D24-458B-84A2-E27D218F3123} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {0A6ED9C4-3122-49E6-B6B6-941005929EF8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {0A237144-3A45-427C-8076-46529D88A49D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {3DC822E5-68D8-44E2-B4F8-BB64DFBBEEB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {444C8714-F952-4397-BBCD-29D6F1969327} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {4A524E49-18BE-4530-91DF-26DFD07ACCC2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {6AB2F28C-E348-477A-A594-AAA7DF70328F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {4BA8157F-FB1F-4602-9892-9227C9410969} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {36939138-C033-4CD0-B7CF-DAD7738B5BD5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {A5D427DA-668B-42F4-BA75-8522579363F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {4CCAEBA4-7671-473A-8982-0C42AEF73455} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {387920C6-4DA1-4D6E-983D-F9D2122F7422} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {A9529898-BB0F-4615-80D7-CE5D7F9D56B8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {D701F294-4690-403B-9C5D-F1F1A0E040FB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {F296F4AA-B2B8-4799-B3F1-9C2D4EAF68CC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {5F5E4289-D87A-4B26-AD6E-28575BEF9C79} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {D366E9EC-2D71-4BD9-8B5A-30828E9CF0F2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {27735D62-238C-4F18-BE11-D4C07A4C8F74} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {36539C71-8E55-407A-9398-3002E01027FD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BBA1EE36-318C-41EF-9814-4B0392EBC91D} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {8D2EA610-AFC7-4118-81B4-97B9ABB51FB1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5FD6FF48-C749-4FAE-BE28-58FA3C7E2EA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91F2A08E-804F-481B-9EBC-BF1ED1F63856} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F759FC6E-D8AF-4EB3-B0F8-099B8F86764D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {068F2968-6C89-432A-8CC2-AD86EC50055D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C2477F8-FA4A-4ED6-96D4-4B6D952C7051} - System32\Tasks\Opera scheduled Autoupdate 1548525376 => C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\launcher.exe [2642848 2023-10-30] (Opera Norway AS -> Opera Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [NameServer] 1.0.0.1,208.67.222.220,192.168.0.1
Tcpip\..\Interfaces\{2006AEA7-E8A6-41E4-954E-90961CD1B024}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [NameServer] 1.0.0.1,208.67.222.220
Tcpip\..\Interfaces\{221F3244-73FB-4315-B8B4-FCA5C7A843DD}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{888e49a3-0ab3-434f-874d-6598b9abddd2}: [NameServer] 1.0.0.1,208.67.222.220
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-12]
Edge Extension: (Avira Safe Shopping) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-11-12]
Edge Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-12]
Edge Extension: (Google Docs hors connexion) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-12]
Edge Extension: (Edge relevant text changes) - C:\Users\KIKIZEBEST\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-12]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: pmhvk7af.default
FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default [2023-07-21]
FF Extension: (Avira Password Manager) - C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\pmhvk7af.default\Extensions\passwordmanager@avira.com [2019-11-19]
FF ProfilePath: C:\Users\KIKIZEBEST\AppData\Roaming\Mozilla\Firefox\Profiles\ssc3cy3r.default-release-1609066141487 [2023-07-21]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe [718168 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe [473280 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe [330136 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe [480144 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe [24153096 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-31] (Mixbyte Inc -> Freemake)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-12] (Malwarebytes Inc. -> Malwarebytes)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iSkysoft Video Converter Ultimate Windows (FR)(CPC)\Transfer\DriverInstall.exe [107800 2019-07-09] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 64146C88; C:\WINDOWS\system32\drivers\64146C88.sys [255928 2023-10-23] (Malwarebytes Corporation -> Malwarebytes)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 dhotkey; C:\WINDOWS\System32\drivers\dhotkey.sys [52736 2023-03-22] (Dynabook Inc. -> Dynabook Inc.)
