Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021 Exécuté par Daniel DOUET (administrateur) sur DANIEL (Dell Inc. XPS 8700) (31-01-2021 11:34:00) Exécuté depuis C:\Users\Daniel DOUET\Downloads Profils chargés: Daniel DOUET Platform: Windows 10 Home Version 20H2 19042.746 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] C:\Program Files (x86)\Utilitaires\Clavier\Clavier.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.7.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <3> (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Orange) [Fichier non signé] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8504064 2015-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2019-09-26] (Acronis International GmbH -> ) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> ) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [611248 2015-05-26] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4180800 2019-09-26] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2019-09-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-4206714783-1842458062-39993589-1001\...\Run: [Clavier+] => C:\Program Files (x86)\Utilitaires\Clavier\Clavier.exe [157184 2018-07-07] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] HKU\S-1-5-21-4206714783-1842458062-39993589-1001\...\Run: [MailNotifier] => C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [1566208 2020-05-13] (Orange) [Fichier non signé] HKU\S-1-5-21-4206714783-1842458062-39993589-1001\...\Run: [ECMHelper] => C:\Program Files (x86)\ScreenCapture\Agent.exe HKLM\...\Windows x64\Print Processors\sst6cPC: C:\Windows\System32\spool\prtprocs\x64\sst6cpc.dll [43520 2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\sst6c Langmon: C:\WINDOWS\system32\sst6clm.dll [22528 2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us008 Langmon: us008lm.dll IFEO\LogTransport2.exe: [Debugger] 0 GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {059576E4-5EF0-4EB5-B98A-2CC8D3062829} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {062C2E95-6A87-4928-A4C2-3BC69444B732} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\MStick_Jeudi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {0871192D-63D8-4B47-8164-7B32BAF01B8A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {1ED51FBB-A3EC-4A0A-BE12-DE2FA07CE779} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\Sauve_Box => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {30BFFD8B-E1F2-4289-8676-B4D7E8BC0656} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {32C03C97-139C-4D68-B875-D6704E0E6E68} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\SyncBackFree MStick_Mardi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {38A9AF4B-AACE-47AB-9E8B-D39A82083435} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752200 2018-05-21] (HP Inc. -> ) Task: {3DECDA8C-45E7-4018-9AD2-605D9567F64C} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_Clavier => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {403C8CCB-D865-412B-9AE9-842B1F61ACE6} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\SyncBackFree MStick_Vendredi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {4A2447FF-C993-4755-9EBB-E9C9AAF479DF} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_IPTV => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {4FA059BE-A2B2-41EB-9749-FF58A25F234C} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_Courrier => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {5828BE7F-A468-43C0-96AB-177446D0E923} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5A58FC86-3508-4B0D-A6F7-10D5595284C3} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\MStick_Mercredi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {5EC68C07-23BB-4E0F-8D85-7D35FDFDBBCF} - System32\Tasks\2BrightSparks\SyncBackFree\DANIEL-Daniel DOUET\SyncBackFree => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {619B5C85-A503-4606-B4EF-0D4D0FBEE28B} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\MStick => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {65E72994-B09C-491F-A649-5814824FF901} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {6FC48DDD-29EA-42D0-BBCF-90917F407D77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: {7390F5CF-FAC3-438B-A84F-CDB10BDF9B77} - System32\Tasks\AdwCleaner_onReboot => C:\Program Files (x86)\Utilitaires\adwcleaner_7.0.1.0.exe Task: {7B0F913E-2398-4838-9646-D88018BC0748} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_Genealogie => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {7B696839-6FF5-4D9D-A3E3-026A7E7E3786} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_Favoris => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {7B80A89D-DC4D-4EBC-AF46-95BBD7B1C815} - System32\Tasks\Hewlett-Packard\HP Support Assistant\ie4ans => C:\WINDOWS\SysWOW64\rundll32 "C:\Users\Daniel DOUET\AppData\Local\GraphDebug\ir70_m_If_ssp.dll" oawics_v3_0BAUO Task: {97F46AEB-876B-4E6B-8ED4-8D3A76D1BADA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {99A894CB-7185-4A2E-9837-7E35A1ECD1E9} - System32\Tasks\2BrightSparks\SyncBackFree\DANIEL-Daniel DOUET\SyncBackFree MStick_Lundi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {9A94456D-67CD-4F4F-8B4D-6CF9978FED80} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\MStick_Samedi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {AD5465D8-E545-4DD9-A021-1F2409306305} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\MStick_Lundi => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {B127D1A2-26D7-4ADE-AD37-22372A9C063C} - System32\Tasks\2BrightSparks\SyncBackFree\DANIEL-Daniel DOUET\SyncBackFree Sauve_Box => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {BBD8410B-01E0-479A-97A8-5E76E225C8D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2781835-F60F-4D09-873F-CB192EC5937C} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\CF_Bureau => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {C4FF1078-46FB-40F8-B670-936F3A8ECF17} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-AETO18M-Daniel DOUET\Mstick_Dimanche => C:\Program Files (x86)\SyncBackFree\SyncBackFree.exe [74385376 2020-11-27] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {CF70D52C-445B-42B4-945B-F91C3F6127BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {DD13A716-004E-4D71-ACBF-E5FFB0B46128} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DD707A15-BCF5-4DAC-BAD4-8B73EE1CA2EE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F4EB36F1-412C-42C6-95F0-4A4B58F7D14E} - System32\Tasks\_Enregist_VLC => C:\Program Files (x86)\Dessin\VLC-3.0.2\vlc.exe [985800 2019-01-10] (VideoLAN -> VideoLAN) -> http://192.168.1.16:8001/1:0:19:2267:438:1:C00000:0:0:0 --sout=#duplicate{dst=file{dst=D:\Video\Film.ts},dst=display} --run-time=5700 vlc://quit Task: {FB69946F-2A13-4DFB-B718-1E985F97B542} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\Daniel [Argument = DOUET\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe] Task: {FBF5E933-318A-4D88-8681-BBBB165417DA} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Install => C:\Program Files (x86)\Orange Update\install.bat [0 2020-03-12] () <==== ATTENTION Task: {FC33B730-8B57-4932-B980-A749C3AD0F4E} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(1): Net -> stop "Orange Update Core Service" Task: {FC33B730-8B57-4932-B980-A749C3AD0F4E} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(2): Net -> start "Orange Update Core Service" (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{b2d926f3-867f-4401-8331-9d2ee6bf3fc3}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Edge: ======= DownloadDir: C:\Users\Daniel DOUET\Downloads Edge Notifications: HKU\S-1-5-21-4206714783-1842458062-39993589-1001 -> hxxps://forums.audipassion.com; hxxps://smsmms.orange.fr Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Daniel DOUET\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31] Edge StartupUrls: Default -> "hxxp://google.fr/","hxxp://ebay.fr/","hxxps://archives.allier.fr/archives-en-ligne/genealogie-histoire-des-familles/etat-civil-en-ligne?arko_default_5f992f52cfc55--ficheFocus=","hxxps://webmail1p.orange.fr/webmail/fr_FR/inbox.html" Edge Extension: (AdBlocker Ultimate) - C:\Users\Daniel DOUET\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pciakllldcajllepkbbihkmfkikheffb [2021-01-29] Edge Extension: (zFeedNews) - C:\ProgramData\Wasum\Ergikgx\AD4CA766 [2021-01-30] Edge Extension: (zFeedNews) - C:\ProgramData\Wasum\Fuvrhjs\AD4CA766 [2021-01-29] FireFox: ======== FF DefaultProfile: 6gpoygaq.default FF ProfilePath: C:\Users\Daniel DOUET\AppData\Roaming\Mozilla\Firefox\Profiles\6gpoygaq.default [2020-11-10] FF Extension: (Greasemonkey) - C:\Users\Daniel DOUET\AppData\Roaming\Mozilla\Firefox\Profiles\6gpoygaq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Daniel DOUET\AppData\Local\Google\Chrome\User Data\Default [2021-01-30] CHR StartupUrls: Default -> "hxxp://www.google.com" CHR