Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022 Exécuté par AZUL6 (administrateur) sur DESKTOP-7INJNBN (LENOVO F0CL006XPG) (27-01-2022 16:39:24) Exécuté depuis C:\Users\AZUL6\Downloads Profils chargés: AZUL6 Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1466 (X64) Langue: Portugais (Portugal) -> Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHeciSvc.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2> (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <4> (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2> (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (LITE-ON TECHNOLOGY CORP. -> Lenovo) C:\Program Files\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <28> (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\AZUL6\ZHPSuite.exe (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Lenovo Fundamental USB Keyboard] => C:\Program Files\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe [2644472 2016-10-17] (LITE-ON TECHNOLOGY CORP. -> Lenovo) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [Chromium] => "c:\users\azul6\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\AZUL6\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\Run: [218457123] => C:\Users\AZUL6\AppData\Roaming\35422185\6366050263660502.exe (Pas de fichier) HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\MountPoints2: {049b3ba9-d225-11eb-830f-1c834121c6f0} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\MountPoints2: {e86716a7-6d47-11ec-8330-1c834121c6f0} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\MountPoints2: {f3d349b3-802d-11eb-82e7-1c834121c6f0} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3555577323-2430992883-3566638213-1001\...\MountPoints2: {f61e7709-633b-11ec-832f-1c834121c6f0} - "D:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\WINDOWS\system32\hpzllwn7.dll [51712 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {000ABAEF-A1F9-4435-A0CC-0CF3FDA6C69D} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (Pas de fichier) Task: {0B0AC637-F57B-4136-8DCF-EB7923E8B0D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-07-15] (HP Inc. -> HP Inc.) Task: {120AAEF9-F16D-4EF8-86D6-F7A24AF76154} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform) Task: {17E85E8C-0062-4B44-AA53-4BCB17D0B189} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {19A24AC5-A773-47C2-B516-567C2130D627} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\34d6ebc5-dbe7-4f00-9301-890b0bb05ae7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.) Task: {1C7BAD61-C77F-4540-B750-C040AC368640} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs] Task: {2375029A-2A5C-4CBE-9926-E8E82D581455} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.) Task: {24D11B3E-BB0B-4815-9EB9-3BC43CF5A17E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {27E97780-F69E-4D13-9441-36471927D6A9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) Task: {2D30028B-51D9-40DE-9F85-0DC86FA2A9C4} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {2E63ED6E-3AB2-46A1-B534-527E6410C368} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d7028516-7fc6-4ac7-bc32-15681e532a26 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.) Task: {3D61E9C7-AE0E-49FF-99DA-097A7A1A0203} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {4344DB69-C4A4-4EC7-9283-CC6636F0309C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {43B062A0-3938-4465-BF01-A185B6CC3AE8} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.) Task: {533BB941-8E20-4B43-8F60-4E5BBB7A163F} - System32\Tasks\CCleanerSkipUAC - AZUL6 => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6861536B-78E0-462B-83E6-26429AC3D835} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {75341A67-C0B2-4522-BCA7-B1C53102CAB2} - System32\Tasks\CorelUpdateHelperTask-0D489F7D9EC720C83096950F2CB4F4F5 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Pas de fichier) Task: {78203EC8-3E72-4F93-9A4F-9DF474B9220C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [57176 2020-08-20] (HP Inc. -> HP Inc.) Task: {80B91E4D-A456-4EC9-A8D0-B40945456436} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.) Task: {81E9BB28-193D-40E7-9333-CEB37D55DAD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\88cc496b-012b-48a3-93ca-4a768e7296b0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.) Task: {875E2D4A-2F80-4B96-8923-EADA69C48C31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.) Task: {8913AC22-6D5E-45C0-808C-E12D3BB58FF3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier) Task: {8AC1BE56-0A7A-4E2F-9D5D-D1FA12209AEF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-16] (Microsoft Corporation -> Microsoft Corporation) Task: {8B576C62-81FB-4936-9167-99E0DE5EA38C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.) Task: {9FF970B1-60C4-4E6F-88EF-062148C83766} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\48f610da-f630-453a-92da-73c9e495078b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.) Task: {ABDFA68E-B02D-480A-B20B-0D6AFF950DF4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {B44D0165-8882-4C46-93BE-044BA57DC673} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) Task: {BC0FD8B2-17FE-4B14-9F98-B4AA51C1F797} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.) Task: {C4A92C79-870C-4869-BA9D-91EBB695F3AB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111024 2022-01-16] (Microsoft Corporation -> Microsoft Corporation) Task: {CB2DCC71-8809-4EE3-B87C-44E0471CB31C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.) Task: {CE214847-8F1C-4135-966F-6AA53F30C3F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {D4E9E392-8D0B-4E2E-A2D2-26D9CB7D4001} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.) Task: {E198BA23-499B-479B-AD50-C87A87CE9DBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.) Task: {F1F6C8F7-01BA-4FD2-823B-094236B3AE81} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.) Task: {FFBA3C2B-9E10-49F1-8A4B-D88AA016BEE3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [855352 2016-05-24] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{5bb6a424-de2a-4978-a86b-e913c764a9bc}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{732ba448-e91e-4352-8e94-c0c1eb27c3aa}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{98a68ebd-0bcb-40ea-b658-d22db6caeb73}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d53e2460-353b-4526-ae43-0157917eccd3}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{e88d0e2c-149b-4569-a94d-1fc4f4721daa}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default FireFox: ======== FF DefaultProfile: cfk44hxe.default FF ProfilePath: C:\Users\AZUL6\AppData\Roaming\Mozilla\Firefox\Profiles\4u3ytxy0.default-release [2022-01-24] FF ProfilePath: C:\Users\AZUL6\AppData\Roaming\Mozilla\Firefox\Profiles\cfk44hxe.default [2022-01-27] FF NewTab: Mozilla\Firefox\Profiles\cfk44hxe.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__171205 FF Notifications: Mozilla\Firefox\Profiles\cfk44hxe.default -> hxxps://www.facebook.com; hxxps://en.softonic.com; hxxps://gamesofpc.com; hxxps://acadestypicallic.info; hxxps://rainbow6.ubisoft.com; hxxps://www.youtube.com; hxxps://www.boafoda.com; hxxps://ok1c6.chmet.me; hxxps://molloved.biz; hxxps://teams.microsoft.com; hxxps://ytmp3.cc; hxxps://br.pinterest.com; hxxps://www.instagram.com FF Extension: (Tampermonkey) - C:\Users\AZUL6\AppData\Roaming\Mozilla\Firefox\Profiles\cfk44hxe.default\Extensions\firefox@tampermonkey.net.xpi [2021-05-01] FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-3555577323-2430992883-3566638213-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\AZUL6\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (Visan Industries -> RocketLife, LLP) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Opera: ======= OPR Profile: C:\Users\AZUL6\AppData\Roaming\Opera Software\Opera Stable [2022-01-10] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [502040 2016-11-09] (LENOVO -> Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2021-05-26] (Qualcomm Atheros, Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-23] (Microsoft Windows Publisher -> Microsoft Corporation) S2 AppServicea; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceb; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicec; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiced; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicee; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicef; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceg; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceh; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicei; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicej; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicek; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicel; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicem; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicen; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceo; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicep; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceq; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicer; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServices; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicet; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServiceu; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicev; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicew; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicex; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 