Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Exécuté par balou (administrateur) sur DESKTOP-CPT119A (MEDION H77H2-EM) (14-08-2021 17:07:53)
Exécuté depuis C:\Users\balou\Desktop
Profils chargés: balou
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Objectif Tarot\Objectif Tarot.exe
() [Fichier non signé] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Chris Andriessen) [Fichier non signé] C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe
(CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.73\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [VX1000] => C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2019-09-26] (Acronis International GmbH -> )
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2019-09-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [LegalNoticeCaption] pour mémoire
HKLM\...\Winlogon: [LegalNoticeText] dernière sauvegarde effectuée le 20022021 sous D:
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [MicrosoftEdgeAutoLaunch_8749423E1A656369799CDA13EC037503] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {1b37827e-0b80-11eb-8294-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {46758dd9-8bc1-11ea-8177-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {4ef21b3f-fcb5-11e9-805a-806e6f6e6963} - "E:\Autorun.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {b5f6af41-4033-11eb-8308-13fa5dc91035} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {bfa41401-2567-11ea-80b6-503eaa099658} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b5021-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b503c-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b50e0-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {de723dc7-691b-11ea-8124-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: CNMLM9W.DLL
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\Windows\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BingSnap.lnk [2021-06-03]
ShortcutTarget: BingSnap.lnk -> C:\Program Files\BingSnap\BingSnap.exe () [Fichier non signé]
Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FalconX.lnk [2021-06-12]
ShortcutTarget: FalconX.lnk -> C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe (Chris Andriessen) [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02482ED0-85EC-48B9-A813-FC986820AEB2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {030DE863-D27D-4928-9FFD-56B29B185BC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0791D2E4-F8E5-4635-9FBF-AD3A2A704883} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {34F5F2F1-DC7B-4A4A-B4C9-E13C3A4945C7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500 => C:\Users\balou\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {394E2969-8D40-4622-BDEE-60ED93C1F316} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [100536 2019-09-06] (CyberLink Corp. -> CyberLink Corp.)
Task: {43FFF390-1390-46C6-862C-CCCB9FC326BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {4DC0D301-A040-484E-A6A7-60CBE26B8540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {80FC9301-24F2-44B1-B81B-8A6300DA3C0D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81296429-9CDB-4982-9D1E-6B23045F955C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {91B567C8-0584-4A87-A9F9-74F01D9E882F} - System32\Tasks\HPPSDrTelemetryWatch => C:\Program Files (x86)\HP\Diagnostics\TelemetryWatch\PSDrTelemetryWatch.exe [32392 2021-03-29] (HP Inc. -> )
Task: {9485B5B5-A64E-4025-B843-34B082454AF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-08-11] (HP Inc. -> HP Inc.)
Task: {B1D0E68A-2826-49FC-8030-D6E270BEE71A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {B5B9FA79-DD25-4B52-8E9E-337349A3C84B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B7933A23-6867-4515-B510-2FE716D4CA0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C304869A-41DE-4470-8E90-1FF483F08518} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45D3CF6-74F6-4050-B8E6-05C71215F476} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C76217D0-6E9E-4A5C-B12C-183897E923BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {C875DBA0-87A3-4EE1-BA93-0C43E19B0127} - System32\Tasks\PrivaZer_SkipUAC => F:\PrivaZer\PrivaZer.exe
Task: {C93F9F08-D942-4AAE-B3B7-37A69CC0EE92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CAD18DBE-FBC0-4DDF-8036-4768E2839B92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D75B2505-5A43-4A11-8C31-7D98A928FEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D89E46AC-8906-4FB7-B972-D1FDE81307F4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {EF99CC22-F3F1-4A97-9D01-30100EF2C898} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F618FFE1-9F9C-47D9-B723-0A4766287CA8} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe
Task: {FA6C70FC-3002-4467-BC7E-91C4D0735579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {FFAF25AA-942C-472A-95A4-4BD4B6AD0A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37d369c3-222c-499c-9a4c-bd603964f37b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3c4c96f0-39e8-4ecd-91ef-95f4831807f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3bdf0ac-7aba-4cf3-ac96-b39696ee8c2e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ef0c8e75-ec85-4ca5-bdee-528308e9b757}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe55a651-2e5e-40f5-ae6e-1434d641e877}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\balou\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.google.fr/
Edge Notifications: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.facebook.com; hxxps://notification-list.com; hxxps://notification-centar.com; hxxps://www.wish.com; hxxps://geek.wish.com; hxxps://www.1formatik.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-11-02]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14]
Edge Notifications: Default -> hxxps://www.capital.fr; hxxps://www.facebook.com
Edge StartupUrls: Default -> "hxxp://www.google.fr/"
Edge DefaultSearchURL: Default -> hxxps://www.ventusky.com/images/favicon.ico
Edge Extension: (Ventusky) - C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akeljcfnkeccidbecaggemfjmbjhpgmh [2021-03-05]
FireFox:
========
FF DefaultProfile: vfblv3j2.default
FF ProfilePath: C:\Users\balou\AppData\Roaming\TomTom\HOME\Profiles\3lrpc2wb.default [2020-01-23]
FF Extension: (Pas de nom) - F:\tom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\vfblv3j2.default [2019-11-01]
FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release [2021-08-13]
FF Notifications: Mozilla\Firefox\Profiles\mwpu0cez.default-release -> hxxps://www.footballdatabase.eu
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2020-06-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1157592 2019-09-26] (Acronis International GmbH -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S4 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe [898216 2020-10-12] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-05-12] (HP Inc. -> HP Inc.)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-09-26] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1753704 2019-09-26] (Acronis International GmbH -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-01-22] (Even Balance, Inc. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> )
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [Fichier non signé]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262312 2021-01-27] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Fichier non signé]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\WINDOWS\System32\drivers\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 ddmdrv; C:\WINDOWS\SysWOW64\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Dexetek)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 fiddrv64; pas de ImagePath
