Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022 Exécuté par jmgna (administrateur) sur DESKTOP-N0BOCTH (Acer Aspire E1-771) (22-03-2022 15:44:32) Exécuté depuis C:\Users\jmgna\Desktop Profils chargés: jmgna Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1586 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (C:\Program Files\Apoint2K\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe (services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2020-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_launcher.exe [14751752 2020-02-04] (mquadr.at software engineering und consulting GmbH -> Swisscom) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23993176 2021-09-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [EA39668C0923BF9650DF54EE420584A9D38CB5B6._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [uTorrent] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-11-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [ut] => C:\Users\jmgna\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-02-27] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Stable] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-23] (Opera Software AS -> Opera Software) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\jmgna\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {4637ae8b-45ce-11e6-ad8d-6002b466c740} - "F:\LaunchU3.exe" -a HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {92495a38-82b2-11eb-a220-6002b466c740} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-166249747-1253889427-3841345064-1001\...\MountPoints2: {ba45b9f5-022c-11eb-a1e7-6002b466c740} - "E:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-21] (Google LLC -> Google LLC) Startup: C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-11] ShortcutTarget: MEGAsync.lnk -> C:\Users\jmgna\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01BC8CF5-917F-4977-9848-4B013000207F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-166249747-1253889427-3841345064-1001 => C:\Users\jmgna\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-10-10] (Mega Limited -> Mega Limited) Task: {447823A9-3209-4C0C-BC83-B4E697AC3CB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (Pas de fichier) Task: {4A2B14D2-0901-49F9-AC02-D5D79B266AC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation) Task: {592937B3-3E51-4A74-9145-92A1EB244347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (Pas de fichier) Task: {6D5B6D69-7847-47EC-AF5E-AA1F1FA5D518} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {71381F10-CC19-4E59-9EDF-7C1DFFBAA904} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {7455A09C-72D8-4373-94A5-212C94492F39} - \Microsoft\Windows\Setup\EM -> Pas de fichier <==== ATTENTION Task: {7F473037-F4D2-47B9-B08F-375C2A0A3B4D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-03] (Microsoft Corporation -> Microsoft Corporation) Task: {95FDAE5A-2055-467C-AEF0-733CBE4C1C0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation) Task: {96D629E7-033D-4FF3-9328-7B40EF4BD29B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9B3F7546-45DE-45B9-B0D8-DC20E6E4FA15} - \Microsoft\Windows\AppListBackup\Backup -> Pas de fichier <==== ATTENTION Task: {A27052E7-C90C-4D5C-A0A1-129B0A514600} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform) Task: {B3C1C63F-98F1-41E0-AA08-F5BC7AAB0AC2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] () [Fichier non signé] Task: {B5409C8F-039B-466B-A816-DC38BD339411} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation) Task: {C7C32EE0-9EA0-450A-B57B-0EA1F1D1359C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-03] (Microsoft Corporation -> Microsoft Corporation) Task: {CA0F38B4-0358-40CF-8BA6-730FE410796D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC) Task: {CB9C1C84-0DAF-41DE-9D30-4625EF4157F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation) Task: {E26F5EAE-CA00-4AB7-BF4A-67D204E8DBD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (Pas de fichier) Task: {F66F0C21-214B-44B1-8D91-CAEDFD077685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (Pas de fichier) Task: {FA504341-F61E-4CC1-AED7-CB0A3D742465} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-21] (Google LLC -> Google LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: C:\WINDOWS\Tasks\ASR-Startup.job => C:\Program Files (x86)\Advanced System Repair Pro 