R0 dhpevm; C:\WINDOWS\System32\drivers\dhpevm.SYS [29368 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project)
R1 dsrvctldrv; C:\WINDOWS\System32\drivers\dsrvctldrv.sys [30232 2023-07-13] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\WINDOWS\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
S3 hidshim; C:\WINDOWS\system32\DRIVERS\hidshim.sys [6656 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> )
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] (Logitech Inc -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nuvotoncir; C:\WINDOWS\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation)
S3 nuvotonhidcir; C:\WINDOWS\system32\DRIVERS\nuvotonhidcir.sys [32256 2013-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corporation)
R3 O2SDGx64; C:\WINDOWS\System32\drivers\o2sdgx64.sys [56576 2012-09-06] (O2Micro -> O2Micro)
S3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2019-01-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA)
U5 rtp_filesystem_filter; C:\Windows\System32\Drivers\rtp_filesystem_filter.sys [219448 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH)
U5 rtp_process_monitor; C:\Windows\System32\Drivers\rtp_process_monitor.sys [199992 2023-07-09] (Avira Operations GmbH -> Avira Operations GmbH)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
S0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-13 19:33 - 2023-11-13 19:34 - 000028095 _____ C:\Users\KIKIZEBEST\Desktop\FRST.txt
2023-11-13 19:29 - 2023-11-13 19:30 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\a envoyer
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 000000772 _____ C:\Users\KIKIZEBEST\Desktop\ZHPSuite.lnk
2023-11-12 22:17 - 2023-11-13 15:30 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Malwarebytes
2023-11-12 22:17 - 2023-11-12 22:17 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-12 22:17 - 2023-11-12 22:17 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-12 22:13 - 2023-11-12 22:13 - 002606880 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\MBSetup.exe
2023-11-12 21:59 - 2023-11-12 22:48 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\2e nettoyage
2023-11-12 21:42 - 2023-11-12 21:42 - 008791352 _____ (Malwarebytes) C:\Users\KIKIZEBEST\Desktop\adwcleaner_8.4.0.exe
2023-11-12 20:58 - 2023-11-12 20:58 - 000000923 _____ C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.lnk
2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe
2023-11-11 12:04 - 2023-11-11 12:04 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1111E7AC.sys
2023-11-11 12:03 - 2023-11-11 12:42 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\mbar
2023-11-10 19:07 - 2023-11-10 19:07 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\ARGENT SANG
2023-11-10 18:59 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\uTorrent Web
2023-11-08 17:23 - 2023-11-09 05:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-11-01 08:15 - 2023-11-01 08:15 - 000000000 ____D C:\WINDOWS\Panther
2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe
2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe
2023-10-30 19:43 - 2023-11-13 19:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\REPAIR 3010
2023-10-26 11:53 - 2023-10-31 14:15 - 006646784 _____ C:\WINDOWS\system32\rtp.db
2023-10-14 10:29 - 2023-10-14 10:32 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\LASKO
2023-10-12 08:48 - 2023-10-12 08:48 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Backup
2023-10-11 10:56 - 2023-10-11 10:56 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-11 10:19 - 2023-10-11 10:19 - 000000000 ___HD C:\$WinREAgent
2023-10-06 11:42 - 2023-10-06 11:42 - 000000000 ____D C:\ProgramData\PLUG
2023-10-04 20:48 - 2023-11-13 19:10 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\molotov
2023-10-04 20:48 - 2023-10-04 20:48 - 000002393 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov.lnk
2023-09-29 18:31 - 2023-09-29 18:31 - 000936171 _____ C:\Users\KIKIZEBEST\Desktop\Base de données Vin.xlsx
2023-09-14 17:48 - 2023-09-20 19:49 - 001164893 _____ C:\Users\KIKIZEBEST\Desktop\xcbvxf.xlsx
2023-09-11 11:01 - 2023-09-11 11:03 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FOOT BARLIN
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-08-26 06:45 - 2023-11-12 22:44 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\TORR
2023-08-18 07:26 - 2023-08-18 07:26 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\FAILLES2
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-11-13 19:34 - 2022-06-05 12:01 - 000000000 ____D C:\FRST
2023-11-13 19:30 - 2019-03-17 19:04 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\ZHP
2023-11-13 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-13 19:12 - 2020-10-02 13:29 - 000000000 ____D C:\Users\KIKIZEBEST
2023-11-13 18:45 - 2020-10-02 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-13 18:07 - 2022-10-08 20:06 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-13 15:33 - 2020-10-02 16:51 - 001693648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-13 15:33 - 2019-12-07 15:49 - 000739230 _____ C:\WINDOWS\system32\perfh00C.dat
2023-11-13 15:33 - 2019-12-07 15:49 - 000147924 _____ C:\WINDOWS\system32\perfc00C.dat