Extension: (d8yI+Hf7rX) - C:\Users\Daniel DOUET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibbnekhgenienofhggddkbcleoaflog [2020-11-09] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1157592 2019-09-26] (Acronis International GmbH -> ) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2019-03-31] (Acronis International GmbH -> Acronis) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-09-26] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1753704 2019-09-26] (Acronis International GmbH -> ) S2 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [177384 2020-08-24] (Orange -> Orange) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-05-21] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2020-05-21] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2020-05-21] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2019-03-31] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2020-05-21] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-05-21] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-31 11:34 - 2021-01-31 11:34 - 000023671 _____ C:\Users\Daniel DOUET\Downloads\FRST.txt 2021-01-31 11:32 - 2021-01-31 11:34 - 000000000 ____D C:\FRST 2021-01-31 11:32 - 2021-01-31 11:32 - 002297856 _____ (Farbar) C:\Users\Daniel DOUET\Downloads\FRST64.exe 2021-01-31 11:31 - 2021-01-31 11:30 - 000371478 _____ C:\Users\Daniel DOUET\Desktop\ZHPDiag.txt 2021-01-31 11:25 - 2021-01-31 11:25 - 003480712 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPSuite (1).exe 2021-01-31 11:25 - 2021-01-31 11:25 - 000000912 _____ C:\Users\Daniel DOUET\Desktop\ZHPSuite.lnk 2021-01-30 18:26 - 2021-01-30 18:26 - 000465001 _____ C:\Users\Daniel DOUET\Desktop\ZHPDiag.html 2021-01-30 18:21 - 2021-01-30 18:21 - 003480712 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPSuite.exe 2021-01-30 13:41 - 2021-01-30 13:41 - 000000825 _____ C:\Users\Daniel DOUET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-01-30 13:41 - 2021-01-30 13:41 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\ESET 2021-01-30 10:52 - 2021-01-31 11:30 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\ZHP 2021-01-30 10:52 - 2021-01-30 18:22 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\ZHP 2021-01-30 10:52 - 2021-01-30 10:52 - 003342472 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPCleaner.exe 2021-01-30 07:39 - 2021-01-30 07:39 - 001504312 _____ (Adobe) C:\Users\Daniel DOUET\Downloads\uninstall_flash_player.exe 2021-01-29 10:41 - 2021-01-31 09:10 - 000000000 ____D C:\ProgramData\BSD 2021-01-29 10:07 - 2021-01-29 10:07 - 000001437 _____ C:\Users\Daniel DOUET\Desktop\Pouzy_BMS_1625.xls - Raccourci.lnk 2021-01-27 13:08 - 2021-01-27 13:08 - 004904032 _____ C:\Users\Daniel DOUET\Downloads\Notre squelette2.mp4 2021-01-23 11:14 - 2021-01-23 11:14 - 000916992 _____ C:\Users\Daniel DOUET\Downloads\Bagneux.xls 2021-01-23 11:14 - 2021-01-23 11:14 - 000223232 _____ C:\Users\Daniel DOUET\Downloads\Mesangy.xls 2021-01-23 11:14 - 2021-01-23 11:14 - 000063642 _____ C:\Users\Daniel DOUET\Downloads\POUZY-MÉSANGY_BASE2_M.TXT 2021-01-23 11:13 - 2021-01-23 11:21 - 000021160 _____ C:\Users\Daniel DOUET\Desktop\2021-01-22-dépouillements-allier.xlsx 2021-01-17 07:31 - 2021-01-17 07:31 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\Nuance 2021-01-16 16:06 - 2021-01-19 07:52 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\gladinet 2021-01-16 16:06 - 2021-01-16 16:06 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\ScanSoft 2021-01-16 16:06 - 2021-01-16 16:06 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\FLEXnet 2021-01-16 16:06 - 2021-01-16 16:06 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\ScanSoft 2021-01-16 16:06 - 2014-11-24 21:45 - 004256256 ____N C:\Users\Daniel DOUET\Documents\Document modele - bulletin.opd 2021-01-16 15:57 - 2021-01-29 10:03 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\Zeon 2021-01-16 15:53 - 2021-01-30 11:44 - 000000000 ___HD C:\ProgramData\Wasum 2021-01-16 15:53 - 2021-01-29 10:03 - 000000000 ____D C:\Program Files (x86)\PDFCreate8 2021-01-16 15:53 - 2021-01-16 15:53 - 000000000 ___HD C:\ProgramData\Gladinet 2021-01-16 15:53 - 2021-01-16 15:53 - 000000000 ____D C:\ProgramData\zeon 2021-01-16 15:51 - 2021-01-29 10:03 - 000000000 ____D C:\ProgramData\ScanSoft 2021-01-16 15:51 - 2021-01-29 10:03 - 000000000 ____D C:\ProgramData\Nuance 2021-01-16 15:51 - 2021-01-29 10:03 - 000000000 ____D C:\Program Files (x86)\OmniPage19 2021-01-16 15:51 - 2021-01-19 07:45 - 000000000 ____D C:\ProgramData\TEMP 2021-01-16 15:51 - 2021-01-16 15:54 - 000000000 ____D C:\Program Files (x86)\Nuance 2021-01-16 15:51 - 2021-01-16 15:51 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Nuance 2021-01-16 15:51 - 2021-01-16 15:51 - 000000000 ____D C:\ProgramData\FLEXnet 2021-01-16 14:52 - 2021-01-16 14:52 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\noabus 2021-01-16 14:52 - 2021-01-16 14:52 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Xxi 2021-01-16 14:51 - 2021-01-16 14:52 - 000000000 ____D C:\Program Files (x86)\MaskVPN 2021-01-16 14:51 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys 2021-01-16 14:50 - 2021-01-30 09:24 - 000000000 ____D C:\Program Files (x86)\ScreenCapture 2021-01-16 14:50 - 2021-01-16 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenCapture 2021-01-15 08:25 - 2021-01-15 08:25 - 013288946 _____ C:\Users\Daniel DOUET\Downloads\VID-20201203-WA0000.mp4 2021-01-14 07:41 - 2021-01-14 07:41 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-14 07:41 - 2021-01-14 07:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-14 07:41 - 2021-01-14 07:41 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-14 07:41 - 2021-01-14 07:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-14 07:41 - 2021-01-14 07:41 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-14 07:41 - 2021-01-14 07:41 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-14 07:41 - 2021-01-14 07:41 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-14 07:41 - 2021-01-14 07:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-14 07:41 - 2021-01-14 07:41 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-14 07:41 - 2021-01-14 07:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-14 07:41 - 2021-01-14 07:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-14 07:41 - 2021-01-14 07:41 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-14 07:41 - 2021-01-14 07:41 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-01-14 07:40 - 2021-01-14 07:40 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-01-14 07:40 - 2021-01-14 07:40 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-14 07:40 - 2021-01-14 07:40 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-14 07:40 - 2021-01-14 07:40 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-14 07:40 - 2021-01-14 07:40 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-14 07:40 - 2021-01-14 07:40 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-14 07:40 - 2021-01-14 07:40 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-14 07:40 - 2021-01-14 07:40 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-14 07:40 - 2021-01-14 07:40 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-14 07:40 - 2021-01-14 07:40 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-01-14 07:40 - 2021-01-14 07:40 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-13 07:37 - 2021-01-13 07:37 - 000000000 ___HD C:\$WinREAgent 2021-01-12 13:35 - 2021-01-12 13:35 - 000000163 _____ C:\Users\Daniel DOUET\Desktop\Archives_03.url 2021-01-09 09:04 - 2021-01-09 09:04 - 000001517 _____ C:\Users\Daniel DOUET\Desktop\St-Plaisir_BMS-1629-1902.xls - Raccourci.lnk 2021-01-08 08:23 - 2021-01-08 08:23 - 000001251 _____ C:\Users\Daniel DOUET\Desktop\VCL_Cinema.xspf - Raccourci.lnk 2021-01-04 11:40 - 2021-01-04 11:40 - 002847781 _____ C:\Users\Daniel DOUET\Downloads\C'e_tait le meilleur.mp4 2021-01-04 11:38 - 2021-01-04 11:38 - 003234918 _____ C:\Users\Daniel DOUET\Downloads\VIDEO-2020-04-07-10-05-05333.mp4 2021-01-04 11:36 - 2021-01-04 11:36 - 003109695 _____ C:\Users\Daniel DOUET\Downloads\VIDEO-2020-04-07-10-05-05222.mp4 2021-01-04 11:35 - 2021-01-04 11:35 - 001104185 _____ C:\Users\Daniel DOUET\Downloads\VIDEO-2020-04-07-10-05-05111.mp4 2020-12-29 14:10 - 2020-12-29 14:10 - 000030090 _____ C:\Users\Daniel DOUET\Downloads\1793-1798-AUGY-1E3-deces-v3.xlsx 2020-12-29 11:16 - 2020-12-29 11:42 - 000003814 _____ C:\WINDOWS\system32\Tasks\_Enregist_VLC 2020-12-29 08:39 - 2020-12-29 08:39 - 000000000 ____D C:\Program Files\Waves 2020-12-28 10:49 - 2020-12-28 10:49 - 000001472 _____ C:\Users\Daniel DOUET\Desktop\Augy-Bourb_BMS_1675.xls - Raccourci.lnk 2020-12-26 11:21 - 2020-12-26 11:21 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\EMCO 2020-12-26 11:21 - 2020-12-26 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO UnLock IT 5 2020-12-26 