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GENERICDRV; C:\Medion\amifldrv64.sys [15640 2013-02-12] (American Megatrends, Inc. -> )
R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [51400 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [48344 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [Fichier non signé]
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2020-08-14] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 PinnacleMarvinAVS; C:\WINDOWS\system32\DRIVERS\MarvinAVS64.sys [484736 2007-05-09] (Pinnacle a division of Avid Technology, Inc.) [Fichier non signé]
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12528 2021-02-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Savitech Corp. -> Windows (R) Win 7 DDK provider)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S1 SASDIFSV; \??\F:\\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\F:\\SASKUTIL64.SYS [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-14 17:07 - 2021-08-14 17:08 - 000033401 _____ C:\Users\balou\Desktop\FRST.txt
2021-08-14 17:07 - 2021-08-14 17:07 - 000526505 _____ C:\Users\balou\Desktop\ZHPDiag.html
2021-08-14 17:07 - 2021-08-14 17:07 - 000433662 _____ C:\Users\balou\Desktop\ZHPDiag.txt
2021-08-14 17:07 - 2021-08-14 17:07 - 000000000 ____D C:\Users\balou\Desktop\FRST-OlderVersion
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2021-08-14 16:59 - 2021-08-14 16:59 - 000000000 ____D C:\Users\balou\Desktop\archives
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 08:07 - 2021-08-14 08:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-08-14 08:02 - 2021-08-14 08:02 - 011102896 _____ (McAfee, LLC) C:\Users\balou\Downloads\MCPR.exe
2021-08-13 21:08 - 2021-08-13 21:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-13 21:03 - 2021-08-13 21:03 - 000000000 ____D C:\Users\balou\AppData\Local\mbam
2021-08-13 21:02 - 2021-08-13 21:02 - 002120496 _____ (Malwarebytes) C:\Users\balou\Downloads\MBSetup.exe
2021-08-13 21:02 - 2021-08-13 21:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-13 20:59 - 2021-08-13 20:59 - 002822966 _____ C:\Users\balou\Downloads\ZHPCleaner.zip
2021-08-13 16:45 - 2021-08-13 16:45 - 000000000 ____D C:\Users\balou\Desktop\Wub
2021-08-13 16:04 - 2021-08-13 16:04 - 000002331 _____ C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
2021-08-13 16:04 - 2021-08-13 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-08-13 16:04 - 2012-10-17 04:31 - 000741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMB111.dll
2021-08-13 15:18 - 2021-08-14 17:08 - 000000000 ____D C:\FRST
2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe
2021-08-13 14:57 - 2021-08-14 17:00 - 000000734 _____ C:\Users\balou\Desktop\ZHPSuite.lnk
2021-08-13 14:44 - 2021-08-13 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-08-13 14:44 - 2021-08-13 14:44 - 000000000 ____D C:\Program Files\iTunes
2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 11:57 - 2021-08-13 11:57 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 11:57 - 2021-08-13 11:57 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 11:57 - 2021-08-13 11:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 11:57 - 2021-08-13 11:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 11:57 - 2021-08-13 11:57 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 11:49 - 2021-08-13 11:49 - 000000000 ___HD C:\$WinREAgent
2021-08-12 15:31 - 2021-08-12 15:31 - 000000000 ____D C:\WINDOWS\Panther
2021-08-12 07:32 - 2021-08-12 07:32 - 002504122 _____ C:\Users\balou\Desktop\article Paris Normandie Régis.pdf
2021-08-12 07:30 - 2021-08-12 07:30 - 000000000 ____D C:\Users\balou\AppData\Local\HP_Inc
2021-08-11 23:05 - 2021-08-11 23:05 - 000000000 ____D C:\Users\balou\AppData\Roaming\HP
2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Hewlett-Packard
2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-08-11 21:06 - 2021-08-13 16:04 - 000000000 ____D C:\Program Files\HP
2021-08-11 21:06 - 2021-08-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-08-11 20:56 - 2021-08-11 20:56 - 000003892 _____ C:\WINDOWS\system32\Tasks\HPPSDrTelemetryWatch
2021-08-11 20:20 - 2021-08-11 20:20 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\HPPSDr
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Roaming\FastStone
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Local\FastStone
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
2021-08-09 20:08 - 2021-08-09 20:08 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-08-09 20:08 - 2021-08-09 20:08 - 000002247 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2021-08-09 20:08 - 2021-08-09 20:08 - 000000000 ____D C:\Program Files\Google
2021-08-05 09:19 - 2021-08-05 09:19 - 000000522 _____ C:\Users\balou\Desktop\Données.lnk
2021-08-04 17:16 - 2021-08-04 17:16 - 000000000 ____D C:\Program Files\Conexant
2021-08-04 17:15 - 2012-01-10 12:12 - 000222464 _____ (Dexetek ) C:\WINDOWS\system32\Drivers\DxVGrb.sys
2021-08-04 17:15 - 2012-01-10 12:11 - 000055808 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\cxtvrate.dll
2021-08-04 17:15 - 2012-01-10 12:11 - 000040960 _____ (Conexant) C:\WINDOWS\system32\y8cnvt.ax
2021-08-04 17:15 - 2012-01-10 12:11 - 000032256 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\CxPolaris.ax
2021-08-04 17:15 - 2012-01-10 12:10 - 000019456 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\cpnotify.ax
2021-08-04 17:15 - 2012-01-10 12:10 - 000016384 _____ C:\WINDOWS\system32\cxEZCAP.ax
2021-08-03 18:34 - 2021-08-03 18:34 - 000000000 ____D C:\Program Files (x86)\Terratec
2021-08-03 15:59 - 2021-08-03 15:59 - 000003288 _____ C:\WINDOWS\system32\Tasks\PowerDirectorStyleAgent
2021-08-03 15:58 - 2021-08-03 15:58 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 18.lnk
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\ProgramData\install_backup
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\CyberLink
2021-08-03 15:19 - 2021-08-03 15:19 - 000000000 ____D C:\Users\balou\AppData\Roaming\Bandicam Company
2021-08-02 10:09 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-07-31 19:17 - 2021-07-31 19:17 - 001677450 _____ C:\Users\balou\Downloads\pétition001.pdf
2021-07-30 21:10 - 2021-07-30 21:10 - 000000000 ____D C:\Users\balou\Documents\Samsung
2021-07-30 21:09 - 2021-07-30 21:09 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Samsung
2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-07-28 22:24 - 2019-12-14 07:08 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2021-07-28 22:02 - 2021-07-28 22:02 - 000325214 _____ C:\Users\balou\Downloads\Infos Residence Medailles Militaires1.pdf
2021-07-28 20:19 - 2021-07-28 20:19 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-07-23 20:49 - 2021-08-14 07:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-19 21:35 - 2021-07-19 21:36 - 000000000 ___RD C:\Users\balou\AppData\Local\PCHealthCheck
2021-07-19 21:35 - 2021-07-19 21:35 - 000001355 _____ C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-07-18 15:07 - 2021-07-18 15:07 - 000000000 ____D C:\Users\balou\AppData\Local\
2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-08 17:23 - 2021-07-08 17:23 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 17:23 - 2021-07-08 17:23 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 17:23 - 2021-07-08 17:23 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 17:22 - 2021-07-08 17:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 17:22 - 2021-07-08 17:22 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 08:14 - 2021-07-07 08:14 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-07-07 08:14 - 2021-07-07 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-06-26 17:56 - 2021-06-26 17:56 - 000000000 ____D C:\Users\balou\AppData\Roaming\Cybelsoft
