Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 22.01.2024 Exécuté par cauli (administrateur) sur DESKTOP-HJ5G50R (MSI MS-7721) (22-01-2024 17:59:00) Exécuté depuis C:\Users\cauli\Downloads\FRST64.exe Profils chargés: cauli Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\OpenVPN\bin\openvpnserv.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe (C:\Users\cauli\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\cauli\AppData\Local\Programs\Opera\106.0.4998.52\opera_crashreporter.exe (explorer.exe ->) (AgileBits Inc.) [Fichier non signé] C:\Users\cauli\AppData\Local\1Password\app\7\1Password.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\cauli\AppData\Local\FluxSoftware\Flux\flux.exe (explorer.exe ->) (Microsoft Corporation) [Fichier non signé] C:\ProgramData\Assembly\ExtExport.exe (explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Opera Norway AS -> Opera Software) C:\Users\cauli\AppData\Local\Programs\Opera\opera.exe <22> (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe (services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvak.inf_amd64_355ca23dd63f0b3b\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102800 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [ACUW12FR] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\acdIDInTouch2.exe [2145752 2018-08-16] (ACD Systems International Inc. -> ACD Systems) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [4495808 2023-11-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\Installer\setup.exe [4650552 2024-01-20] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Policies\Explorer: [NoThumbnailCache] 0 HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0 HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [f.lux] => C:\Users\cauli\AppData\Local\FluxSoftware\Flux\flux.exe [1527928 2023-12-06] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [800120 2021-02-24] (OpenVPN Inc. -> ) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [1Password] => C:\Users\cauli\AppData\Local\1Password\app\7\1Password.exe [5318144 2019-04-22] (AgileBits Inc.) [Fichier non signé] HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [com.messenger] => "C:\Users\cauli\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (Pas de fichier) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [ACDSeeCommanderUltimate12] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe [4987368 2018-10-22] (ACD Systems International Inc. -> ) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [Opera Stable] => C:\Users\cauli\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-18] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Run: [MicrosoftEdgeAutoLaunch_DB1B3A68C7DBDF22034974F7188733D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\RunOnce: [!BingChatInstaller.exe] => C:\Windows\Temp\MUBSTemp\BingChatInstaller.exe [17685536 2024-01-15] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Policies\Explorer: [NoThumbnailCache] 0 HKU\S-1-5-21-1005590070-1944480240-3661502221-1001\...\Policies\Explorer: [DisableThumbnailCache] 0 HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2018-02-02] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [285232 2022-06-22] (Wondershare Technology Co.,Ltd -> Wondershare Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" InternetURL: C:\Users\cauli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ExtExport.org.url -> URL: file:///C:\PROGRA~3\Assembly\ExtExport.exe BootExecute: autocheck autochk * ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {3CB04AD3-91CB-4893-9D11-B374240D5A24} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {11546143-50EE-4CBC-94B0-2FF8131F110E} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4845504 2023-11-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 11da9273-bca5-4a6e-a92e-2 (l'élément de données a 11 caractères en plus). Task: {DFD6E5C3-73F3-404C-9875-B0D94FFF2809} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7344064 2023-11-20] (AVG Technologies USA, LLC -> AVG Technologies) Task: {39BCB68C-B496-443E-9F6C-831812B51D2C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {9DACAFA2-F663-492E-9C48-32670D5F18A0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5550856 2023-12-13] (Microsoft Windows -> Microsoft Corporation) Task: {BA518C97-DCDF-4F54-B8D2-9A530A92F2ED} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-1005590070-1944480240-3661502221-1001 => C:\Users\cauli\AppData\Local\Programs\Messenger\MessengerHelper.exe [1883896 2022-09-30] (Facebook, Inc. -> Meta Platforms, Inc.) Task: {9738C98B-A687-4D9E-8605-A65E309FD68C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [666960 