2023-11-13 15:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-13 15:29 - 2020-10-02 16:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-13 15:01 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-13 08:58 - 2021-07-06 08:12 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-12 22:44 - 2019-01-26 18:34 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\CHEZ MOI
2023-11-12 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-12 22:16 - 2023-03-17 18:20 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-12 22:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-12 22:16 - 2019-02-15 20:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-11 12:42 - 2019-03-01 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2023-11-11 12:30 - 2019-02-10 09:58 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Word
2023-11-11 11:53 - 2020-10-19 22:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-11 11:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-10 19:07 - 2019-04-13 13:19 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\BitTorrentHelper
2023-11-09 20:35 - 2021-04-22 09:08 - 000000000 ____D C:\KVRT2020_Data
2023-11-09 18:48 - 2019-03-27 19:21 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\CrashDumps
2023-11-09 18:46 - 2023-06-25 09:58 - 000000000 ____D C:\Program Files\CCleaner
2023-11-09 16:19 - 2019-01-26 18:56 - 000001525 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-11-09 12:32 - 2015-02-02 12:28 - 000014492 _____ C:\Users\KIKIZEBEST\Desktop\LISTE ANNIVERSAIRES.xlsx
2023-11-09 05:25 - 2019-01-26 19:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-08 18:49 - 2019-01-26 19:05 - 000001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-11-08 16:45 - 2022-06-03 09:04 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\OISEAUX SEMAINE
2023-11-08 13:13 - 2020-04-22 13:11 - 000001426 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-08 13:11 - 2019-01-26 23:11 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Excel
2023-11-07 21:38 - 2019-01-26 20:29 - 000000000 ____D C:\Users\KIKIZEBEST\Documents\MyHeritage
2023-11-07 08:16 - 2020-01-17 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 21:38 - 2021-01-03 21:25 - 000013133 _____ C:\Users\KIKIZEBEST\Desktop\GMAIL.xlsx
2023-11-03 11:31 - 2020-01-17 15:20 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Packages
2023-11-03 11:29 - 2020-09-30 10:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-03 08:04 - 2023-06-25 09:58 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-01 20:46 - 2020-01-17 16:14 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\D3DSCache
2023-10-31 19:43 - 2019-04-05 19:22 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\Facebook
2023-10-31 14:24 - 2019-01-26 20:07 - 000000000 ____D C:\Program Files (x86)\Avira
2023-10-31 14:22 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Avira
2023-10-31 14:16 - 2010-11-21 04:27 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-31 14:12 - 2019-05-02 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-10-31 14:10 - 2020-10-20 06:37 - 000002935 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint (1).lnk
2023-10-31 14:10 - 2020-10-20 06:37 - 000002923 _____ C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word (1).lnk
2023-10-31 14:07 - 2019-01-26 20:07 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-31 12:59 - 2019-03-03 15:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\NVIDIA Corporation
2023-10-31 12:59 - 2019-03-03 15:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-10-31 12:59 - 2019-01-26 18:22 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-10-31 12:59 - 2019-01-26 17:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-10-31 12:57 - 2019-05-20 07:58 - 000000000 ____D C:\Program Files\Java
2023-10-31 12:56 - 2020-07-30 09:20 - 000000000 ____D C:\ProgramData\GlarySoft
2023-10-31 12:56 - 2020-07-30 09:17 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\GlarySoft
2023-10-31 08:09 - 2020-10-19 22:57 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-31 08:09 - 2020-10-19 22:57 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-31 07:18 - 2020-10-02 16:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-30 13:04 - 2022-07-28 06:28 - 000020348 _____ C:\Users\KIKIZEBEST\Desktop\glycemie.xlsx
2023-10-27 19:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-25 12:56 - 2023-06-25 09:58 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-24 18:58 - 2023-06-25 09:58 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-24 07:40 - 2023-04-25 18:01 - 000000000 ____D C:\Users\KIKIZEBEST\Desktop\JV FAIT
2023-10-24 07:38 - 2023-05-08 20:32 - 001601536 _____ C:\Users\KIKIZEBEST\Desktop\Gestion-bibliotheque-Excel-gratuit (Enregistré automatiquement).xlsx
2023-10-23 08:10 - 2023-03-17 11:54 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\64146C88.sys
2023-10-22 15:54 - 2019-02-01 18:33 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Roaming\vlc
2023-10-21 17:14 - 2020-02-07 07:39 - 000000000 ____D C:\Users\KIKIZEBEST\AppData\Local\FSDART
2023-10-21 07:40 - 2020-02-07 07:39 - 000000000 ____D C:\ProgramData\F-Secure
2023-10-20 17:29 - 2020-10-02 16:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
==================== Fichiers à la racine de certains dossiers ========