11:19 - 2020-12-26 11:19 - 000000000 ____D C:\ProgramData\EMCO 2020-12-25 08:21 - 2020-12-25 08:21 - 000001652 _____ C:\Users\Daniel DOUET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiseAutoShutdown.lnk 2020-12-25 07:46 - 2020-12-25 07:47 - 004165018 _____ C:\Users\Daniel DOUET\Downloads\Party Dance 1900.mp4 2020-12-24 17:15 - 2020-12-24 17:15 - 000001456 _____ C:\Users\Daniel DOUET\Desktop\Urcay_BMS_partiel.xls - Raccourci.lnk 2020-12-23 17:30 - 2020-12-28 13:47 - 000001801 _____ C:\Users\Daniel DOUET\Desktop\VLC-Enregistrement.rtf - Raccourci.lnk 2020-12-23 13:16 - 2020-12-23 13:19 - 138515580 _____ C:\WINDOWS\system32\Film.ts 2020-12-22 16:09 - 2021-01-31 11:30 - 000000135 _____ C:\Users\Daniel 2020-12-20 15:07 - 2020-12-20 15:07 - 002347008 _____ C:\Users\Daniel DOUET\Downloads\l'amour est dans le pru00E911 (1).pps 2020-12-18 07:37 - 2020-12-18 07:37 - 006320125 _____ C:\Users\Daniel DOUET\Downloads\Roselyne Avant.mp4 2020-12-18 07:37 - 2020-12-18 07:37 - 002064232 _____ C:\Users\Daniel DOUET\Downloads\Dupont Moretti Avant.mp4 2020-12-11 17:09 - 2020-12-11 17:09 - 000001504 _____ C:\Users\Daniel DOUET\Desktop\Couleuvre_BMS_1621-1912.xls - Raccourci.lnk 2020-12-11 08:02 - 2020-12-11 08:02 - 003638401 _____ C:\Users\Daniel DOUET\Downloads\received_703710883895609.mp4 2020-12-11 07:48 - 2020-12-11 07:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-11 07:48 - 2020-12-11 07:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-11 07:47 - 2020-12-11 07:47 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-11 07:47 - 2020-12-11 07:47 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-11 07:47 - 2020-12-11 07:47 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-11 07:47 - 2020-12-11 07:47 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-11 07:47 - 2020-12-11 07:47 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-11 07:47 - 2020-12-11 07:47 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-11 07:47 - 2020-12-11 07:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-11 07:47 - 2020-12-11 07:47 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-11 07:47 - 2020-12-11 07:47 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-09 13:20 - 2020-12-09 13:20 - 000001452 _____ C:\Users\Daniel DOUET\Desktop\Vitray_BMS.xlsm - Raccourci.lnk 2020-12-08 09:00 - 2020-12-08 09:00 - 000001501 _____ C:\Users\Daniel DOUET\Desktop\St-Caprais_BMS-partiel.xls - Raccourci.lnk 2020-12-05 13:10 - 2020-12-05 13:11 - 034408136 _____ C:\Users\Daniel DOUET\Documents\vlc-record-2020-12-05-13h10m22s-1_0_19_2261_438_1_C00000_0_0_0_-.ts 2020-12-03 15:28 - 2020-12-03 15:28 - 000001599 _____ C:\Users\Daniel DOUET\Desktop\St-Bonnet-Tronçais_BMS-partiel.xls - Raccourci.lnk 2020-12-03 07:47 - 2020-11-09 03:44 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-12-03 07:47 - 2020-11-09 03:44 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-12-03 07:47 - 2020-11-09 03:44 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-12-03 07:47 - 2020-11-09 03:44 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-12-03 07:47 - 2020-11-09 03:44 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-12-03 07:47 - 2020-11-09 03:44 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-12-03 07:47 - 2020-11-09 03:44 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-12-03 07:47 - 2020-11-09 03:44 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-12-03 07:47 - 2020-11-09 03:44 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-12-03 07:47 - 2020-11-09 03:44 - 000351128 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-12-03 07:47 - 2020-11-09 03:42 - 000673520 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-12-03 07:47 - 2020-11-09 03:42 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 000555248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-12-03 07:47 - 2020-11-09 03:41 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2020-12-03 07:47 - 2020-11-09 03:39 - 005972824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-11-30 10:40 - 2020-11-30 10:40 - 000001336 _____ C:\Users\Daniel DOUET\Desktop\HORLOGE.docx - Raccourci.lnk 2020-11-17 13:52 - 2020-11-17 13:52 - 000087764 _____ C:\Users\Daniel DOUET\Downloads\IPID Autopass.pdf 2020-11-17 13:51 - 2020-11-17 13:51 - 000202842 _____ C:\Users\Daniel DOUET\Downloads\Devis d'assurance.pdf 2020-11-17 13:48 - 2020-11-17 13:48 - 000238966 _____ C:\Users\Daniel DOUET\Downloads\Le_devis_Auto.pdf 