2022-11-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {4B4D5934-6819-4C1B-A237-D846D29650E2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [712016 2022-11-18] (Mozilla Corporation -> Mozilla Foundation) Task: {864B424F-23DD-4A29-8F5C-5110D3A5B77D} - System32\Tasks\Opera scheduled assistant Autoupdate 1582270519 => c:\users\cauli\appdata\local\programs\opera\launcher.exe [2350496 2024-01-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="c:\users\cauli\appdata\local\programs\opera\assistant" $(Arg0) Task: {D7235ADE-D120-4CF4-911F-16F985D6C7F3} - System32\Tasks\Opera scheduled Autoupdate 1561501258 => C:\Users\cauli\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-18] (Opera Norway AS -> Opera Software) Task: {B0F2D163-5C23-4F87-9EB0-DB9CBBFA04EF} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2023-12-13] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41984 2023-12-13] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [67072 2023-12-13] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [67072 2023-12-13] (Microsoft Windows -> Microsoft Corporation) Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 109.0.66.20 109.0.66.10 Tcpip\..\Interfaces\{75ba2f09-49d5-44c3-a42a-54ce39eac29c}: [DhcpNameServer] 109.0.66.20 109.0.66.10 Tcpip\..\Interfaces\{ac288f8c-5470-42f9-9e45-c7acbb0130bf}: [DhcpNameServer] 188.121.254.253 188.121.254.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\cauli\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-22] Edge Extension: (Google Docs hors connexion) - C:\Users\cauli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-20] Edge Extension: (Edge relevant text changes) - C:\Users\cauli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14] FireFox: ======== FF DefaultProfile: yyde7kuo.default FF ProfilePath: C:\Users\cauli\AppData\Roaming\Mozilla\Firefox\Profiles\yyde7kuo.default [2023-09-26] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\cauli\AppData\Roaming\Mozilla\Firefox\Profiles\yyde7kuo.default\Extensions\sp@avast.com.xpi [2019-06-24] FF Extension: (Avast Online Security) - C:\Users\cauli\AppData\Roaming\Mozilla\Firefox\Profiles\yyde7kuo.default\Extensions\wrc@avast.com.xpi [2019-06-24] FF ProfilePath: C:\Users\cauli\AppData\Roaming\Mozilla\Firefox\Profiles\j16oag7a.default-release-1563515665587 [2024-01-22] FF Notifications: Mozilla\Firefox\Profiles\j16oag7a.default-release-1563515665587 -> hxxps://www.lesbonsnumeros.com FF Extension: (1Password – Gestionnaire de mots de passe) - C:\Users\cauli\AppData\Roaming\Mozilla\Firefox\Profiles\j16oag7a.default-release-1563515665587\Extensions\{d634138d-c276-4fc8-924b-40a0ea21d284}.xpi [2024-01-07] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-02-18] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default [2023-09-26] CHR Extension: (Extension 1Password (app desktop requise)) - C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2019-07-12] CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-09-20] CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-09-20] CHR Extension: (Google Docs hors connexion) - C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cauli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-31] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] Opera: ======= OPR DefaultProfile: Default ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18267064 2023-11-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd -> Digital Wave Ltd.) S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2019-11-19] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes Corporation -> Malwarebytes) R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project) S3 RichVideo64; C:\Program Files\CyberLink\Shared Files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> ) S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_355ca23dd63f0b3b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_355ca23dd63f0b3b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-13] (Microsoft Corporation) [Fichier non signé] R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [19968 2015-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Cypress Semiconductor, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Dexetek) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes Corporation -> Malwarebytes) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2023-05-27] (Martin Malik - REALiX -> REALiX(tm)) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2024-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2024-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2024-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2024-01-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2024-01-22] (Malwarebytes Corporation -> Malwarebytes) S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> ) S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> ) S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.) S3 sprdvcom; C:\WINDOWS\system32\DRIVERS\sprdvcom.sys [46024 2023-03-05] (Beijing Unisoc Technologies Co., Ltd. -> SPRD Device) S3 SRS_SSCFilter; C:\WINDOWS\system32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] (SRS Labs, Inc -> ) S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2018-02-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-10-31] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2024-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2024-01-03] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-03] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-10-31] (WireGuard LLC -> WireGuard LLC) S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2022-12-08] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-22 17:59 - 2024-01-22 17:59 - 000025319 _____ C:\Users\cauli\Downloads\FRST.txt 2024-01-22 17:58 - 2024-01-22 17:59 - 000000000 ____D C:\FRST 2024-01-22 17:56 - 2024-01-22 17:56 - 002389504 _____ (Farbar) C:\Users\cauli\Downloads\FRST64.exe 2024-01-22 16:53 - 2024-01-22 16:53 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-01-22 14:58 - 2024-01-22 14:58 - 000531978 _____ C:\Users\cauli\Downloads\ZHPDiag 22janv24.html 2024-01-22 14:58 - 2024-01-22 14:58 - 000000000 ____D C:\Users\cauli\Downloads\ZHPDiag 22janv24_files 2024-01-22 14:50 - 2024-01-22 14:50 - 000425042 _____ C:\Users\cauli\Desktop\ZHPDiag.txt 2024-01-22 14:16 - 2024-01-22 14:17 - 003369120 _____ (Nicolas Coolman) C:\Users\cauli\Downloads\ZHPDiag3.exe 2024-01-22 09:40 - 2024-01-22 09:40 - 000004236 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1561501258 2024-01-22 09:40 - 2024-01-22 09:40 - 000001409 _____ C:\Users\cauli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2024-01-22 09:26 - 2024-01-22 09:26 - 000067336 _____ C:\Users\cauli\Downloads\XLD_ListView Drag_Drop.xlsm 2024-01-21 19:39 - 2024-01-22 13:53 - 000018018 _____ C:\Users\cauli\Downloads\demo pour cp4.xlsm 2024-01-21 18:26 - 2024-01-21 18:26 - 000070095 _____ C:\Users\cauli\Documents\monfichier444444.xlsm 2024-01-21 14:29 - 2024-01-21 14:29 - 000021625 _____ C:\Users\cauli\Downloads\USFListBoxTextrBox.zip 2024-01-21 09:31 - 2024-01-21 09:31 - 000071124 _____ C:\Users\cauli\Documents\Dept72.xlsm 2024-01-21 09:28 - 2024-01-21 09:28 - 000071120 _____ C:\Users\cauli\Documents\LE_MANS.xlsm 2024-01-21 09:17 - 2024-01-21 09:17 - 000069123 _____ C:\Users\cauli\Documents\monfichier3.xlsm 2024-01-20 15:56 - 2024-01-20 16:04 - 044934433 _____ C:\Users\cauli\Downloads\Mickey3735.pdf 2024-01-20 09:38 - 2024-01-20 09:38 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2024-01-20 09:37 - 2024-01-20 09:37 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2024-01-20 09:37 - 2024-01-20 09:37 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2024-01-20 09:37 - 2024-01-20 09:37 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2024-01-17 19:55 - 2024-01-17 19:55 - 000027145 _____ C:\Users\cauli\Downloads\USFDrag-N-Drop2.zip 2024-01-17 12:59 - 2024-01-17 13:07 - 044191068 _____ C:\Users\cauli\Downloads\Delices.Femmes.1.pdf 2024-01-16 18:29 - 2013-01-13 00:22 - 000049223 _____ (Kevin Subileau) C:\Users\cauli\Downloads\VBAPwdRemover.exe 2024-01-16 18:29 - 2013-01-13 00:18 - 001024014 _____ C:\Users\cauli\Downloads\libstdc++-6.dll 2024-01-16 18:29 - 2013-01-13 00:18 - 000119296 _____ C:\Users\cauli\Downloads\libgcc_s_dw2-1.dll 2024-01-16 18:29 - 2013-01-12 23:50 - 000101390 _____ C:\Users\cauli\Downloads\libz-1.dll 2024-01-16 18:29 - 2013-01-12 11:35 - 000426828 _____ C:\Users\cauli\Downloads\libzip-2.dll 2024-01-16 18:23 - 2024-01-16 18:26 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Notepad++ 2024-01-16 18:23 - 2024-01-16 18:23 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2024-01-16 18:23 - 2024-01-16 18:23 - 000000000 ____D C:\Program Files\Notepad++ 2024-01-16 10:40 - 2024-01-16 10:40 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VBA Password Bypasser 2024-01-16 10:40 - 2024-01-16 10:40 - 000000000 ____D C:\Program Files (x86)\Thegrideon Software 2024-01-16 10:35 - 2015-11-02 23:56 - 002225216 _____ (Thegrideon Software) C:\Users\cauli\Downloads\VBA Password Bypasser setup.exe 2024-01-14 10:24 - 2024-01-14 10:39 - 092864773 _____ C:\Users\cauli\Downloads\Cuisine_Actuelle_Hors-S_rie_-_Janvier-F_vrier_2024.pdf 2024-01-14 09:44 - 2024-01-14 10:05 - 076090822 _____ C:\Users\cauli\Downloads\Le_Chasseur_Fran_ais_Hors-S_rie_-_D_cembre_2023.pdf 2024-01-13 08:58 - 2024-01-13 09:39 - 151138943 _____ C:\Users\cauli\Downloads\Tresors.Picsou.65.pdf 2024-01-13 08:55 - 2024-01-13 09:03 - 