AppServicey; C:\WINDOWS\system32\1U4Q61Y73X.tmp [X] <==== ATTENTION S2 HPPrintScanDoctorService; "C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe" [X] S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 NemuDrv; C:\Program Files (x86)\MuMu\emulator\nemu\Hypervisor\NemuDrv.sys [299240 2018-05-03] (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-27 16:37 - 2022-01-27 16:37 - 000413652 _____ C:\Users\AZUL6\Desktop\ZHPDiag.html 2022-01-27 16:37 - 2022-01-27 16:37 - 000334772 _____ C:\Users\AZUL6\Desktop\ZHPDiag.txt 2022-01-27 16:18 - 2022-01-27 16:18 - 003479192 _____ (Nicolas Coolman) C:\Users\AZUL6\ZHPSuite.exe 2022-01-27 16:09 - 2022-01-27 16:09 - 000097700 _____ C:\Users\AZUL6\Desktop\ZHPCleaner (R).html 2022-01-27 16:09 - 2022-01-27 16:09 - 000057420 _____ C:\Users\AZUL6\Desktop\ZHPCleaner (R).txt 2022-01-27 16:02 - 2022-01-27 16:02 - 000097175 _____ C:\Users\AZUL6\Desktop\ZHPCleaner (S).html 2022-01-27 16:02 - 2022-01-27 16:02 - 000056831 _____ C:\Users\AZUL6\Desktop\ZHPCleaner (S).txt 2022-01-27 15:36 - 2022-01-27 15:36 - 003292824 _____ (Nicolas Coolman) C:\Users\AZUL6\ZHPCleaner.exe 2022-01-25 15:31 - 2022-01-25 15:31 - 003292824 _____ (Nicolas Coolman) C:\Users\AZUL6\Downloads\ZHPCleaner.exe 2022-01-25 14:55 - 2022-01-25 14:55 - 012438920 _____ (AVAST Software) C:\Users\AZUL6\Downloads\avastclear(1).exe 2022-01-25 14:52 - 2022-01-25 14:52 - 000000000 ____D C:\Users\AZUL6\AppData\Local\BitTorrentHelper 2022-01-24 07:42 - 2022-01-26 14:35 - 000077464 _____ C:\Users\AZUL6\Downloads\Shortcut.txt 2022-01-24 05:01 - 2022-01-26 14:35 - 000033792 _____ C:\Users\AZUL6\Downloads\Addition.txt 2022-01-24 04:54 - 2022-01-27 16:41 - 000025744 _____ C:\Users\AZUL6\Downloads\FRST.txt 2022-01-24 04:53 - 2022-01-26 14:26 - 000000000 ____D C:\Users\AZUL6\Downloads\FRST-OlderVersion 2022-01-24 04:50 - 2022-01-27 16:40 - 000000000 ____D C:\FRST 2022-01-24 04:49 - 2022-01-26 14:26 - 002311680 _____ (Farbar) C:\Users\AZUL6\Downloads\FRST64.exe 2022-01-24 04:45 - 2022-01-24 04:45 - 000534609 _____ C:\Users\AZUL6\Documents\DECLARATION 2022.pdf 2022-01-24 03:59 - 2022-01-24 03:59 - 007638224 _____ (Piriform Software Ltd) C:\Users\AZUL6\Downloads\rcsetup153.exe 2022-01-24 03:45 - 2022-01-25 15:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-21 15:52 - 2022-01-27 16:18 - 000000728 _____ C:\Users\AZUL6\Desktop\ZHPSuite.lnk 2022-01-21 15:42 - 2022-01-21 15:42 - 003479192 _____ (Nicolas Coolman) C:\Users\AZUL6\Downloads\ZHPSuite.exe 2022-01-13 15:29 - 2022-01-13 15:29 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-13 15:29 - 2022-01-13 15:29 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-13 15:29 - 2022-01-13 15:29 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-01-13 14:53 - 2022-01-13 14:57 - 000000000 ___HD C:\$WinREAgent 2022-01-13 13:38 - 2022-01-13 13:38 - 000312644 _____ C:\Users\AZUL6\Documents\bank2.pdf 2022-01-13 13:35 - 2022-01-13 13:35 - 000319603 _____ C:\Users\AZUL6\Documents\bank1.pdf 2022-01-13 13:33 - 2022-01-13 13:33 - 000304678 _____ C:\Users\AZUL6\Documents\bank.pdf 2022-01-10 11:00 - 2022-01-10 11:00 - 000000000 ____D C:\Users\AZUL6\AppData\Local\SolidDocuments 2022-01-05 12:29 - 2022-01-13 13:27 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-01-05 12:29 - 2022-01-13 13:27 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-01-05 12:27 - 2022-01-05 12:27 - 000000000 ____D C:\Program Files\Adobe 2022-01-05 12:24 - 2022-01-05 12:27 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-01-05 11:48 - 2022-01-05 11:48 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2022-01-05 11:46 - 2022-01-05 11:46 - 000645592 _____ C:\ProgramData\sqlite3.dll 2022-01-05 11:46 - 2022-01-05 11:46 - 000000000 ____D C:\Users\AZUL6\AppData\Local\Yandex 2022-01-05 11:45 - 2022-01-24 04:08 - 000000000 ____D C:\Users\AZUL6\Documents\VlcpVideoV1.0.1 2022-01-05 11:45 - 2022-01-21 16:28 - 000000000 ____D C:\Program Files (x86)\FarLabUninstaller 2022-01-05 11:45 - 2022-01-05 11:49 - 000000000 ___HD C:\Users\AZUL6\AppData\Roaming\35422185 