2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL
2021-06-26 09:07 - 2005-09-12 13:58 - 000198640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCI32.OCX
2021-06-25 15:08 - 2021-08-11 07:45 - 000000000 ____D C:\BluetoothExchangeFolder
2021-06-25 15:08 - 2021-06-25 15:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\es-cl
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files\CSR
2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files (x86)\CSR
2021-06-22 08:31 - 2021-06-22 08:31 - 000001160 _____ C:\Users\balou\Desktop\Goeffroy st hilaire - Raccourci.lnk
2021-06-19 17:22 - 2021-05-19 20:35 - 001151992 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-06-12 19:23 - 2021-06-12 19:23 - 002666856 _____ C:\Users\balou\Desktop\Transformer une alimentation de PC en alimentation d’atelier – L'Atelier du Geek.pdf
2021-06-06 15:53 - 2021-08-13 18:10 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-06-03 19:30 - 2021-07-28 21:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Carthago
2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Program Files\BingSnap
2021-06-02 16:56 - 2021-06-02 16:56 - 003063109 _____ C:\Users\balou\Desktop\pcastuces.pdf
2021-05-29 14:51 - 2021-05-29 14:51 - 005259776 _____ C:\Users\balou\Downloads\J'ai retrouve ton cartable1.pps
2021-05-28 20:32 - 2021-05-28 20:32 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-05-28 20:32 - 2021-05-28 20:32 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-28 20:32 - 2021-05-28 20:32 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-28 20:32 - 2021-05-28 20:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-05-28 20:31 - 2021-05-28 20:31 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-28 20:31 - 2021-05-28 20:31 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ C:\Users\balou\AppData\Roaming\licecap.ini
2021-05-28 18:35 - 2021-05-28 18:35 - 000000000 ____D C:\Program Files (x86)\LICEcap
2021-05-24 22:55 - 2021-05-24 22:55 - 008228562 _____ C:\Users\balou\Downloads\blague.mp4
2021-05-24 22:53 - 2021-05-24 22:53 - 008390359 _____ C:\Users\balou\Downloads\F-A-18 Carrier break and landing1.mp4
2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\Smart_Disk_Checker
2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\IsolatedStorage
2021-05-22 18:40 - 2021-05-22 18:40 - 000515584 _____ C:\Users\balou\Downloads\Probleme_chez_BMW1-111111.pps
2021-05-19 18:58 - 2021-05-19 18:58 - 002118130 _____ C:\Users\balou\Downloads\histoire IFF.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-14 17:07 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Roaming\ZHP
2021-08-14 17:07 - 2019-11-02 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-14 17:00 - 2020-05-31 11:07 - 000000000 ____D C:\Users\balou
2021-08-14 17:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-14 16:17 - 2019-11-01 18:18 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-14 16:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-14 16:15 - 2019-11-01 21:10 - 000000000 ____D C:\Program Files\CCleaner
2021-08-14 16:12 - 2020-05-31 12:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-14 11:49 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-14 11:41 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Maintenance
2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-14 11:22 - 2020-03-22 09:06 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-14 09:16 - 2020-05-31 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-14 07:59 - 2020-05-31 11:59 - 001776794 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-14 07:59 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-14 07:59 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-14 07:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-14 07:58 - 2019-11-01 18:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-08-13 21:09 - 2021-01-30 17:34 - 000000000 ____D C:\Users\balou\AppData\LocalLow\Mozilla
2021-08-13 21:08 - 2019-11-01 17:38 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-13 18:10 - 2020-07-26 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-08-13 18:09 - 2019-11-01 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-13 18:08 - 2019-11-03 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-08-13 18:04 - 2019-11-02 09:16 - 000000000 ____D C:\Users\balou\AppData\Roaming\vlc
2021-08-13 17:12 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Autres raccourcis
2021-08-13 16:10 - 2020-11-03 11:24 - 000000000 ____D C:\Users\balou\AppData\Roaming\HpUpdate
2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\ProgramData\HP
2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\Program Files (x86)\HP
2021-08-13 14:57 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Local\ZHP
2021-08-13 14:42 - 2021-02-20 16:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 14:40 - 2020-08-02 08:06 - 000591472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 11:57 - 2018-09-22 18:03 - 000414056 __RSH C:\bootmgr
2021-08-13 11:48 - 2019-11-01 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 11:46 - 2019-11-01 19:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 15:10 - 2019-11-01 16:51 - 000000000 ____D C:\Users\balou\AppData\Local\PlaceholderTileLogoFolder
2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-08-12 07:31 - 2019-11-15 23:54 - 000049218 _____ C:\Users\balou\.sambox.cache
2021-08-11 21:06 - 2020-11-03 11:23 - 000000000 ____D C:\Users\balou\AppData\Local\HP
2021-08-11 21:06 - 2019-11-01 16:49 - 000000000 ____D C:\Users\balou\AppData\Local\Packages
2021-08-11 20:28 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ____D C:\Users\balou\AppData\Roaming\Canon
2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\Program Files (x86)\Canon
2021-08-11 20:20 - 2020-05-31 12:03 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500
2021-08-11 20:20 - 2020-05-31 11:07 - 000002450 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-11 20:20 - 2019-11-11 16:59 - 000000000 ___RD C:\Users\Administrateur\OneDrive
2021-08-11 20:20 - 2019-11-11 16:57 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Packages
2021-08-11 17:07 - 2019-11-01 16:24 - 000000000 ____D C:\Users\balou\Desktop\dossiers en cours
2021-08-11 16:52 - 2021-05-09 22:46 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-08-07 20:18 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files\NewBlue
2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files (x86)\NewBlue
2021-08-07 20:15 - 2020-07-25 14:53 - 000000000 ____D C:\ProgramData\Corel
2021-08-07 20:15 - 2020-07-25 14:21 - 000000000 ____D C:\ProgramData\Pinnacle
2021-08-07 18:25 - 2019-11-01 16:23 - 000000000 ____D C:\Users\balou\Desktop\Jeux
2021-08-05 14:02 - 2020-05-31 12:03 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 14:02 - 2020-05-31 12:03 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 09:14 - 2021-01-06 17:11 - 000000114 ___RH C:\Users\balou\Downloads\Stinger.opt
2021-08-05 09:14 - 2020-08-06 11:16 - 000000000 ____D C:\Program Files\stinger
2021-08-05 09:07 - 2021-01-06 17:09 - 000000000 ____D C:\Program Files (x86)\stinger
2021-08-04 11:32 - 2019-11-01 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\temp
2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\AppData\Local\Pinnacle
2021-08-03 18:37 - 2020-07-25 14:26 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2021-08-03 18:36 - 2020-07-25 14:27 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2021-08-03 18:30 - 2020-08-26 07:33 - 000006716 _____ C:\WINDOWS\system32\adorage-protocol.txt
2021-08-03 18:25 - 2020-07-25 19:19 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2021-08-03 18:25 - 2020-07-25 19:19 - 000000362 _____ C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt
2021-08-03 18:25 - 2020-07-25 14:27 - 000000349 _____ C:\WINDOWS\PCLECHAL.INI
2021-08-03 15:59 - 2020-08-07 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris FX Continuum CYBERLINK
2021-08-03 15:59 - 2020-08-01 11:23 - 000000000 ____D C:\ProgramData\CLSK
2021-08-03 15:58 - 2020-08-01 11:29 - 000000000 ___HD C:\ProgramData\CyberLink
2021-08-03 15:57 - 2020-08-02 18:49 - 000000000 ____D C:\ProgramData\install_clap
2021-08-03 15:57 - 2020-08-01 11:28 - 000000000 ____D C:\Program Files\Cyberlink
2021-08-03 15:50 - 2019-11-01 21:00 - 000000000 ____D C:\Users\balou\AppData\Roaming\avidemux
2021-08-02 10:21 - 2020-05-31 12:03 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 10:21 - 2020-05-31 12:03 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 18:51 - 2021-02-11 23:59 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2021-07-30 21:50 - 2021-01-10 10:39 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-28 22:24 - 2021-03-06 16:11 - 000000000 ____D C:\ProgramData\Samsung
2021-07-28 20:31 - 2021-01-14 23:11 - 000000000 ____D C:\Program Files (x86)\Origin
2021-07-28 20:19 - 2019-11-27 19:12 - 000000000 ____D C:\Program Files (x86)\Intel
2021-07-28 20:19 - 2019-11-01 18:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-27 18:51 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\résultats analyse philou
2021-07-25 10:43 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\Papiers papa
2021-07-20 20:18 - 2020-05-31 12:03 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-19 22:15 - 2020-07-28 17:51 - 000002358 _____ C:\Users\Administrateur\Desktop\Microsoft Edge.lnk
2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-02-20 16:43 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-02-20 16:43 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Fichiers à la racine de certains dossiers ========
2021-04-22 22:55 - 2021-04-22 22:55 - 000000043 _____ () C:\Users\balou\IP_Log_Data.js
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2020-03-13 19:33 - 2020-03-13 19:42 - 000000624 _____ () C:\Users\balou\AppData\Roaming\All CPU MeterV3_Settings.ini
2020-07-25 19:19 - 2021-08-03 18:25 - 000000362 _____ () C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt
2020-11-23 16:16 - 2020-11-23 16:17 - 000000063 _____ () C:\Users\balou\AppData\Roaming\FalconX.cfg
2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ () C:\Users\balou\AppData\Roaming\licecap.ini
2021-04-22 22:55 - 2021-04-22 22:55 - 000000010 _____ () C:\Users\balou\AppData\Roaming\Network Meter_Usage.ini
2020-05-10 08:08 - 2021-06-11 17:59 - 000000114 _____ () C:\Users\balou\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2021-04-22 23:00 - 2021-06-27 00:15 - 000000116 _____ () C:\Users\balou\AppData\Roaming\System Monitor II_UptimeRecord.ini
2019-11-22 16:51 - 2019-11-22 16:51 - 000122246 _____ () C:\Users\balou\AppData\Local\ars.cache
2019-11-22 16:51 - 2019-11-22 16:51 - 000384733 _____ () C:\Users\balou\AppData\Local\census.cache
2021-02-03 17:29 - 2021-02-03 17:29 - 000000038 _____ () C:\Users\balou\AppData\Local\cloudready_installer_uuid
2020-07-25 19:19 - 2020-07-25 19:19 - 000003584 _____ () C:\Users\balou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-22 16:35 - 2019-11-22 16:35 - 000000036 _____ () C:\Users\balou\AppData\Local\housecall.guid.cache
2021-02-20 21:37 - 2021-02-20 21:37 - 000007601 _____ () C:\Users\balou\AppData\Local\Resmon.ResmonCfg
2020-02-11 23:01 - 2020-03-03 19:56 - 000000071 _____ () C:\Users\balou\AppData\Local\uts.ini
==================== SigCheckExt =========================
2009-07-14 03:25 - 2009-07-14 03:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll
2009-07-14 03:40 - 2009-07-14 03:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll
2020-05-06 09:48 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2020-05-06 09:48 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BJCE.DLL
2020-05-06 09:48 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMJCE.DLL
2020-07-25 20:51 - 2007-03-05 16:36 - 000070656 _____ (Pinnacle Systems) C:\WINDOWS\system32\PCLECoInst64.dll
2019-11-02 00:30 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2009-07-14 03:41 - 2009-07-14 03:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll
2021-01-04 17:46 - 2016-09-29 10:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe
2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {197b98a1-be81-11e8-84fa-e0bcc9f07fd4}
device ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {197b98a5-be81-11e8-84fa-e0bcc9f07fd4}
device ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dcff31b9-475f-11e9-b8e2-dac3d9dc6ec6}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {de30e2e6-a324-11ea-81b4-503eaa099658}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {de30e2e3-a324-11ea-81b4-503eaa099658}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {de30e2e7-a324-11ea-81b4-503eaa099658}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par balou (administrateur) sur DESKTOP-CPT119A (MEDION H77H2-EM) (14-08-2021 17:07:53)
Exécuté depuis C:\Users\balou\Desktop
Profils chargés: balou
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Objectif Tarot\Objectif Tarot.exe
() [Fichier non signé] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Chris Andriessen) [Fichier non signé] C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe
(CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.73\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [VX1000] => C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2019-09-26] (Acronis International GmbH -> )
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2019-09-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [LegalNoticeCaption] pour mémoire
HKLM\...\Winlogon: [LegalNoticeText] dernière sauvegarde effectuée le 20022021 sous D:
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [MicrosoftEdgeAutoLaunch_8749423E1A656369799CDA13EC037503] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {1b37827e-0b80-11eb-8294-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {46758dd9-8bc1-11ea-8177-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {4ef21b3f-fcb5-11e9-805a-806e6f6e6963} - "E:\Autorun.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {b5f6af41-4033-11eb-8308-13fa5dc91035} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {bfa41401-2567-11ea-80b6-503eaa099658} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b5021-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b503c-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b50e0-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {de723dc7-691b-11ea-8124-503eaa099658} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: CNMLM9W.DLL
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\Windows\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BingSnap.lnk [2021-06-03]
ShortcutTarget: BingSnap.lnk -> C:\Program Files\BingSnap\BingSnap.exe () [Fichier non signé]
Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FalconX.lnk [2021-06-12]
ShortcutTarget: FalconX.lnk -> C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe (Chris Andriessen) [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02482ED0-85EC-48B9-A813-FC986820AEB2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {030DE863-D27D-4928-9FFD-56B29B185BC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0791D2E4-F8E5-4635-9FBF-AD3A2A704883} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {34F5F2F1-DC7B-4A4A-B4C9-E13C3A4945C7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500 => C:\Users\balou\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {394E2969-8D40-4622-BDEE-60ED93C1F316} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [100536 2019-09-06] (CyberLink Corp. -> CyberLink Corp.)