047533441 _____ C:\Users\cauli\Downloads\Mickey3734.pdf 2024-01-12 19:09 - 2024-01-12 19:09 - 000000000 ____D C:\$OEM$ 2024-01-10 10:59 - 2024-01-10 10:59 - 000000000 ____D C:\Users\cauli\Downloads\FR401525 2024-01-07 13:33 - 2024-01-07 13:33 - 000051994 _____ C:\Users\cauli\Downloads\Ma Fiche technique.zip 2024-01-06 12:57 - 2024-01-06 12:57 - 000798938 _____ C:\Users\cauli\Downloads\Q-Dir_Portable.zip 2024-01-06 12:57 - 2024-01-06 12:57 - 000798363 _____ C:\Users\cauli\Downloads\Q-Dir_Installer.zip 2024-01-06 09:16 - 2024-01-06 09:16 - 000000000 ____D C:\Users\cauli\AppData\Roaming\HiBit StartUp Manager 2024-01-05 19:32 - 2023-09-26 23:25 - 001487488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-01-05 19:32 - 2023-09-26 23:25 - 001226880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-01-05 19:32 - 2023-09-26 23:25 - 000849096 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-01-05 19:32 - 2023-09-26 23:25 - 000849096 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-01-05 19:32 - 2023-09-26 23:25 - 000713928 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-01-05 19:32 - 2023-09-26 23:25 - 000713928 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-01-05 19:32 - 2023-09-26 23:25 - 000653512 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-01-05 19:32 - 2023-09-26 23:25 - 000653512 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-01-05 19:32 - 2023-09-26 23:25 - 000637128 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-01-05 19:32 - 2023-09-26 23:25 - 000637128 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-01-05 19:32 - 2023-09-26 23:21 - 000920728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-01-05 19:32 - 2023-09-26 23:21 - 000668800 _____ C:\WINDOWS\system32\nvofapi64.dll 2024-01-05 19:32 - 2023-09-26 23:21 - 000503936 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 002167936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 001621632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 001538192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 001195136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 000992384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-01-05 19:32 - 2023-09-26 23:20 - 000776240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-01-05 19:32 - 2023-09-26 23:20 - 000131576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2024-01-05 19:32 - 2023-09-26 23:19 - 000769176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-01-05 19:32 - 2023-09-26 23:19 - 000459392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-01-05 19:32 - 2023-09-26 23:18 - 014520984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 012066968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 006190744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 005845016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 005550640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 003483288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-01-05 19:32 - 2023-09-26 23:18 - 000853120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-01-05 19:32 - 2023-09-26 23:16 - 007858128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-01-05 19:32 - 2023-09-26 23:16 - 006738152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-01-05 19:32 - 2023-09-26 22:31 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb 2024-01-04 12:44 - 2024-01-04 12:44 - 000018571 _____ C:\Users\cauli\Downloads\sab49.xlsm 2024-01-04 12:06 - 2024-01-04 12:06 - 000016915 _____ C:\Users\cauli\Downloads\BeforeUpdate (1).xlsm 2024-01-04 11:34 - 2024-01-04 11:34 - 000118223 _____ C:\Users\cauli\Downloads\suivi-factures-fournisseurs-base.zip 2024-01-04 09:07 - 2024-01-04 09:07 - 000016915 _____ C:\Users\cauli\Downloads\BeforeUpdate.xlsm 2024-01-03 16:22 - 1985-01-01 00:57 - 000079872 _____ C:\Users\cauli\Downloads\Demo.XLD002.xls 2024-01-01 20:51 - 2024-01-01 20:51 - 000033401 ____H C:\Users\cauli\Downloads\~WRL3950.tmp 2023-12-31 14:13 - 2023-12-31 14:13 - 001009202 _____ C:\Users\cauli\Downloads\Package Mapping Onglet.zip 2023-12-30 18:17 - 2023-12-30 19:45 - 000021780 _____ C:\Users\cauli\Downloads\limiter-valeur-textbox pour Patrick .xlsm 2023-12-29 12:56 - 2024-01-01 11:57 - 000033536 _____ C:\Users\cauli\Downloads\Classeur111111111111111.xlsm 2023-12-24 10:18 - 2023-12-24 10:18 - 001682625 _____ C:\Users\cauli\Downloads\reponse-pere-noel-standard.