2022-01-05 11:45 - 2022-01-05 11:49 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\Green 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\ProfCleaner 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\holnon 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ C:\Users\AZUL6\AppData\Roaming\C073.tmp 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ C:\Users\AZUL6\AppData\Roaming\AEBF.tmp 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ C:\Users\AZUL6\AppData\Roaming\ABFF.tmp 2022-01-05 11:43 - 2022-01-05 12:01 - 000000000 ____D C:\Users\AZUL6\Documents\abode 2022-01-05 11:36 - 2022-01-05 11:37 - 010195622 _____ C:\Users\AZUL6\Downloads\PASSWORD_IS_258258____Adobe-Acrobat-D(1).zip 2022-01-05 11:31 - 2022-01-05 11:32 - 010088548 _____ C:\Users\AZUL6\Downloads\PASSWORD_IS_258258____Adobe-Acrobat-D.zip 2022-01-04 10:17 - 2022-01-04 10:17 - 000042624 _____ C:\Users\AZUL6\Downloads\PT Fatura Recibo nº 469.pdf 2022-01-02 12:38 - 2022-01-02 12:39 - 003283608 _____ (Nicolas Coolman) C:\Users\AZUL6\Downloads\ZHPDiag3.exe 2022-01-02 11:55 - 2022-01-02 11:55 - 000001064 _____ C:\Users\AZUL6\Desktop\HiSuite.lnk 2022-01-02 11:55 - 2022-01-02 11:55 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite 2022-01-02 11:54 - 2022-01-02 11:55 - 000000000 ____D C:\Program Files (x86)\HiSuite 2022-01-02 11:54 - 2021-11-08 01:20 - 001718592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2022-01-02 11:54 - 2021-11-08 01:20 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2022-01-02 11:54 - 2021-11-08 01:20 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2022-01-02 11:54 - 2021-11-08 01:20 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2022-01-02 11:54 - 2021-11-08 01:20 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2022-01-02 11:53 - 2022-01-02 11:53 - 000000000 ____D C:\Users\AZUL6\Desktop\32727969-A 2022-01-02 11:36 - 2022-01-25 14:32 - 000000000 ____D C:\Users\AZUL6\AppData\Local\WhatsApp 2022-01-02 11:35 - 2022-01-02 11:35 - 135925456 _____ (WhatsApp) C:\Users\AZUL6\Downloads\WhatsAppSetup(1).exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-27 16:42 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-27 16:37 - 2019-04-18 10:58 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\ZHP 2022-01-27 16:19 - 2019-04-11 15:15 - 000000000 ____D C:\Program Files\CCleaner 2022-01-27 16:18 - 2021-04-14 03:24 - 000000000 ____D C:\Users\AZUL6 2022-01-27 16:16 - 2019-02-04 09:13 - 000000000 ____D C:\ProgramData\Mozilla 2022-01-27 16:15 - 2017-12-05 16:26 - 000000000 ____D C:\Users\AZUL6\AppData\LocalLow\Mozilla 2022-01-27 16:15 - 2017-12-05 15:26 - 000000000 ___RD C:\Users\AZUL6\OneDrive 2022-01-27 16:13 - 2017-12-05 15:12 - 000000000 __SHD C:\Users\AZUL6\IntelGraphicsProfiles 2022-01-27 16:12 - 2021-04-14 03:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-01-27 16:12 - 2021-04-14 03:15 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-27 16:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-01-27 16:11 - 2019-12-07 09:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-01-27 15:56 - 2021-04-14 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-01-27 15:36 - 2019-04-18 21:14 - 000000738 _____ C:\Users\AZUL6\Desktop\ZHPCleaner.lnk 2022-01-26 14:59 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-01-26 14:35 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF 2022-01-26 14:05 - 2021-04-26 18:06 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d730df2191e665 2022-01-26 14:05 - 2021-04-14 03:57 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-25 17:29 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-25 16:19 - 2019-02-21 16:31 - 000000000 ____D C:\Users\AZUL6\AppData\Local\CrashDumps 2022-01-25 15:07 - 2021-04-14 03:38 - 002690052 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-01-25 15:07 - 2021-04-14 03:01 - 000782002 _____ C:\WINDOWS\system32\perfh00C.dat 2022-01-25 15:07 - 2021-04-14 03:01 - 000149652 _____ C:\WINDOWS\system32\perfc00C.dat 2022-01-25 15:07 - 2019-12-07 15:09 - 000768154 _____ C:\WINDOWS\system32\prfh0816.dat 2022-01-25 15:07 - 2019-12-07 15:09 - 000152336 _____ C:\WINDOWS\system32\prfc0816.dat 2022-01-25 15:02 - 2019-02-15 12:42 - 000000000 ____D C:\ProgramData\AVAST Software 2022-01-25 15:01 - 2019-02-15 12:52 - 000000000 ____D C:\Users\AZUL6\AppData\Local\AVAST Software 2022-01-25 15:01 - 2017-12-05 16:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-01-25 14:53 - 2017-12-05 16:38 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\uTorrent 