2020-11-17 13:44 - 2020-11-17 13:44 - 000158002 _____ C:\Users\Daniel DOUET\Downloads\Document_information_produit_Auto_Access.pdf 2020-11-17 13:44 - 2020-11-17 13:44 - 000012676 _____ C:\Users\Daniel DOUET\Downloads\Votre_tarif_MMA.pdf 2020-11-15 14:43 - 2020-11-15 14:43 - 000000000 ____H C:\Users\Daniel DOUET\Documents\Default.rdp 2020-11-11 13:03 - 2020-11-11 13:03 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2020-11-11 09:41 - 2020-11-11 09:41 - 000001492 _____ C:\Users\Daniel DOUET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixelHealer.lnk 2020-11-10 11:47 - 2020-11-10 11:47 - 001153592 _____ (Akeo Consulting) C:\Users\Daniel DOUET\Downloads\rufus-3.12.exe 2020-11-10 10:58 - 2021-01-30 07:45 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-10 10:56 - 2020-11-10 10:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2020-11-10 10:55 - 2021-01-11 07:36 - 000003940 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper 2020-11-10 10:55 - 2020-12-29 14:44 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2020-11-10 10:55 - 2020-12-17 07:34 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4206714783-1842458062-39993589-1001 2020-11-10 10:55 - 2020-11-25 09:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-10 10:55 - 2020-11-11 12:44 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-11-10 10:55 - 2020-11-10 10:55 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4206714783-1842458062-39993589-500 2020-11-10 10:55 - 2020-11-10 10:55 - 000002724 _____ C:\WINDOWS\system32\Tasks\EPM Preload 2020-11-10 10:55 - 2020-11-10 10:55 - 000002372 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot 2020-11-10 10:55 - 2020-11-10 10:55 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-11-10 10:55 - 2020-11-10 10:55 - 000000020 ___SH C:\Users\Daniel DOUET\ntuser.ini 2020-11-10 10:55 - 2020-11-10 10:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-4206714783-1842458062-39993589-1001 2020-11-10 10:55 - 2020-11-10 10:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel 2020-11-10 10:55 - 2020-11-10 10:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2020-11-10 10:55 - 2020-11-10 10:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\2BrightSparks 2020-11-10 10:54 - 2020-11-10 10:55 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2020-11-10 10:54 - 2020-11-10 10:55 - 000007623 _____ C:\WINDOWS\diagerr.xml 2020-11-10 10:43 - 2020-11-10 10:49 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2020-11-10 10:42 - 2021-01-29 10:04 - 000000000 ____D C:\Users\Daniel DOUET 2020-11-10 10:42 - 2020-12-17 07:34 - 000002462 _____ C:\Users\Daniel DOUET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Voisinage réseau 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Voisinage d'impression 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Modèles 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Mes documents 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Menu Démarrer 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Documents\Mes vidéos 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Documents\Mes images 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\Documents\Ma musique 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-11-10 10:42 - 2020-11-10 10:42 - 000000000 _SHDL C:\Users\Daniel DOUET\AppData\Local\Historique 2020-11-10 10:38 - 2020-11-10 10:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2020-11-10 10:38 - 2020-11-10 10:38 - 000000000 ____D C:\Program Files\Reference Assemblies 2020-11-10 10:38 - 2020-11-10 10:38 - 000000000 ____D C:\Program Files\MSBuild 2020-11-10 10:38 - 2020-11-10 10:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2020-11-10 10:38 - 2020-11-10 10:38 - 000000000 ____D C:\Program Files (x86)\MSBuild 2020-11-10 10:34 - 2020-11-10 10:34 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2020-11-10 10:24 - 2020-11-29 09:52 - 000000000 ___DC C:\WINDOWS\Panther 2020-11-09 08:48 - 2020-11-09 08:49 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\31b3b186-d344-43a5-bdfa-2ac4fdcff078 2020-11-09 08:48 - 2020-11-09 08:49 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\23a5f992-2bd8-4da5-bf0d-3416185038de 2020-11-09 08:48 - 2020-11-09 08:48 - 000000557 _____ C:\Users\Daniel DOUET\AppData\Local\bowsakkdestx.txt 2020-11-09 08:48 - 2020-11-09 08:48 - 000000000 ____D C:\WINDOWS\SysWOW64\rqmvabwe 2020-11-09 08:48 - 2020-11-09 08:48 - 000000000 ____D