Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01 Exécuté par RD (administrateur) sur ROLDIC (Dell Inc. Inspiron 3847) (30-01-2024 08:25:16) Exécuté depuis C:\Users\RD\Desktop\FRST64.exe Profils chargés: RD Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe ->) (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe ->) (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4> (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (services.exe ->) (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (Microsoft Corporation -> StoreDesktopExtension) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22312.1401.5.0_x64__8wekyb3d8bbwe\WinStore.DesktopExtension\StoreDesktopExtension.exe (svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22312.1401.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123168680 2023-09-22] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C50EC13EE51E051A95E7B88F64E34F0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31346456 2023-11-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\LANTER~1.SCR [2047664 2015-12-26] (3Planesoft (Panichev Igor Valentinovich IP) -> 3Planesoft) HKLM\...\Windows x64\Print Processors\Canon MG6400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBT.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series: C:\WINDOWS\system32\CNMLMBT.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-05-23] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2020-10-14] ShortcutTarget: Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Raccourci.lnk [2020-10-27] ShortcutTarget: thunderbird.exe - Raccourci.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Raccourci.lnk [2022-03-17] ShortcutTarget: firefox.exe - Raccourci.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Raccourci.lnk [2022-03-17] ShortcutTarget: thunderbird.exe - Raccourci.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {7C272851-54EB-44F2-B3D1-A881865EC198} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {F3438DA9-235C-4125-B611-9B9CA9CC5A36} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "a0e0eff8-b09a-4085-ab5e-8433298bfa6a" --version "6.20.10897" --silent Task: {780272DE-E5A1-4A4E-90AC-D40B33CC1E89} - System32\Tasks\CCleanerSkipUAC - RD => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {10686CC9-CF22-4D11-9EF3-A8089B4F94E6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink Corp. -> CyberLink) Task: {13D025B2-653D-448A-B103-D199DCCD0423} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc) Task: {380D2C0E-1F18-4DC0-A087-3FE374C7D30C} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc) Task: {D5C74105-7CE3-4143-94F1-6EB6445ADB30} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-11-08] (Garmin International, Inc. -> ) Task: {D6F1F4C1-1DC0-42F3-8007-916836585D08} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.8{9719CE3C-DC42-48ED-ADB9-CB60E69311D0} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.8\updater.exe [4657440 2024-01-26] (Google LLC -> Google LLC) <==== ATTENTION Task: {853FDE2A-9C63-4D42-91FD-F206F971E4A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {540D85AE-CAB0-434F-A0C7-F498FB949CF2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {17384195-BF07-4AE0-98B5-A91801D8E159} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218048 2024-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {9B73DD0D-E567-4D27-B21A-A8484E66F993} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218048 2024-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {35E09C9E-013D-40EF-B725-59F97BD17464} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {0A6507D1-216F-40A5-8DF5-20020073BFF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1506CB1B-E265-4032-861D-23B331AC7F95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2894DDE1-BE60-42C4-984B-5C4384E24C5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BE6B150F-EE9E-434B-973B-6F9A316A4EA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {56DE1B7D-EF05-4A43-AE59-CA3DC1D99ECA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-23] (Mozilla Corporation -> Mozilla Foundation) Task: {B657A148-578E-48D3-B8F2-CF0C2675D674} - System32\Tasks\RD DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) Task: {07842194-C40A-4C1C-9E21-938C48774825} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1964832 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{482b4d02-b2b9-42ce-aa73-9d2eabf9ab4f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{482b4d02-b2b9-42ce-aa73-9d2eabf9ab4f}: [DhcpDomain] home Tcpip\..