1.9.3.8.0\AdvancedSystemRepairPro.exe Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{0b8c86e8-e7d6-46ca-aaf5-a15fa0ed4c02}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{ffdac35b-fafc-4d4f-a8d4-a240903a55f0}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-21] Edge Extension: (Halo – Arrival) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddgdgdmkcagpbibgcilbidjfokdngfld [2021-07-31] Edge Extension: (Total Adblock - Ad Blocker) - C:\Users\jmgna\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkkldohdhcfhpjchcefpkfhjfeapdmek [2022-02-17] FireFox: ======== FF DefaultProfile: iqivk9tf.default FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default [2022-01-13] FF Homepage: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\iqivk9tf.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2021-04-14 03:26:16&bName= FF Extension: (Avira Browser Safety) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\iqivk9tf.default\Extensions\abs@avira.com [2022-01-13] FF ProfilePath: C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734 [2022-03-21] FF Extension: (AdBlocker Ultimate) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\adblockultimate@adblockultimate.net.xpi [2021-12-12] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-18] FF Extension: (Google Translator for Firefox) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\translator@zoli.bod.xpi [2021-07-31] FF Extension: (smritiman) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{1754c630-66d8-4ce3-a2f0-5188a33f0573}.xpi [2021-07-31] FF Extension: (abstract colorful owl by candelora) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{2a608150-0a07-4e71-b644-3edb9abd8d35}.xpi [2021-09-29] FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2021-11-27] FF Extension: (R A I E S) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{6ca6151e-1a42-4058-ab26-89ebb2dd0f86}.xpi [2021-07-31] FF Extension: (Fluffy Little White Birds by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{8be36b23-4549-4cde-af33-c753bfe61659}.xpi [2022-01-05] FF Extension: (SciFi) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{a7f8e0cd-f3f4-41bb-9043-d3fc0e9e0b92}.xpi [2021-09-29] FF Extension: (Fall Puppy) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{b74e6c60-9306-4a5a-b1cd-6911d5b44181}.xpi [2021-07-31] FF Extension: (Phoenix in the clouds) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{cc7f2c6a-0b09-4db8-bb39-9135dac20fab}.xpi [2021-07-31] FF Extension: (Strands of Gold by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{ced087e8-01fe-4ff3-b168-b6fff293f019}.xpi [2021-07-31] FF Extension: (My Vinyl) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{f7c1330c-e6b9-42ca-9e14-2b2d29d02e48}.xpi [2021-07-31] FF Extension: (Northern Lake FT by MaDonna) - C:\Users\jmgna\AppData\Roaming\Mozilla\Firefox\Profiles\h95vf0iv.default-release-1627633973734\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2021-09-29] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-10] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default [2022-03-22] CHR DownloadDir: C:\Users\jmgna\Desktop CHR HomePage: Default -> hxxp://www.google.ch/firefox?client=firefox-a&rls=org.mozilla:fr:official CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Slides) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-21] CHR Extension: (Docs) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-21] CHR Extension: (Google Drive) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-21] CHR Extension: (YouTube) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-21] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-03-21] CHR Extension: (Sheets) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-21] CHR Extension: (Save image as Type) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabfmnliflodkdafenbcpjdlppllnemd [2022-03-21] CHR Extension: (Google Docs hors connexion) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-21] CHR Extension: (Gmail) - C:\Users\jmgna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-21] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-166249747-1253889427-3841345064-1001) Opera GXStable - "C:\Users\jmgna\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-09-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation) S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-03-11] (Microsoft Windows -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AthDfu; C:\WINDOWS\System32\Drivers\AthDfu.sys [55448 2013-05-31] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider) R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [437800 2021-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbfsconnect2017; C:\WINDOWS\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated) R3 MpKslf1041fc9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9BF9D33-CFAB-46AA-90AE-17B4D2EDD824}\MpKslDrv.sys [137464 2022-03-22] (Microsoft Windows -> Microsoft Corporation) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2021-08-19] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-03-22 15:44 - 2022-03-22 15:47 - 000027236 _____ C:\Users\jmgna\Desktop\FRST.txt 2022-03-22 15:40 - 2022-03-22 15:40 - 002364928 _____ (Farbar) C:\Users\jmgna\Desktop\FRST64.exe 2022-03-22 11:14 - 2022-03-22 11:14 - 000000000 ___HD C:\$SysReset 2022-03-22 09:15 - 2022-03-22 09:16 - 000001394 _____ C:\Users\jmgna\Desktop\BUDGET.lnk 2022-03-21 17:07 - 2022-03-21 17:07 - 000000114 ___RH C:\Users\jmgna\Downloads\Stinger.opt 2022-03-21 16:56 - 2022-03-21 16:56 - 000000000 ____D C:\Program Files\McAfee 2022-03-21 16:55 - 2022-03-21 17:07 - 000000000 ____D C:\Program Files\stinger 2022-03-21 15:29 - 2022-03-21 15:29 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-03-21 15:29 - 2022-03-21 15:29 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-03-21 15:28 - 2022-03-21 15:28 - 000000000 ____D C:\Program Files\Google 2022-03-21 14:03 - 2022-03-21 14:04 - 075038802 _____ C:\Users\jmgna\Downloads\Decrypt Software.avi 2022-03-21 13:29 - 2022-03-21 13:30 - 000000000 ____D C:\WINDOWS\LastGood 2022-03-21 11:17 - 2022-03-21 11:18 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2022-03-21 09:06 - 2022-03-21 09:06 - 000001107 _____ C:\Users\jmgna\Downloads\_readme.txt 2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ C:\Users\jmgna\AppData\Local\bowsakkdestx.txt 2022-03-21 09:06 - 2022-03-21 09:06 - 000000000 ____D C:\SystemID 2022-03-21 08:54 - 2022-03-21 08:55 - 027525120 _____ C:\WINDOWS\system32\config\BCD00000 2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp 2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\Yandex 2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\Users\jmgna\AppData\Local\79a68ccd-7c0c-41e7-bf99-7ac40ed2656f 2022-03-21 08:52 - 2022-03-21 08:52 - 000000000 ____D C:\ProgramData\WDZ68N2BOQ51SWYS4A1CJ0KJ8 2022-03-21 08:51 - 2022-03-21 11:09 - 000000000 ____D C:\Program Files (x86)\AtomTweaker 2022-03-19 19:17 - 2022-03-19 19:17 - 000000000 ____D C:\Users\jmgna\Downloads\Telegram Desktop 2022-03-19 08:22 - 2022-03-19 08:22 - 000000382 _____ C:\WINDOWS\Tasks\ASR-Startup.job 2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ C:\Users\jmgna\AppData\Local\recently-used.xbel 2022-03-11 09:12 - 2022-03-11 09:12 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-03-11 09:11 - 2022-03-11 09:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-03-11 09:10 - 2022-03-11 09:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-03-11 09:09 - 2022-03-11 09:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-03-11 09:09 - 2022-03-11 09:09 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-03-11 07:59 - 2022-03-11 07:59 - 000000000 ___HD C:\$WinREAgent 2022-03-03 10:52 - 2022-03-03 10:52 - 000019611 _____ C:\Users\jmgna\AppData\LocalLow\WMveuky95hM.zip 2022-03-03 10:52 - 2022-03-03 10:52 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\wT6wL5h 2022-03-03 10:03 - 2022-03-03 10:03 - 000000036 _____ C:\Users\jmgna\MJKJDeviceGUID 2022-02-21 11:12 - 2022-03-03 08:30 - 000001426 _____ C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk 2022-02-21 11:12 - 2022-02-21 11:12 - 000001442 _____ C:\Users\jmgna\Desktop\Navigateur Opera GX.lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-03-22 15:48 - 2019-06-02 13:57 - 000000000 ____D C:\Program Files (x86)\Google 2022-03-22 15:46 - 2019-09-22 15:48 - 000000000 ____D C:\FRST 2022-03-22 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-03-22 15:33 - 2016-05-05 06:07 - 000000000 __SHD C:\Users\jmgna\IntelGraphicsProfiles 2022-03-22 11:11 - 2020-06-16 15:39 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MediaMonkey 2022-03-22 10:53 - 2019-06-02 15:17 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\AIMP 2022-03-22 10:36 - 2021-11-24 08:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\TeraCopy 