Task: {43FFF390-1390-46C6-862C-CCCB9FC326BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {4DC0D301-A040-484E-A6A7-60CBE26B8540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {80FC9301-24F2-44B1-B81B-8A6300DA3C0D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81296429-9CDB-4982-9D1E-6B23045F955C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {91B567C8-0584-4A87-A9F9-74F01D9E882F} - System32\Tasks\HPPSDrTelemetryWatch => C:\Program Files (x86)\HP\Diagnostics\TelemetryWatch\PSDrTelemetryWatch.exe [32392 2021-03-29] (HP Inc. -> )
Task: {9485B5B5-A64E-4025-B843-34B082454AF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-08-11] (HP Inc. -> HP Inc.)
Task: {B1D0E68A-2826-49FC-8030-D6E270BEE71A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {B5B9FA79-DD25-4B52-8E9E-337349A3C84B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B7933A23-6867-4515-B510-2FE716D4CA0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C304869A-41DE-4470-8E90-1FF483F08518} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45D3CF6-74F6-4050-B8E6-05C71215F476} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C76217D0-6E9E-4A5C-B12C-183897E923BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {C875DBA0-87A3-4EE1-BA93-0C43E19B0127} - System32\Tasks\PrivaZer_SkipUAC => F:\PrivaZer\PrivaZer.exe
Task: {C93F9F08-D942-4AAE-B3B7-37A69CC0EE92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CAD18DBE-FBC0-4DDF-8036-4768E2839B92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D75B2505-5A43-4A11-8C31-7D98A928FEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D89E46AC-8906-4FB7-B972-D1FDE81307F4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {EF99CC22-F3F1-4A97-9D01-30100EF2C898} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F618FFE1-9F9C-47D9-B723-0A4766287CA8} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe
Task: {FA6C70FC-3002-4467-BC7E-91C4D0735579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {FFAF25AA-942C-472A-95A4-4BD4B6AD0A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37d369c3-222c-499c-9a4c-bd603964f37b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3c4c96f0-39e8-4ecd-91ef-95f4831807f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3bdf0ac-7aba-4cf3-ac96-b39696ee8c2e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ef0c8e75-ec85-4ca5-bdee-528308e9b757}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe55a651-2e5e-40f5-ae6e-1434d641e877}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\balou\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.google.fr/
Edge Notifications: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.facebook.com; hxxps://notification-list.com; hxxps://notification-centar.com; hxxps://www.wish.com; hxxps://geek.wish.com; hxxps://www.1formatik.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-11-02]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14]
Edge Notifications: Default -> hxxps://www.capital.fr; hxxps://www.facebook.com
Edge StartupUrls: Default -> "hxxp://www.google.fr/"
Edge DefaultSearchURL: Default -> hxxps://www.ventusky.com/images/favicon.ico
Edge Extension: (Ventusky) - C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akeljcfnkeccidbecaggemfjmbjhpgmh [2021-03-05]
FireFox:
========
FF DefaultProfile: vfblv3j2.default
FF ProfilePath: C:\Users\balou\AppData\Roaming\TomTom\HOME\Profiles\3lrpc2wb.default [2020-01-23]
FF Extension: (Pas de nom) - F:\tom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\vfblv3j2.default [2019-11-01]
FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release [2021-08-13]
FF Notifications: Mozilla\Firefox\Profiles\mwpu0cez.default-release -> hxxps://www.footballdatabase.eu
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2020-06-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> F:\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1157592 2019-09-26] (Acronis International GmbH -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S4 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe [898216 2020-10-12] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-05-12] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-05-12] (HP Inc. -> HP Inc.)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-09-26] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1753704 2019-09-26] (Acronis International GmbH -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-01-22] (Even Balance, Inc. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> )
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [Fichier non signé]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262312 2021-01-27] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Fichier non signé]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhidmini; C:\WINDOWS\System32\drivers\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 ddmdrv; C:\WINDOWS\SysWOW64\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Dexetek)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 fiddrv64; pas de ImagePath
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GENERICDRV; C:\Medion\amifldrv64.sys [15640 2013-02-12] (American Megatrends, Inc. -> )
R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [51400 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [48344 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [Fichier non signé]
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2020-08-14] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 PinnacleMarvinAVS; C:\WINDOWS\system32\DRIVERS\MarvinAVS64.sys [484736 2007-05-09] (Pinnacle a division of Avid Technology, Inc.) [Fichier non signé]
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12528 2021-02-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé]
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Savitech Corp. -> Windows (R) Win 7 DDK provider)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S1 SASDIFSV; \??\F:\\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\F:\\SASKUTIL64.SYS [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-14 17:07 - 2021-08-14 17:08 - 000033401 _____ C:\Users\balou\Desktop\FRST.txt
2021-08-14 17:07 - 2021-08-14 17:07 - 000526505 _____ C:\Users\balou\Desktop\ZHPDiag.html
2021-08-14 17:07 - 2021-08-14 17:07 - 000433662 _____ C:\Users\balou\Desktop\ZHPDiag.txt
2021-08-14 17:07 - 2021-08-14 17:07 - 000000000 ____D C:\Users\balou\Desktop\FRST-OlderVersion
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2021-08-14 16:59 - 2021-08-14 16:59 - 000000000 ____D C:\Users\balou\Desktop\archives