\Interfaces\{7745954f-d280-4f8f-a50b-9b94d395ce0a}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{e2c65305-0d6f-4aa6-a7d7-0bc3a1994eb7}: [DhcpNameServer] 192.168.0.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\RD\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-29] Edge HomePage: Default -> hxxps://duckduckgo.com/?atb=v257-2__&atb=v257-2__ Edge Extension: (Google Docs hors connexion) - C:\Users\RD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-26] Edge Extension: (Edge relevant text changes) - C:\Users\RD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26] FireFox: ======== FF DefaultProfile: yi53dg0h.default-1577089755216 FF ProfilePath: C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 [2024-01-30] FF Homepage: Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 -> hxxps://www.startpage.com/?sc=wCTNEZZc9sGh20 FF Notifications: Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 -> hxxps://reaction19.fr; hxxps://ripostelaique.com; hxxps://pierrecassen.com; hxxps://www.orange.ma; hxxps://qltuh.abyssalminer.top; hxxps://a.veinmaster.top FF Extension: (Facebook Container) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\@contain-facebook.xpi [2023-07-25] FF Extension: (Expressionist – Bold) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\expressionist-bold-colorway@mozilla.org.xpi [2023-03-15] FF Extension: (To Google Translate) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23] FF Extension: (clean-facebook) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2021-09-21] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-12-13] FF Extension: (Correcteur d’orthographe et de grammaire — LanguageTool) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\languagetool-webextension@languagetool.org.xpi [2023-11-29] FF Extension: (uBlock Origin) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\uBlock0@raymondhill.net.xpi [2024-01-09] FF Extension: (Flagfox) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2024-01-04] FF Extension: (Startpage - recherche privé) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2023-12-09] FF Extension: (Video DownloadHelper) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-01-11] FF Extension: (Blue Gradient Contrast) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{e183ff14-bc19-4198-9b3b-cad34dceea60}.xpi [2021-03-09] FF Extension: (Blueprint) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{f2cd84b1-dd5c-40d8-905c-95a91ef7ae12}.xpi [2022-02-23] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2021-09-29] [non signé] FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default [2022-03-14] CHR Extension: (Docs) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-16] CHR Extension: (Google Drive) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-16] CHR Extension: (YouTube) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-16] CHR Extension: (Google Sheets) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-16] CHR Extension: (Google Docs hors connexion) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-16] CHR Extension: (Gmail) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-16] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-13] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.) S2 GoogleUpdaterInternalService122.0.6253.8; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.8\updater.exe [4657440 2024-01-26] (Google LLC -> Google LLC) <==== ATTENTION S2 GoogleUpdaterService122.0.6253.8; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.8\updater.exe [4657440 2024-01-26] (Google LLC -> Google LLC) <==== ATTENTION R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-20] (HP Inc. -> HP Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> ) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-26] (Malwarebytes Inc. -> Malwarebytes) R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (Dell Inc. -> SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6636376 2019-12-04] (TeamViewer GmbH -> TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BthMtpEnum; C:\WINDOWS\System32\drivers\BthMtpEnum.sys [73216 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2020-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-30 08:25 - 2024-01-30 08:26 - 000029509 _____ C:\Users\RD\Desktop\FRST.txt 2024-01-30 08:24 - 2024-01-30 08:26 - 000000000 ____D C:\FRST 2024-01-30 08:22 - 2024-01-30 08:22 - 000210374 _____ C:\Users\RD\Desktop\ZHPDiag.txt 2024-01-30 08:11 - 2024-01-30 08:11 - 000000902 _____ C:\Users\RD\Desktop\ZHPSuite.lnk 2024-01-30 08:11 - 2024-01-30 08:11 - 000000000 ____D C:\Users\RD\AppData\Local\ZHP 2024-01-30 04:52 - 2024-01-30 04:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2024-01-29 10:04 - 2024-01-29 10:04 - 002389504 _____ (Farbar) C:\Users\RD\Desktop\FRST64.exe 2024-01-28 17:52 - 2024-01-28 17:52 - 000013511 _____ C:\Users\RD\Desktop\Demade d'aide PCAstuces.odt 2024-01-26 18:25 - 2024-01-26 18:25 - 000001520 _____ C:\Users\RD\Desktop\Analyse du 26.01.2024.txt 2024-01-24 18:14 - 2024-01-24 18:14 - 000002204 _____ C:\Users\RD\Documents\cc_20240124_181404.reg 2024-01-23 05:04 - 2024-01-23 05:04 - 000002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2024-01-23 05:04 - 2024-01-23 05:04 - 000000000 ____D C:\Program Files\Google 2024-01-21 09:23 - 2024-01-21 09:23 - 000002164 _____ C:\Users\RD\Desktop\Garmin Express.lnk 2024-01-21 09:20 - 2024-01-21 09:20 - 000003626 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask 2024-01-20 04:56 - 2024-01-20 04:56 - 000000000 ___HD C:\$WinREAgent 2024-01-18 17:29 - 2024-01-20 07:48 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-01-18 17:29 - 2024-01-18 17:29 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-01-18 17:29 - 2024-01-18 17:29 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-01-16 07:48 - 2024-01-16 07:48 - 000034663 _____ C:\Users\RD\Downloads\woM1XYBy 2024-01-16 07:48 - 2024-01-16 07:48 - 000034663 _____ C:\Users\RD\Downloads\R3nxVzJQ 2024-01-16 07:47 - 2024-01-16 07:47 - 000034663 _____ C:\Users\RD\Downloads\cjGEveAX 2024-01-10 10:11 - 2024-01-10 10:11 - 000044669 _____ C:\Users\RD\Downloads\listeOperations-2.pdf 2024-01-03 10:14 - 2024-01-03 10:14 - 000171978 _____ C:\Users\RD\Downloads\PaiementTiers08122023-2.pdf 2024-01-03 10:14 - 2024-01-03 10:14 - 000171516 _____ C:\Users\RD\Downloads\PaiementTiers10112023-1.pdf 2024-01-03 10:13 - 2024-01-03 10:13 - 000171978 _____ C:\Users\RD\Downloads\PaiementTiers08122023-1.pdf 2024-01-03 10:12 - 2024-01-03 10:12 - 000171978 _____ C:\Users\RD\Downloads\PaiementTiers08122023.pdf 2024-01-03 10:12 - 2024-01-03 10:12 - 000171940 _____ C:\Users\RD\Downloads\PaiementTiers13112023.pdf 2024-01-03 10:12 - 2024-01-03 10:12 - 000171516 _____ C:\Users\RD\Desktop\Remboursement Neurologue H.Sofiene.pdf 2024-01-03 10:09 - 2024-01-03 10:09 - 000171516 _____ C:\Users\RD\Downloads\PaiementTiers10112023.pdf 2024-01-03 10:07 - 2024-01-03 10:07 - 000161064 _____ C:\Users\RD\Desktop\AttestationDroits 2024.2025.pdf 2023-12-18 18:22 - 2023-12-18 18:22 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-18 18:11 - 2023-12-18 18:11 - 012140960 _____ (Tim Kosse) C:\Users\RD\Downloads\FileZilla_3.64.0_win64-setup.exe 2023-12-13 11:10 - 2023-12-13 11:10 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-12-12 18:08 - 2023-12-12 18:08 - 000208369 _____ C:\Users\RD\Desktop\Pieds Paquets.odt 2023-12-08 04:54 - 2023-12-08 04:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2023-12-06 11:31 - 2023-12-06 11:31 - 000115167 _____ C:\Users\RD\Desktop\DIag_ Neurologue .11.2023 (V) .pdf 2023-12-06 11:29 - 2023-12-06 11:29 - 000175691 _____ C:\Users\RD\Desktop\Diag_Neurologue _Rec.pdf 2023-12-06 10:36 - 2023-12-06 10:36 - 000001563 _____ C:\Users\RD\Desktop\29-12-2023-a-10h30.ics 2023-12-06 10:32 - 2023-12-06 10:32 - 001340160 _____ (Solvusoft Corporation) C:\Users\RD\Downloads\Setup_FileViewPro_2024.exe 2023-12-06 10:23 - 2023-12-06 10:23 - 000061308 _____ C:\Users\RD\Desktop\Dr_Martin__Hématologue.pdf 2023-11-30 09:39 - 2023-11-30 09:39 - 000138745 _____ C:\Users\RD\Downloads\PROBTP-Echéancier Info Tarif-14 11 2023-1.pdf 2023-11-30 09:38 - 2023-11-30 09:38 - 000137627 _____ C:\Users\RD\Downloads\PROBTP-Echéancier Info Tarif-18 11 2022.pdf 2023-11-20 17:52 - 2023-11-20 17:52 - 000003116 _____ C:\Users\RD\Documents\cc_20231120_175212.reg 2023-11-15 11:14 - 2023-11-15 11:14 - 002581176 _____ C:\Users\RD\Downloads\2LR avec AR Free envoyée le 2023-11-15.pdf 2023-11-15 10:27 - 2023-11-15 10:27 - 000067236 _____ C:\Users\RD\Downloads\PROBTP-Les règlements-CG de vos contrats-03 04 2023.pdf 2023-11-15 10:17 - 2023-11-15 10:17 - 000138745 _____ C:\Users\RD\Downloads\PROBTP-Echéancier Info Tarif-14 11 2023.pdf 2023-11-15 10:15 - 2023-11-15 10:15 - 000226805 _____ C:\Users\RD\Downloads\PROBTP-CARTE TIERS PAYANT COULEUR-23 10 2023.pdf 2023-11-14 08:18 - 2023-11-14 08:18 - 000013990 _____ C:\Users\RD\Desktop\Retour Free.odt 2023-11-10 18:24 - 2023-11-10 18:24 - 000003648 _____ C:\Users\RD\Documents\cc_20231110_182436.reg 2023-11-08 10:17 - 2023-11-08 10:17 - 000123928 _____ C:\Users\RD\Downloads\gedCli-Mail-FAÇADES COMMANDE-20231102-174101-830360190-202311-0217-1.pdf 2023-11-08 10:16 - 2023-11-08 10:16 - 000131698 _____ C:\Users\RD\Downloads\0491065425-Contrat LIVEBOX-1.pdf 2023-11-08 10:16 - 2023-11-08 10:16 - 000123928 _____ C:\Users\RD\Downloads\gedCli-Mail-FAÇADES COMMANDE-20231102-174101-830360190-202311-0217.pdf 2023-11-08 10:15 - 2023-11-08 10:15 - 000009263 _____ C:\Users\RD\Downloads\gedCli-Mail-MYSHOP-20231102-173800-830359735-202311-0217.pdf 2023-11-06 11:01 - 2023-11-06 11:01 - 000188715 _____ C:\Users\RD\Downloads\Attestation domicile EDF.pdf 2023-11-04 14:44 - 2023-11-04 14:44 - 000423806 _____ C:\Users\RD\Downloads\F114970-1.pdf 2023-11-02 17:22 - 2023-11-02 17:22 - 000131698 _____ C:\Users\RD\Desktop\Conditions Particulieres 11090198146328898.pdf 2023-11-02 08:19 - 2023-11-02 08:19 - 000423806 _____ C:\Users\RD\Downloads\F114970.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-30 08:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-01-30 08:22 - 2022-03-08 16:21 - 000000000 ____D C:\Users\RD\AppData\Roaming\ZHP 2024-01-30 06:38 - 2020-08-03 11:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-01-30 04:58 - 2014-08-04 23:16 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2024-01-30 04:55 - 2022-02-13 19:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-01-30 04:53 - 2023-04-23 19:18 - 000000000 ____D C:\Users\RD\AppData\Local\Malwarebytes 2024-01-30 04:52 - 2016-01-20 19:18 - 000000000 __SHD C:\Users\RD\IntelGraphicsProfiles 2024-01-29 08:19 - 2014-10-27 07:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-01-28 06:04 - 2021-12-20 17:52 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-01-28 05:07 - 2020-07-21 05:14 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-28 05:07 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-01-28 05:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-01-26 18:50 - 2020-08-03 11:49 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-01-26 18:50 - 2019-12-07 15:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2024-01-26 18:50 - 2019-12-07 15:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2024-01-26 18:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-01-26 18:43 - 2022-02-22 10:30 - 000008192 ___SH C:\DumpStack.log.tmp 2024-01-26 18:43 - 2020-08-03 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-01-26 18:42 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2024-01-26 17:55 - 2020-08-03 11:36 - 000000000 ____D C:\Users\RD 2024-01-26 17:49 - 2017-10-28 09:24 - 000000000 ____D C:\Program Files\CCleaner 2024-01-26 17:33 - 2022-03-11 06:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2024-01-26 17:33 - 2022-03-06 11:10 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-01-25 07:45 - 2020-11-01 08:31 - 000000000 ____D C:\Users\RD\AppData\Roaming\Telegram Desktop 2024-01-24 18:01 - 2014-10-30 10:06 - 000000000 ____D C:\Users\RD\AppData\Local\CrashDumps 2024-01-21 09:21 - 2017-07-12 15:46 - 000000000 ____D C:\ProgramData\Garmin 2024-01-21 09:20 - 2018-06-12 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2024-01-21 09:20 - 2017-07-12 15:46 - 000000000 ____D C:\Program Files (x86)\Garmin 2024-01-21 09:20 - 2014-10-30 16:16 - 000000000 ____D C:\ProgramData\Package Cache 2024-01-21 09:17 - 2017-07-12 15:46 - 000000000 ____D C:\Users\RD\AppData\Roaming\Garmin 2024-01-20 11:06 - 2021-05-19 04:35 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-01-20 10:30 - 2021-04-10 04:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2024-01-20 07:49 - 2020-08-03 11:33 - 000487064 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-01-20 07:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-01-20 05:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-01-13 18:23 - 2014-08-04 23:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-01-12 04:56 - 2019-11-13 05:52 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-01-11 05:13 - 2014-10-25 13:00 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-11 05:09 - 2014-10-25 13:00 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2014-11-13 10:21 - 2014-11-13 10:22 - 000000236 _____ () C:\Users\RD\AppData\Roaming\burnaware.ini 2015-05-10 09:44 - 2021-08-08 16:21 - 000008192 _____ () C:\Users\RD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-17 11:08 - 2015-03-17 11:08 - 000000017 _____ () C:\Users\RD\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2013-08-22 12:45 - 2013-08-22 12:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 12:43 - 2013-08-22 12:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll 2017-01-23 16:26 - 2014-05-13 21:06 - 000440320 _____ (Atheros) C:\WINDOWS\system32\athihvs.dll 2017-01-23 16:26 - 2014-05-13 21:07 - 000060416 _____ (Atheros) C:\WINDOWS\system32\athihvui.dll 2016-07-13 10:38 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-04-14 05:46 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2015-04-17 05:57 - 2014-10-29 02:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe 2015-04-17 06:02 - 2014-10-29 02:54 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2017-05-10 09:39 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2014-10-25 12:51 - 2014-07-10 05:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2015-09-09 05:08 - 2015-07-22 15:19 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2015-04-15 05:23 - 2015-03-14 02:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-01-29 17:01 - 2015-01-29 17:05 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe 2015-01-29 17:01 - 2015-01-29 17:05 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE 2013-08-22 05:17 - 2013-08-22 05:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2017-03-15 07:06 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2013-08-27 22:00 - 2013-08-27 22:00 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-10-30 08:19 - 2016-09-14 05:25 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 08:19 - 2016-09-14 05:25 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2000-10-02 08:40 - 2000-10-02 08:40 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2024-01-29 10:04 - 2024-01-29 10:04 - 002389504 _____ (Farbar) C:\Users\RD\Desktop\FRST64.exe 2017-02-13 10:47 - 2017-02-13 10:48 - 001381582 _____ (Igor Pavlov) C:\Users\RD\Downloads\7z1604-x64.exe 2014-10-31 17:03 - 2014-10-31 17:03 - 001110476 _____ C:\Users\RD\Downloads\7z920.exe 2018-08-03 13:28 - 2018-08-03 13:32 - 061576084 _____ (Garmin Ltd or its subsidiaries) C:\Users\RD\Downloads\BaseCamp_470.exe 2019-01-13 16:14 - 2019-01-13 16:14 - 010961644 _____ (Oleg N. Scherbakov) C:\Users\RD\Downloads\captvty-2.7.9-autoextract.exe 2017-02-22 10:59 - 2017-02-09 15:48 - 