C:\SystemID 2020-11-09 08:47 - 2020-11-10 07:53 - 000000000 ____D C:\Program Files (x86)\Zream 2020-11-09 08:47 - 2020-11-09 08:47 - 000000000 ____D C:\Users\Public\Thunder Network 2020-11-09 08:46 - 2020-11-09 08:46 - 000000000 ____D C:\ProgramData\sib 2020-11-09 08:40 - 2020-11-09 08:40 - 000000000 ____D C:\ProgramData\Riate 2020-11-09 08:39 - 2020-11-09 08:39 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\tuyvr 2020-11-09 08:37 - 2020-11-09 08:37 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Farwqons ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-31 11:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-31 11:22 - 2020-09-27 06:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-31 10:28 - 2019-07-08 14:52 - 000763768 _____ C:\Users\Daniel DOUET\Desktop\Control_Tensions.xlsm 2021-01-31 09:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-01-30 18:54 - 2019-03-30 11:56 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\vlc 2021-01-30 18:54 - 2019-03-25 10:19 - 000000000 ____D C:\ProgramData\NVIDIA 2021-01-30 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-01-30 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-01-30 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-30 09:26 - 2019-03-25 15:03 - 000000000 ____D C:\Program Files (x86)\Utilitaires 2021-01-30 09:25 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-01-30 09:22 - 2020-02-09 18:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-01-30 08:56 - 2019-09-10 09:58 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\ElevatedDiagnostics 2021-01-30 08:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-01-30 07:45 - 2019-12-07 15:49 - 000791604 _____ C:\WINDOWS\system32\perfh00C.dat 2021-01-30 07:45 - 2019-12-07 15:49 - 000149770 _____ C:\WINDOWS\system32\perfc00C.dat 2021-01-30 07:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-01-30 07:40 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-30 07:40 - 2020-07-10 13:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-01-30 07:40 - 2020-06-24 07:45 - 000008192 ___SH C:\DumpStack.log.tmp 2021-01-30 07:40 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-01-30 07:39 - 2019-03-25 10:11 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\Adobe 2021-01-30 07:27 - 2020-09-27 08:54 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-01-30 07:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-29 18:05 - 2019-04-01 15:30 - 000000000 ____D C:\Program Files (x86)\SyncBackFree 2021-01-29 10:14 - 2019-03-25 10:15 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-01-29 10:08 - 2020-09-27 08:53 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-01-29 10:08 - 2020-09-27 08:53 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-01-29 10:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-01-29 10:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-01-29 10:03 - 2019-04-01 09:57 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Orange 2021-01-29 10:03 - 2019-03-30 17:01 - 000000000 ____D C:\Program Files\CCleaner 2021-01-29 10:03 - 2019-03-30 13:47 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Microsoft Help 2021-01-29 10:03 - 2019-03-30 11:58 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Roaming\XnView 2021-01-29 10:03 - 2018-09-15 15:41 - 000000000 ____D C:\AdwCleaner 2021-01-29 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration 2021-01-29 09:32 - 2020-02-09 18:39 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2021-01-29 07:58 - 2019-03-25 10:11 - 000000000 ____D C:\Users\Daniel DOUET\AppData\Local\Packages 2021-01-27 13:00 - 2019-07-08 14:52 - 000019061 _____ C:\Users\Daniel DOUET\Desktop\Creatinine.xlsx 2021-01-26 10:12 - 2019-03-30 15:56 - 000000045 _____ C:\ProgramData\Chronos.prf 2021-01-17 15:26 - 2020-05-17 12:58 - 000070071 _____ C:\JasInt.txt 2021-01-14 07:59 - 2020-09-27 06:51 - 000463472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-14 07:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-14 07:58 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-14 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-14 07:40 - 2020-09-27 08:53 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-01-13 07:40 - 2019-03-25 11:19 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-01-13 07:38 - 2019-03-25 11:18 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2020-11-09 08:48 - 2020-11-09 08:48 - 000000557 _____ () C:\Users\Daniel DOUET\AppData\Local\bowsakkdestx.txt 2020-10-01 08:14 - 2020-10-01 08:14 - 000000410 _____ () C:\Users\Daniel DOUET\AppData\Local\oobelibMkey.log ==================== SigCheckExt ========================= 2014-09-08 13:37 - 2014-09-08 13:37 - 000072192 _____ C:\WINDOWS\system32\CDASpl.dll 2020-01-30 10:03 - 2016-08-10 12:07 - 002847744 _____ C:\WINDOWS\system32\DlgSearchEngine.dll 2018-05-17 09:07 - 2018-05-17 09:07 - 000087552 _____ C:\WINDOWS\system32\ssdevm64.dll 2017-11-08 07:29 - 2017-11-08 07:29 - 000049152 _____ C:\WINDOWS\system32\ssusbp64.dll 2019-03-30 11:32 - 1999-06-15 11:31 - 000096768 _____ C:\WINDOWS\SlantAdj.