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2022-10-25 12:24 - 2022-10-25 12:24 - 000000872 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\2d845f61-6fd4-4c25-be56-ac054468b3a2.tmp
2022-09-08 06:45 - 2022-09-08 06:45 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\44f702b9-2129-4c5e-be6e-edb29f149574.tmp
2022-08-14 13:28 - 2022-08-14 13:28 - 000000538 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\771d365c-3b53-455a-93ab-a0f3b1bebabb.tmp
2022-04-22 17:59 - 2022-04-22 17:59 - 000000705 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\c5c5984a-b917-4dd0-9614-c28d14f59a3f.tmp
2022-05-16 18:06 - 2022-05-16 18:06 - 000000867 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\e47d4395-7f92-4ee6-8f33-c7b629bbb655.tmp
2022-11-21 09:07 - 2022-11-21 09:07 - 000128964 _____ () C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\316672665_5992031394194217_2706564476730116414_n.jpg
2019-02-24 01:24 - 2019-12-19 15:18 - 000097520 _____ () C:\Users\KIKIZEBEST\AppData\Local\ars.cache
2019-02-24 01:24 - 2019-12-19 15:18 - 000392277 _____ () C:\Users\KIKIZEBEST\AppData\Local\census.cache
2021-12-31 10:36 - 2021-12-31 10:36 - 000003584 _____ () C:\Users\KIKIZEBEST\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-23 19:52 - 2019-02-23 19:52 - 000000036 _____ () C:\Users\KIKIZEBEST\AppData\Local\housecall.guid.cache
2023-03-27 14:05 - 2023-03-27 14:05 - 000002377 _____ () C:\Users\KIKIZEBEST\AppData\Local\recently-used.xbel
2019-01-28 13:23 - 2019-11-12 20:11 - 000007618 _____ () C:\Users\KIKIZEBEST\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2019-11-20 07:58 - 2013-04-06 00:27 - 000324608 _____ (IntelleSoft) C:\WINDOWS\system32\BugTrap-x64.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2019-11-20 07:58 - 2017-07-30 06:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll
2019-11-20 07:58 - 2019-02-26 11:51 - 028414044 _____ C:\WINDOWS\system32\x265vfw.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2019-09-23 15:45 - 2013-09-17 08:23 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2019-01-26 20:29 - 2003-07-06 14:07 - 000372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libcrypto-1_1.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\SysWOW64\libssl-1_1.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2021-02-24 22:40 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2020-01-24 17:27 - 2011-06-29 12:18 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2003-04-18 15:29 - 2003-04-18 15:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2019-01-26 20:29 - 2002-03-07 01:19 - 000454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2019-01-26 20:29 - 2010-06-17 19:49 - 002029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2021-03-17 15:30 - 2021-03-17 15:30 - 000012067 _____ C:\WINDOWS\SysWOW64\SIntf16.dll
2021-03-17 15:30 - 2021-03-17 15:30 - 000017212 _____ C:\WINDOWS\SysWOW64\SIntf32.dll
2021-03-17 15:30 - 2021-03-17 15:30 - 000021840 _____ C:\WINDOWS\SysWOW64\SIntfNT.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
1998-09-14 20:43 - 1998-09-14 20:43 - 000065536 _____ C:\WINDOWS\SysWOW64\TWAIN32d.dll
2021-02-24 22:40 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2019-01-26 23:26 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2017-07-30 09:50 - 2017-07-30 09:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2019-02-26 11:56 - 2019-02-26 11:56 - 006418389 _____ C:\WINDOWS\SysWOW64\x265vfw.dll
2023-09-04 16:00 - 2023-10-12 22:38 - 003343520 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPCleaner.exe
2023-11-13 19:12 - 2023-11-13 19:12 - 003515040 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\ZHPSuite.exe
2023-10-30 20:07 - 2023-11-13 19:31 - 002383872 _____ (Farbar) C:\Users\KIKIZEBEST\Desktop\FRST64.exe
2023-11-12 20:57 - 2023-11-12 20:57 - 003346080 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPCleaner.exe
2023-10-30 19:45 - 2023-10-30 19:45 - 003512992 _____ (Nicolas Coolman) C:\Users\KIKIZEBEST\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {1c646c21-2152-11e9-b63b-9a0427bba6cf}
device ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c22-2152-11e9-b63b-9a0427bba6cf}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {1c646c25-2152-11e9-b63b-9a0427bba6cf}
device ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\Winre.wim,{1c646c26-2152-11e9-b63b-9a0427bba6cf}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {bb42aa4d-3932-11ea-935d-9d9b8109c306}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {bb42aa50-3932-11ea-935d-9d9b8109c306}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bb42aa51-3932-11ea-935d-9d9b8109c306}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {bb42aa4d-3932-11ea-935d-9d9b8109c306}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {bb42aa50-3932-11ea-935d-9d9b8109c306}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {1c646c22-2152-11e9-b63b-9a0427bba6cf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1c646c21-2152-11e9-b63b-9a0427bba6cf\boot.sdi
Options de périphérique
-----------------------
identificateur {1c646c26-2152-11e9-b63b-9a0427bba6cf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1c646c25-2152-11e9-b63b-9a0427bba6cf\boot.sdi
Options de périphérique
-----------------------
identificateur {bb42aa51-3932-11ea-935d-9d9b8109c306}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================