002401792 _____ () C:\Users\RD\Downloads\Captvty.exe 2014-12-10 10:01 - 2014-12-10 10:01 - 003782822 _____ (DownloadHelper ) C:\Users\RD\Downloads\ConvertHelperSetup.exe 2015-04-28 15:52 - 2015-04-28 15:52 - 000417064 _____ () C:\Users\RD\Downloads\DellSystemDetectLauncher.exe 2014-10-25 15:01 - 2014-10-25 15:02 - 020032561 _____ (Circitor ) C:\Users\RD\Downloads\e-verbe_Setup.exe 2016-08-18 00:24 - 2016-08-18 00:26 - 005261690 _____ C:\Users\RD\Downloads\Emoticon.sfx.exe 2014-10-31 17:05 - 2014-10-31 17:05 - 004179293 _____ (Lavalys, Inc. ) C:\Users\RD\Downloads\everesthome220.exe 2014-11-03 11:32 - 2014-11-03 11:32 - 005816666 _____ ( ) C:\Users\RD\Downloads\La_Marmite_du_Chef_6.6.33.exe 2014-10-27 16:19 - 2014-10-27 16:20 - 029874045 _____ (Murielle Descerisiers ) C:\Users\RD\Downloads\Littre-windows-2.0.exe 2016-11-20 17:06 - 2016-11-20 17:11 - 072119403 _____ (Mediatronic Pty Ltd) C:\Users\RD\Downloads\MediaCoder-x64-0.8.47.5872.exe 2014-11-01 10:00 - 2014-11-01 10:00 - 000593160 _____ (Pierre TORRIS ) C:\Users\RD\Downloads\melquote.exe 2014-10-25 15:13 - 2014-10-25 15:13 - 005200936 _____ C:\Users\RD\Downloads\pf7-setup-fr.exe 2019-07-23 10:14 - 2019-07-23 10:14 - 000991903 _____ C:\Users\RD\Downloads\QTranslate.6.7.3.exe 2014-08-13 10:16 - 2014-08-13 10:16 - 000478720 _____ C:\Users\RD\Downloads\setup.exe 2016-06-14 10:14 - 2016-06-14 10:15 - 000551103 _____ (Infoadom 38 ) C:\Users\RD\Downloads\setup_USB-set.exe 2019-05-01 15:08 - 2019-05-01 15:10 - 039926376 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.2.4.exe 2019-12-23 15:21 - 2019-12-23 15:23 - 042548424 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.3.0(1).exe 2019-09-06 09:14 - 2019-09-06 09:16 - 042548424 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.3.0.exe 2020-05-11 08:58 - 2020-05-11 09:00 - 043467824 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.5.0.exe 2020-12-17 07:31 - 2020-12-17 07:33 - 044757608 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.6.0.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {de184c8e-1c34-11e4-adc1-f8bc128429dc} {de184c89-1c34-11e4-adc1-f8bc128429dc} {de184c8a-1c34-11e4-adc1-f8bc128429dc} {de184c8b-1c34-11e4-adc1-f8bc128429dc} {8a49b5ac-17ff-11e4-8e61-90b11c82c2f8} {8a49b5ad-17ff-11e4-8e61-90b11c82c2f8} {92156eef-1c22-11e4-8251-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {8a49b5ac-17ff-11e4-8e61-90b11c82c2f8} description P0: WDC WD10EZEX-75M2NA0 Application logicielle (101fffff) -------------------------------- identificateur {8a49b5ad-17ff-11e4-8e61-90b11c82c2f8} description P4: PLDS DVD+/-RW DH-16AES Application logicielle (101fffff) -------------------------------- identificateur {92156eef-1c22-11e4-8251-806e6f6e6963} description Realtek PXE B03 D00 Application logicielle (101fffff) -------------------------------- identificateur {de184c89-1c34-11e4-adc1-f8bc128429dc} description Realtek PXE B03 D00 Application logicielle (101fffff) -------------------------------- identificateur {de184c8a-1c34-11e4-adc1-f8bc128429dc} description P0: WDC WD10EZEX-75M2NA0 Application logicielle (101fffff) -------------------------------- identificateur {de184c8b-1c34-11e4-adc1-f8bc128429dc} description P4: PLDS DVD+/-RW DH-16AES Application logicielle (101fffff) -------------------------------- identificateur {de184c8e-1c34-11e4-adc1-f8bc128429dc} device partition=\Device\HarddiskVolume1 path \EFI\BOOT\BOOTX64.EFI description UEFI OS Chargeur de démarrage Windows ----------------------------- identificateur {c1cb4eef-522a-11e8-8e2a-c0dd76be284c} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c1cb4ef0-522a-11e8-8e2a-c0dd76be284c} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c1cb4ef0-522a-11e8-8e2a-c0dd76be284c} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{eec617ea-d57c-11ea-977e-b2a25f2b7ee0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{eec617ea-d57c-11ea-977e-b2a25f2b7ee0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {eec617ea-d57c-11ea-977e-b2a25f2b7ee0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================