2022-03-22 10:36 - 2020-11-01 14:39 - 000000000 ____D C:\Users\jmgna 2022-03-22 09:20 - 2016-12-16 16:49 - 000000000 ____D C:\Ma Musique 2022-03-22 09:19 - 2016-05-12 06:33 - 000000000 ___RD C:\Users\jmgna\3D Objects 2022-03-22 08:58 - 2022-01-02 10:08 - 000000000 ____D C:\Users\jmgna\Downloads\PMT Avril 2022 2022-03-22 08:58 - 2021-10-22 18:01 - 000000000 ____D C:\Users\jmgna\Documents\Sanitas 2022 2022-03-21 20:46 - 2019-06-02 16:12 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MusicBee 2022-03-21 19:30 - 2020-11-02 07:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-03-21 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-03-21 16:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-03-21 15:49 - 2020-11-10 10:41 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job 2022-03-21 15:49 - 2019-08-21 18:34 - 000000000 ____D C:\Program Files\CCleaner 2022-03-21 15:11 - 2020-11-02 07:37 - 001778692 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-03-21 15:11 - 2019-12-07 15:49 - 000795802 _____ C:\WINDOWS\system32\perfh00C.dat 2022-03-21 15:11 - 2019-12-07 15:49 - 000151166 _____ C:\WINDOWS\system32\perfc00C.dat 2022-03-21 15:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-03-21 14:41 - 2019-07-08 11:44 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\ZHP 2022-03-21 14:08 - 2021-08-08 07:34 - 000000000 ____D C:\Users\jmgna\Downloads\Logiciel 2022-03-21 13:38 - 2019-06-02 15:23 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\audacity 2022-03-21 13:35 - 2020-07-28 08:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-03-21 13:35 - 2020-07-28 08:30 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-03-21 13:29 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2022-03-21 13:28 - 2020-11-02 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-03-21 13:28 - 2020-11-02 07:16 - 000008192 ___SH C:\DumpStack.log.tmp 2022-03-21 13:27 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2022-03-21 11:09 - 2022-01-19 18:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Telegram Desktop 2022-03-21 11:09 - 2021-10-05 13:00 - 000000000 ___HD C:\Users\jmgna\AppData\Local\cache 2022-03-21 11:09 - 2021-04-07 08:06 - 000000000 ____D C:\WINDOWS\Minidump 2022-03-21 11:09 - 2020-12-30 15:48 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-03-21 11:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX3 2022-03-21 11:09 - 2019-06-02 13:38 - 000000000 ____D C:\WINDOWS\system32\DAX2 2022-03-21 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration 2022-03-21 10:43 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Local\Spotify 2022-03-21 10:07 - 2021-11-12 17:05 - 000027795 ___SH C:\Users\jmgna\Downloads\Folder.jpg.ssoi 2022-03-21 10:07 - 2021-11-12 17:05 - 000006839 ___SH C:\Users\jmgna\Downloads\AlbumArtSmall.jpg.ssoi 2022-03-21 10:07 - 2019-05-22 16:13 - 000000496 ____H C:\Users\jmgna\Documents\~$dio MP3.rtf.ssoi 2022-03-21 10:07 - 2017-05-17 09:30 - 000053582 ____H C:\Users\jmgna\Downloads\Thumbs.db.ssoi 2022-03-21 10:07 - 2017-02-21 17:10 - 000000496 ____H C:\Users\jmgna\Downloads\~$Doc1.pdf.ssoi 2022-03-21 10:05 - 2021-11-12 20:30 - 000000000 ___HD C:\Users\jmgna\.obs64 2022-03-21 10:05 - 2020-03-26 08:30 - 003293670 _____ C:\Users\jmgna\ZHPCleaner.exe.ssoi 2022-03-21 10:05 - 2018-11-06 16:18 - 000000000 ____D C:\Users\jmgna\.gimp-2.8 2022-03-21 10:05 - 2018-09-06 10:15 - 000000000 ____D C:\Users\jmgna\.config 2022-03-21 10:05 - 2017-07-29 17:36 - 000000622 _____ C:\Users\jmgna\moi nouveau.sde.ssoi 2022-03-21 10:05 - 2017-07-23 15:56 - 000000366 _____ C:\Users\jmgna\.gtk-bookmarks.ssoi 2022-03-21 10:05 - 2016-12-21 20:19 - 000000000 ___HD C:\Users\jmgna\.obs32 2022-03-21 10:05 - 2016-10-28 10:34 - 000000000 ____D C:\Users\jmgna\.android 2022-03-21 10:05 - 2016-06-22 14:22 - 002662734 _____ C:\Users\jmgna\ZHPDiag3.exe.ssoi 2022-03-21 10:05 - 2016-05-07 07:21 - 000000000 ____D C:\Users\jmgna\.oracle_jre_usage 2022-03-21 09:06 - 2016-05-06 20:22 - 000000000 ____D C:\AdwCleaner 2022-03-21 08:18 - 2019-05-16 10:21 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sidify 2022-03-21 07:57 - 2019-12-07 10:03 - 027000832 _____ C:\WINDOWS\system32\config\BCD000000 2022-03-21 07:45 - 2019-06-02 16:24 - 000000000 ____D C:\Program Files (x86)\Sidify 2022-03-19 09:00 - 2021-01-28 11:34 - 000000879 _____ C:\Users\jmgna\Desktop\ZHPCleaner.lnk 2022-03-19 08:33 - 2020-01-07 16:48 