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-22 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-01-22 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-01-22 17:52 - 2020-10-09 17:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-01-22 17:12 - 2019-07-11 07:09 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\Word 2024-01-22 15:29 - 2019-06-25 23:21 - 000000000 ____D C:\Users\cauli\AppData\Local\CrashDumps 2024-01-22 14:57 - 2019-06-12 18:56 - 000000000 ___RD C:\Users\cauli\OneDrive 2024-01-22 14:56 - 2020-02-03 18:18 - 000000000 ____D C:\Users\cauli\AppData\Roaming\ZHP 2024-01-22 14:17 - 2022-10-19 09:28 - 000000000 ____D C:\Users\cauli\AppData\Local\ZHP 2024-01-22 09:27 - 2019-06-29 06:37 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\Forms 2024-01-21 20:20 - 2019-06-29 06:35 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\Excel 2024-01-21 18:57 - 2019-09-12 08:41 - 000000000 ____D C:\Program Files (x86)\Everything 2024-01-20 19:04 - 2019-09-12 19:01 - 000000000 ____D C:\ZZ - Sommaire Vba pour EXCEL - Copie 13 nov 2022 2024-01-20 10:01 - 2020-06-25 00:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-20 10:01 - 2020-06-25 00:02 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-01-20 10:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-01-20 09:44 - 2020-10-09 17:55 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-01-20 09:44 - 2019-12-07 15:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2024-01-20 09:44 - 2019-12-07 15:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2024-01-20 09:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-01-20 09:37 - 2023-10-20 10:36 - 000008192 ___SH C:\DumpStack.log.tmp 2024-01-20 09:37 - 2020-10-09 18:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-01-20 09:37 - 2020-10-09 17:45 - 000000000 ____D C:\Users\cauli 2024-01-20 09:37 - 2019-06-24 17:38 - 000000000 ____D C:\ProgramData\NVIDIA 2024-01-12 19:13 - 2019-07-21 09:03 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\HTML Help 2024-01-12 15:43 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-01-12 15:40 - 2023-08-09 22:55 - 000665808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-01-12 15:40 - 2021-08-19 07:44 - 000000000 ____D C:\ProgramData\AVG 2024-01-12 15:37 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-01-12 15:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-01-12 07:22 - 2020-05-28 22:45 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-01-10 11:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-01-10 11:17 - 2019-06-26 07:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-10 11:09 - 2019-06-26 07:52 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-01-08 19:52 - 2019-06-28 18:24 - 000000000 ____D C:\Users\cauli\AppData\Roaming\Microsoft\Office 2024-01-08 09:01 - 2019-06-13 06:33 - 000000000 ____D C:\Users\cauli\AppData\LocalLow\Mozilla 2024-01-07 20:59 - 2022-02-09 13:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-01-07 20:58 - 2022-01-18 09:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-01-05 19:33 - 2019-06-24 17:38 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2024-01-05 19:33 - 2019-06-24 17:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2024-01-03 20:58 - 2019-06-24 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-12-31 07:31 - 2019-11-01 10:15 - 000000000 ____D C:\Users\cauli\AppData\Roaming\uTorrent 2023-12-26 12:16 - 2021-03-02 21:30 - 000036455 _____ C:\Users\cauli\Desktop\Annonce caravane.odt 2023-12-24 19:41 - 2019-08-02 20:46 - 000000000 ____D C:\Users\cauli\AppData\Roaming\vlc 2023-12-23 14:21 - 2019-09-21 07:54 - 000000138 _____ C:\Users\cauli\AppData\Roaming\licecap.ini 2023-12-23 14:20 - 2019-09-21 09:12 - 000000000 ____D C:\aaa ==================== Fichiers à la racine de certains dossiers ======== 2019-09-21 07:54 - 2023-12-23 14:21 - 000000138 _____ () C:\Users\cauli\AppData\Roaming\licecap.ini 2022-03-31 09:21 - 2022-03-31 09:21 - 000000020 ___SH () C:\Users\cauli\AppData\Roaming\Sys11965 DataCollection.dat 2022-03-31 09:21 - 2022-03-31 09:21 - 000000020 ___SH () C:\Users\cauli\AppData\Roaming\System413_DataDB.ind 2020-01-26 11:19 - 2019-10-25 09:52 - 000000701 _____ () C:\Users\cauli\AppData\Roaming\vsound.dll 2021-04-01 20:19 - 2022-09-25 14:36 - 000516582 _____ () C:\Users\cauli\AppData\Local\ars.cache 2021-04-01 20:20 - 2022-09-25 14:37 - 002712865 _____ () C:\Users\cauli\AppData\Local\census.cache 2021-03-31 18:03 - 2021-03-31 18:03 - 000000036 _____ () C:\Users\cauli\AppData\Local\housecall.guid.cache 2019-06-24 23:31 - 2021-04-03 09:30 - 000000615 _____ () C:\Users\cauli\AppData\Local\oobelibMkey.log 2020-01-21 11:20 - 2020-01-21 11:20 - 000006697 _____ () C:\Users\cauli\AppData\Local\recently-used.xbel 2021-08-18 18:28 - 2021-08-18 18:28 - 000007620 _____ () C:\Users\cauli\AppData\Local\Resmon.ResmonCfg 2021-03-31 18:20 - 2022-02-04 15:38 - 000000010 _____ () C:\Users\cauli\AppData\Local\sponge.last.runtime.cache ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================