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 08:07 - 2021-08-14 08:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-08-14 08:02 - 2021-08-14 08:02 - 011102896 _____ (McAfee, LLC) C:\Users\balou\Downloads\MCPR.exe
2021-08-13 21:08 - 2021-08-13 21:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-13 21:03 - 2021-08-13 21:03 - 000000000 ____D C:\Users\balou\AppData\Local\mbam
2021-08-13 21:02 - 2021-08-13 21:02 - 002120496 _____ (Malwarebytes) C:\Users\balou\Downloads\MBSetup.exe
2021-08-13 21:02 - 2021-08-13 21:02 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-13 20:59 - 2021-08-13 20:59 - 002822966 _____ C:\Users\balou\Downloads\ZHPCleaner.zip
2021-08-13 16:45 - 2021-08-13 16:45 - 000000000 ____D C:\Users\balou\Desktop\Wub
2021-08-13 16:04 - 2021-08-13 16:04 - 000002331 _____ C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk
2021-08-13 16:04 - 2021-08-13 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-08-13 16:04 - 2012-10-17 04:31 - 000741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMB111.dll
2021-08-13 15:18 - 2021-08-14 17:08 - 000000000 ____D C:\FRST
2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe
2021-08-13 14:57 - 2021-08-14 17:00 - 000000734 _____ C:\Users\balou\Desktop\ZHPSuite.lnk
2021-08-13 14:44 - 2021-08-13 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-08-13 14:44 - 2021-08-13 14:44 - 000000000 ____D C:\Program Files\iTunes
2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 11:57 - 2021-08-13 11:57 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 11:57 - 2021-08-13 11:57 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 11:57 - 2021-08-13 11:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 11:57 - 2021-08-13 11:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 11:57 - 2021-08-13 11:57 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 11:49 - 2021-08-13 11:49 - 000000000 ___HD C:\$WinREAgent
2021-08-12 15:31 - 2021-08-12 15:31 - 000000000 ____D C:\WINDOWS\Panther
2021-08-12 07:32 - 2021-08-12 07:32 - 002504122 _____ C:\Users\balou\Desktop\article Paris Normandie Régis.pdf
2021-08-12 07:30 - 2021-08-12 07:30 - 000000000 ____D C:\Users\balou\AppData\Local\HP_Inc
2021-08-11 23:05 - 2021-08-11 23:05 - 000000000 ____D C:\Users\balou\AppData\Roaming\HP
2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Hewlett-Packard
2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-08-11 21:06 - 2021-08-13 16:04 - 000000000 ____D C:\Program Files\HP
2021-08-11 21:06 - 2021-08-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-08-11 20:56 - 2021-08-11 20:56 - 000003892 _____ C:\WINDOWS\system32\Tasks\HPPSDrTelemetryWatch
2021-08-11 20:20 - 2021-08-11 20:20 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\HPPSDr
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Roaming\FastStone
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Local\FastStone
2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
2021-08-09 20:08 - 2021-08-09 20:08 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-08-09 20:08 - 2021-08-09 20:08 - 000002247 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2021-08-09 20:08 - 2021-08-09 20:08 - 000000000 ____D C:\Program Files\Google
2021-08-05 09:19 - 2021-08-05 09:19 - 000000522 _____ C:\Users\balou\Desktop\Données.lnk
2021-08-04 17:16 - 2021-08-04 17:16 - 000000000 ____D C:\Program Files\Conexant
2021-08-04 17:15 - 2012-01-10 12:12 - 000222464 _____ (Dexetek ) C:\WINDOWS\system32\Drivers\DxVGrb.sys
2021-08-04 17:15 - 2012-01-10 12:11 - 000055808 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\cxtvrate.dll
2021-08-04 17:15 - 2012-01-10 12:11 - 000040960 _____ (Conexant) C:\WINDOWS\system32\y8cnvt.ax
2021-08-04 17:15 - 2012-01-10 12:11 - 000032256 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\CxPolaris.ax
2021-08-04 17:15 - 2012-01-10 12:10 - 000019456 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\cpnotify.ax
2021-08-04 17:15 - 2012-01-10 12:10 - 000016384 _____ C:\WINDOWS\system32\cxEZCAP.ax
2021-08-03 18:34 - 2021-08-03 18:34 - 000000000 ____D C:\Program Files (x86)\Terratec
2021-08-03 15:59 - 2021-08-03 15:59 - 000003288 _____ C:\WINDOWS\system32\Tasks\PowerDirectorStyleAgent
2021-08-03 15:58 - 2021-08-03 15:58 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 18.lnk
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\ProgramData\install_backup
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\CyberLink
2021-08-03 15:19 - 2021-08-03 15:19 - 000000000 ____D C:\Users\balou\AppData\Roaming\Bandicam Company
2021-08-02 10:09 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2021-07-31 19:17 - 2021-07-31 19:17 - 001677450 _____ C:\Users\balou\Downloads\pétition001.pdf
2021-07-30 21:10 - 2021-07-30 21:10 - 000000000 ____D C:\Users\balou\Documents\Samsung
2021-07-30 21:09 - 2021-07-30 21:09 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Samsung
2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-07-28 22:24 - 2019-12-14 07:08 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2021-07-28 22:02 - 2021-07-28 22:02 - 000325214 _____ C:\Users\balou\Downloads\Infos Residence Medailles Militaires1.pdf
2021-07-28 20:19 - 2021-07-28 20:19 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-07-23 20:49 - 2021-08-14 07:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-19 21:35 - 2021-07-19 21:36 - 000000000 ___RD C:\Users\balou\AppData\Local\PCHealthCheck
2021-07-19 21:35 - 2021-07-19 21:35 - 000001355 _____ C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-07-18 15:07 - 2021-07-18 15:07 - 000000000 ____D C:\Users\balou\AppData\Local\
2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-08 17:23 - 2021-07-08 17:23 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 17:23 - 2021-07-08 17:23 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 17:23 - 2021-07-08 17:23 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 17:23 - 2021-07-08 17:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 17:22 - 2021-07-08 17:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 17:22 - 2021-07-08 17:22 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 08:14 - 2021-07-07 08:14 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-07-07 08:14 - 2021-07-07 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-06-26 17:56 - 2021-06-26 17:56 - 000000000 ____D C:\Users\balou\AppData\Roaming\Cybelsoft
2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL
2021-06-26 09:07 - 2005-09-12 13:58 - 000198640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCI32.OCX