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\MPC-HC 2022-03-18 09:27 - 2021-06-16 08:54 - 000000606 _____ C:\WINDOWS\Tasks\Adobe Acrobat Update Task.job 2022-03-18 09:26 - 2021-11-29 10:28 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-03-18 09:26 - 2021-11-29 10:28 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-03-16 20:16 - 2019-06-04 09:22 - 000000000 ____D C:\Users\jmgna\AppData\Local\babl-0.1 2022-03-16 17:03 - 2019-06-19 18:20 - 000000000 ____D C:\Users\jmgna\AppData\Local\gtk-2.0 2022-03-16 13:39 - 2018-09-04 19:52 - 000001127 _____ C:\Users\jmgna\Desktop\S E R I E S.lnk 2022-03-15 08:00 - 2019-06-25 09:38 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\spek 2022-03-15 07:07 - 2019-06-02 13:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-11 19:52 - 2020-11-02 07:16 - 000475312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2022-03-11 19:46 - 2020-11-01 12:08 - 000000000 ___SD C:\WINDOWS\system32\lxss 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-03-11 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-03-11 19:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-03-11 09:23 - 2020-09-30 16:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-03-11 09:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-03-11 09:08 - 2020-11-02 07:21 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-03-11 07:59 - 2019-06-03 08:45 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-11 07:54 - 2019-06-03 08:45 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-03-03 10:57 - 2021-10-27 10:04 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Spotify 2022-03-01 16:02 - 2019-06-15 21:03 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\uTorrent 2022-03-01 15:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-02-27 16:07 - 2019-06-07 17:19 - 000000000 ____D C:\Users\jmgna\AppData\Local\BitTorrentHelper 2022-02-26 13:51 - 2021-09-22 08:43 - 000000000 ____D C:\Users\jmgna\Documents\26.02.2022 2022-02-21 11:54 - 2022-02-19 20:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-02-21 11:13 - 2021-04-14 16:26 - 000000000 ____D C:\Users\jmgna\AppData\Local\Opera Software 2022-02-21 11:11 - 2021-08-11 07:57 - 000000000 ____D C:\Users\jmgna\AppData\Roaming\Opera Software 2022-02-20 12:21 - 2016-11-18 14:54 - 000000000 ____D C:\Users\jmgna\AppData\LocalLow\Mozilla ==================== Fichiers à la racine de certains dossiers ======== 2019-06-21 10:21 - 2018-09-12 14:15 - 000000160 _____ () C:\ProgramData\dbdacm.dll 2020-03-26 08:30 - 2022-02-18 14:13 - 003293336 _____ (Nicolas Coolman) C:\Users\jmgna\ZHPCleaner.exe 2016-06-22 14:22 - 2017-02-12 09:33 - 002662400 _____ () C:\Users\jmgna\ZHPDiag3.exe 2022-01-14 12:55 - 2022-01-14 12:55 - 000269824 ___SH () C:\Users\jmgna\AppData\Roaming\jwegddu 2022-03-21 08:54 - 2022-03-21 08:54 - 002492308 ___HT () C:\Users\jmgna\AppData\Roaming\lnOfnXe4.tmp 2022-03-21 09:06 - 2022-03-21 09:06 - 000000559 _____ () C:\Users\jmgna\AppData\Local\bowsakkdestx.txt 2022-03-16 17:03 - 2022-03-16 17:03 - 000010260 _____ () C:\Users\jmgna\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Chargeur de d‚marrage Windows ----------------------------- identificateur {11a09118-585a-11e8-a9c8-a268ef347b35} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery displaymessageoverride PushButtonReset osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{11a09119-585a-11e8-a9c8-a268ef347b35} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a} displaymessageoverride PushButtonReset recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {e466e2c7-853a-11e9-af0b-bc15b8ac668a} nx OptIn bootmenupolicy Standard usefirmwarepcisettings No Chargeur de d‚marrage Windows ----------------------------- identificateur {e466e2ca-853a-11e9-af0b-bc15b8ac668a} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a} bootstatdevice partition=C: path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR bootstatfilepath \$SysReset\Logs\WinRE\bootstat.dat inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e466e2cb-853a-11e9-af0b-bc15b8ac668a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {e466e2c7-853a-11e9-af0b-bc15b8ac668a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {e466e2ca-853a-11e9-af0b-bc15b8ac668a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {e466e2cb-853a-11e9-af0b-bc15b8ac668a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================