2022-01-25 14:38 - 2021-09-12 12:59 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\Corel 2022-01-25 14:38 - 2021-09-12 12:52 - 000000000 ____D C:\ProgramData\Corel 2022-01-25 14:36 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-01-25 14:28 - 2021-09-12 12:59 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-0D489F7D9EC720C83096950F2CB4F4F5 2022-01-25 14:08 - 2021-12-15 17:16 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3555577323-2430992883-3566638213-1001 2022-01-25 14:08 - 2021-04-14 03:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3555577323-2430992883-3566638213-1001 2022-01-25 14:08 - 2021-04-14 03:24 - 000002421 _____ C:\Users\AZUL6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-24 14:25 - 2021-10-10 13:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-01-24 14:25 - 2017-12-05 16:26 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-01-24 05:16 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-01-24 04:21 - 2020-06-05 18:11 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-24 04:21 - 2020-06-05 18:11 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-01-21 15:51 - 2019-04-18 10:58 - 000000000 ____D C:\Users\AZUL6\AppData\Local\ZHP 2022-01-16 15:52 - 2017-09-20 02:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-01-13 23:55 - 2021-04-14 03:15 - 000520928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-01-13 23:52 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-01-13 15:37 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-01-13 14:50 - 2017-12-05 19:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-13 14:44 - 2017-12-05 19:41 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-13 13:28 - 2021-04-14 03:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-01-13 13:21 - 2017-12-05 15:21 - 000000000 ____D C:\Users\AZUL6\AppData\Local\Lenovo 2022-01-13 01:07 - 2021-04-04 19:08 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe 2022-01-13 01:06 - 2021-04-04 19:08 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll 2022-01-13 01:06 - 2021-04-04 19:08 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll 2022-01-13 01:06 - 2017-12-05 15:13 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll 2022-01-10 18:25 - 2020-07-15 14:08 - 000000000 ____D C:\Users\AZUL6\Documents\PAPIER 2022-01-10 18:13 - 2020-03-08 12:32 - 000000000 ____D C:\WINDOWS\TempInst 2022-01-10 11:00 - 2017-12-05 15:12 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\Adobe 2022-01-10 10:54 - 2021-04-14 03:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-01-05 12:24 - 2018-03-16 15:17 - 000000000 ____D C:\ProgramData\Adobe 2022-01-05 11:49 - 2021-07-05 12:37 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2022-01-04 10:18 - 2020-06-27 08:40 - 000000000 ____D C:\Users\AZUL6\Desktop\GARANTIE 2022-01-02 11:56 - 2019-10-14 14:12 - 000000000 ____D C:\Users\AZUL6\AppData\Local\HiSuite 2022-01-02 11:41 - 2018-12-28 21:14 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\WhatsApp 2022-01-02 11:37 - 2018-12-28 21:13 - 000000000 ____D C:\Users\AZUL6\AppData\Local\SquirrelTemp 2022-01-02 11:36 - 2018-12-28 21:14 - 000000000 ____D C:\Users\AZUL6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp ==================== Fichiers à la racine de certains dossiers ======== 2022-01-05 11:48 - 2022-01-05 11:48 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2022-01-05 11:46 - 2022-01-05 11:46 - 000645592 _____ () C:\ProgramData\sqlite3.dll 2022-01-05 11:48 - 2022-01-05 11:48 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2022-01-27 15:36 - 2022-01-27 15:36 - 003292824 _____ (Nicolas Coolman) C:\Users\AZUL6\ZHPCleaner.exe 2022-01-27 16:18 - 2022-01-27 16:18 - 003479192 _____ (Nicolas Coolman) C:\Users\AZUL6\ZHPSuite.exe 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ () C:\Users\AZUL6\AppData\Roaming\ABFF.tmp 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ () C:\Users\AZUL6\AppData\Roaming\AEBF.tmp 2022-01-05 11:45 - 2022-01-05 11:45 - 000000000 _____ () C:\Users\AZUL6\AppData\Roaming\C073.tmp 2018-07-17 16:00 - 2018-07-17 16:00 - 000008134 _____ () C:\Users\AZUL6\AppData\Roaming\KRAB-DECRYPT.txt 2018-07-17 16:04 - 2018-07-17 16:04 - 000008134 _____ () C:\Users\AZUL6\AppData\Roaming\Microsoft\KRAB-DECRYPT.txt 2018-07-17 16:06 - 2018-07-17 16:06 - 000008134 _____ () C:\Users\AZUL6\AppData\Local\KRAB-DECRYPT.txt 2021-09-16 13:40 - 2021-09-16 13:40 - 000013590 _____ () C:\Users\AZUL6\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================