2021-06-25 15:08 - 2021-08-11 07:45 - 000000000 ____D C:\BluetoothExchangeFolder
2021-06-25 15:08 - 2021-06-25 15:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\es-cl
2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files\CSR
2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files (x86)\CSR
2021-06-22 08:31 - 2021-06-22 08:31 - 000001160 _____ C:\Users\balou\Desktop\Goeffroy st hilaire - Raccourci.lnk
2021-06-19 17:22 - 2021-05-19 20:35 - 001151992 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-06-12 19:23 - 2021-06-12 19:23 - 002666856 _____ C:\Users\balou\Desktop\Transformer une alimentation de PC en alimentation d’atelier – L'Atelier du Geek.pdf
2021-06-06 15:53 - 2021-08-13 18:10 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-06-03 19:30 - 2021-07-28 21:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Carthago
2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Program Files\BingSnap
2021-06-02 16:56 - 2021-06-02 16:56 - 003063109 _____ C:\Users\balou\Desktop\pcastuces.pdf
2021-05-29 14:51 - 2021-05-29 14:51 - 005259776 _____ C:\Users\balou\Downloads\J'ai retrouve ton cartable1.pps
2021-05-28 20:32 - 2021-05-28 20:32 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-05-28 20:32 - 2021-05-28 20:32 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-28 20:32 - 2021-05-28 20:32 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-28 20:32 - 2021-05-28 20:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-05-28 20:31 - 2021-05-28 20:31 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-28 20:31 - 2021-05-28 20:31 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-28 20:31 - 2021-05-28 20:31 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ C:\Users\balou\AppData\Roaming\licecap.ini
2021-05-28 18:35 - 2021-05-28 18:35 - 000000000 ____D C:\Program Files (x86)\LICEcap
2021-05-24 22:55 - 2021-05-24 22:55 - 008228562 _____ C:\Users\balou\Downloads\blague.mp4
2021-05-24 22:53 - 2021-05-24 22:53 - 008390359 _____ C:\Users\balou\Downloads\F-A-18 Carrier break and landing1.mp4
2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\Smart_Disk_Checker
2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\IsolatedStorage
2021-05-22 18:40 - 2021-05-22 18:40 - 000515584 _____ C:\Users\balou\Downloads\Probleme_chez_BMW1-111111.pps
2021-05-19 18:58 - 2021-05-19 18:58 - 002118130 _____ C:\Users\balou\Downloads\histoire IFF.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-14 17:07 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Roaming\ZHP
2021-08-14 17:07 - 2019-11-02 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-14 17:00 - 2020-05-31 11:07 - 000000000 ____D C:\Users\balou
2021-08-14 17:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-14 16:17 - 2019-11-01 18:18 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-14 16:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-14 16:15 - 2019-11-01 21:10 - 000000000 ____D C:\Program Files\CCleaner
2021-08-14 16:12 - 2020-05-31 12:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-14 11:49 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-14 11:41 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Maintenance
2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-14 11:22 - 2020-03-22 09:06 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-14 09:16 - 2020-05-31 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-14 07:59 - 2020-05-31 11:59 - 001776794 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-14 07:59 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-14 07:59 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-14 07:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-14 07:58 - 2019-11-01 18:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-08-13 21:09 - 2021-01-30 17:34 - 000000000 ____D C:\Users\balou\AppData\LocalLow\Mozilla
2021-08-13 21:08 - 2019-11-01 17:38 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-13 18:10 - 2020-07-26 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-08-13 18:09 - 2019-11-01 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-13 18:08 - 2019-11-03 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-08-13 18:04 - 2019-11-02 09:16 - 000000000 ____D C:\Users\balou\AppData\Roaming\vlc
2021-08-13 17:12 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Autres raccourcis
2021-08-13 16:10 - 2020-11-03 11:24 - 000000000 ____D C:\Users\balou\AppData\Roaming\HpUpdate
2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\ProgramData\HP
2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\Program Files (x86)\HP
2021-08-13 14:57 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Local\ZHP
2021-08-13 14:42 - 2021-02-20 16:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 14:40 - 2020-08-02 08:06 - 000591472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 11:57 - 2018-09-22 18:03 - 000414056 __RSH C:\bootmgr
2021-08-13 11:48 - 2019-11-01 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 11:46 - 2019-11-01 19:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 15:10 - 2019-11-01 16:51 - 000000000 ____D C:\Users\balou\AppData\Local\PlaceholderTileLogoFolder
2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-08-12 07:31 - 2019-11-15 23:54 - 000049218 _____ C:\Users\balou\.sambox.cache
2021-08-11 21:06 - 2020-11-03 11:23 - 000000000 ____D C:\Users\balou\AppData\Local\HP
2021-08-11 21:06 - 2019-11-01 16:49 - 000000000 ____D C:\Users\balou\AppData\Local\Packages
2021-08-11 20:28 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ____D C:\Users\balou\AppData\Roaming\Canon
2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\Program Files (x86)\Canon
2021-08-11 20:20 - 2020-05-31 12:03 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500
2021-08-11 20:20 - 2020-05-31 11:07 - 000002450 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-11 20:20 - 2019-11-11 16:59 - 000000000 ___RD C:\Users\Administrateur\OneDrive
2021-08-11 20:20 - 2019-11-11 16:57 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Packages
2021-08-11 17:07 - 2019-11-01 16:24 - 000000000 ____D C:\Users\balou\Desktop\dossiers en cours
2021-08-11 16:52 - 2021-05-09 22:46 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-08-07 20:18 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files\NewBlue
2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files (x86)\NewBlue
2021-08-07 20:15 - 2020-07-25 14:53 - 000000000 ____D C:\ProgramData\Corel
2021-08-07 20:15 - 2020-07-25 14:21 - 000000000 ____D C:\ProgramData\Pinnacle