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2020-01-05 14:00 - 1998-07-12 23:00 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMCTLFR.DLL 2020-01-05 14:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2020-01-30 10:03 - 2016-08-10 12:07 - 002094592 _____ C:\WINDOWS\SysWOW64\DlgSearchEngine.dll 2020-01-05 14:00 - 1998-07-12 23:00 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDFR.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2015-03-17 00:34 - 2015-03-17 00:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2018-05-17 09:07 - 2018-05-17 09:07 - 000094208 _____ C:\WINDOWS\SysWOW64\ssdevm.dll 2017-11-08 07:29 - 2017-11-08 07:29 - 000049152 _____ (Samsung Electronics) C:\WINDOWS\SysWOW64\ssusbpn.dll 2020-01-05 14:00 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2020-02-17 13:12 - 2020-02-17 13:12 - 000113351 _____ C:\Users\Daniel DOUET\Downloads\brightdot_clock_discovery_tool (2).exe 2020-02-17 13:03 - 2020-02-17 13:04 - 000113351 _____ C:\Users\Daniel DOUET\Downloads\brightdot_clock_discovery_tool.exe 2021-01-31 11:32 - 2021-01-31 11:32 - 002297856 _____ (Farbar) C:\Users\Daniel DOUET\Downloads\FRST64.exe 2021-01-30 10:52 - 2021-01-30 10:52 - 003342472 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPCleaner.exe 2021-01-31 11:25 - 2021-01-31 11:25 - 003480712 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPSuite (1).exe 2021-01-30 18:21 - 2021-01-30 18:21 - 003480712 _____ (Nicolas Coolman) C:\Users\Daniel DOUET\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d�marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {9d37ce69-e503-11e2-a573-b8ca3a8383a5} {9d37ce6a-e503-11e2-a573-b8ca3a8383a5} {b2090f3c-e4ee-11e2-89c8-b8ca3a8383a5} {b2090f3d-e4ee-11e2-89c8-b8ca3a8383a5} timeout 0 Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {32f09ca4-b5e6-11ea-a926-b4b6766a516b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {9d37ce69-e503-11e2-a573-b8ca3a8383a5} description P1: HL-DT-ST DVDRW/BDROM CH20N Application logicielle (101fffff) -------------------------------- identificateur {9d37ce6a-e503-11e2-a573-b8ca3a8383a5} description ST2000DM001-1CH164 Application logicielle (101fffff) -------------------------------- identificateur {b2090f3c-e4ee-11e2-89c8-b8ca3a8383a5} description P1: HL-DT-ST DVDRW/BDROM CH20N Application logicielle (101fffff) -------------------------------- identificateur {b2090f3d-e4ee-11e2-89c8-b8ca3a8383a5} description ST2000DM001-1CH164 Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {32f09ca7-b5e6-11ea-a926-b4b6766a516b} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {32f09ca4-b5e6-11ea-a926-b4b6766a516b} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {32f09ca7-b5e6-11ea-a926-b4b6766a516b} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{32f09ca8-b5e6-11ea-a926-b4b6766a516b} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{32f09ca8-b5e6-11ea-a926-b4b6766a516b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d�marrage Windows ----------------------------- identificateur {fc507804-5526-11e8-b68b-a95b87b92a42} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{fc507805-5526-11e8-b68b-a95b87b92a42} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{fc507805-5526-11e8-b68b-a95b87b92a42} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {32f09ca4-b5e6-11ea-a926-b4b6766a516b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {32f09ca7-b5e6-11ea-a926-b4b6766a516b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m�moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Param�tres EMS -------------- identificateur {emssettings} bootems No Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p�riph�rique ----------------------- identificateur {32f09ca8-b5e6-11ea-a926-b4b6766a516b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================