2021-08-07 18:25 - 2019-11-01 16:23 - 000000000 ____D C:\Users\balou\Desktop\Jeux
2021-08-05 14:02 - 2020-05-31 12:03 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 14:02 - 2020-05-31 12:03 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 09:14 - 2021-01-06 17:11 - 000000114 ___RH C:\Users\balou\Downloads\Stinger.opt
2021-08-05 09:14 - 2020-08-06 11:16 - 000000000 ____D C:\Program Files\stinger
2021-08-05 09:07 - 2021-01-06 17:09 - 000000000 ____D C:\Program Files (x86)\stinger
2021-08-04 11:32 - 2019-11-01 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\temp
2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\AppData\Local\Pinnacle
2021-08-03 18:37 - 2020-07-25 14:26 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2021-08-03 18:36 - 2020-07-25 14:27 - 000000000 ____D C:\Users\Public\Documents\Pinnacle
2021-08-03 18:30 - 2020-08-26 07:33 - 000006716 _____ C:\WINDOWS\system32\adorage-protocol.txt
2021-08-03 18:25 - 2020-07-25 19:19 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2021-08-03 18:25 - 2020-07-25 19:19 - 000000362 _____ C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt
2021-08-03 18:25 - 2020-07-25 14:27 - 000000349 _____ C:\WINDOWS\PCLECHAL.INI
2021-08-03 15:59 - 2020-08-07 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris FX Continuum CYBERLINK
2021-08-03 15:59 - 2020-08-01 11:23 - 000000000 ____D C:\ProgramData\CLSK
2021-08-03 15:58 - 2020-08-01 11:29 - 000000000 ___HD C:\ProgramData\CyberLink
2021-08-03 15:57 - 2020-08-02 18:49 - 000000000 ____D C:\ProgramData\install_clap
2021-08-03 15:57 - 2020-08-01 11:28 - 000000000 ____D C:\Program Files\Cyberlink
2021-08-03 15:50 - 2019-11-01 21:00 - 000000000 ____D C:\Users\balou\AppData\Roaming\avidemux
2021-08-02 10:21 - 2020-05-31 12:03 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 10:21 - 2020-05-31 12:03 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 18:51 - 2021-02-11 23:59 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2021-07-30 21:50 - 2021-01-10 10:39 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-28 22:24 - 2021-03-06 16:11 - 000000000 ____D C:\ProgramData\Samsung
2021-07-28 20:31 - 2021-01-14 23:11 - 000000000 ____D C:\Program Files (x86)\Origin
2021-07-28 20:19 - 2019-11-27 19:12 - 000000000 ____D C:\Program Files (x86)\Intel
2021-07-28 20:19 - 2019-11-01 18:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-27 18:51 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\résultats analyse philou
2021-07-25 10:43 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\Papiers papa
2021-07-20 20:18 - 2020-05-31 12:03 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-19 22:15 - 2020-07-28 17:51 - 000002358 _____ C:\Users\Administrateur\Desktop\Microsoft Edge.lnk
2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-02-20 16:43 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-02-20 16:43 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== Fichiers à la racine de certains dossiers ========
2021-04-22 22:55 - 2021-04-22 22:55 - 000000043 _____ () C:\Users\balou\IP_Log_Data.js
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2020-03-13 19:33 - 2020-03-13 19:42 - 000000624 _____ () C:\Users\balou\AppData\Roaming\All CPU MeterV3_Settings.ini
2020-07-25 19:19 - 2021-08-03 18:25 - 000000362 _____ () C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt
2020-11-23 16:16 - 2020-11-23 16:17 - 000000063 _____ () C:\Users\balou\AppData\Roaming\FalconX.cfg
2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ () C:\Users\balou\AppData\Roaming\licecap.ini
2021-04-22 22:55 - 2021-04-22 22:55 - 000000010 _____ () C:\Users\balou\AppData\Roaming\Network Meter_Usage.ini
2020-05-10 08:08 - 2021-06-11 17:59 - 000000114 _____ () C:\Users\balou\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2021-04-22 23:00 - 2021-06-27 00:15 - 000000116 _____ () C:\Users\balou\AppData\Roaming\System Monitor II_UptimeRecord.ini
2019-11-22 16:51 - 2019-11-22 16:51 - 000122246 _____ () C:\Users\balou\AppData\Local\ars.cache
2019-11-22 16:51 - 2019-11-22 16:51 - 000384733 _____ () C:\Users\balou\AppData\Local\census.cache
2021-02-03 17:29 - 2021-02-03 17:29 - 000000038 _____ () C:\Users\balou\AppData\Local\cloudready_installer_uuid
2020-07-25 19:19 - 2020-07-25 19:19 - 000003584 _____ () C:\Users\balou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-22 16:35 - 2019-11-22 16:35 - 000000036 _____ () C:\Users\balou\AppData\Local\housecall.guid.cache
2021-02-20 21:37 - 2021-02-20 21:37 - 000007601 _____ () C:\Users\balou\AppData\Local\Resmon.ResmonCfg
2020-02-11 23:01 - 2020-03-03 19:56 - 000000071 _____ () C:\Users\balou\AppData\Local\uts.ini
==================== SigCheckExt =========================
2009-07-14 03:25 - 2009-07-14 03:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll
2009-07-14 03:40 - 2009-07-14 03:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll
2020-05-06 09:48 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2020-05-06 09:48 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BJCE.DLL
2020-05-06 09:48 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMJCE.DLL
2020-07-25 20:51 - 2007-03-05 16:36 - 000070656 _____ (Pinnacle Systems) C:\WINDOWS\system32\PCLECoInst64.dll
2019-11-02 00:30 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2009-07-14 03:41 - 2009-07-14 03:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll
2021-01-04 17:46 - 2016-09-29 10:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe
2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL
2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe
2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe
2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {197b98a1-be81-11e8-84fa-e0bcc9f07fd4}
device ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {197b98a5-be81-11e8-84fa-e0bcc9f07fd4}
device ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
systemroot \windows
nx OptIn
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dcff31b9-475f-11e9-b8e2-dac3d9dc6ec6}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {de30e2e6-a324-11ea-81b4-503eaa099658}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {de30e2e3-a324-11ea-81b4-503eaa099658}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {197b98a2-be81-11e8-84fa-e0bcc9f07fd4}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {197b98a6-be81-11e8-84fa-e0bcc9f07fd4}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {de30e2e7-a324-11ea-81b4-503eaa099658}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================