Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021 Exécuté par david (administrateur) sur LAPTOP-QTKJ89VT (Acer Aspire A317-52) (01-05-2021 01:27:04) Exécuté depuis C:\Users\david\OneDrive\Bureau Profils chargés: david Platform: Windows 10 Home Version 2004 19041.928 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe (Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3024.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23> (GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe (GOTrustID Inc.) [Fichier non signé] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_cfcf51bb7b370ad0\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxCUIServiceN.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_3bd4cd1d0a01f3b6\igfxEMN.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_08f11cc9a4c9585a\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\IntelCpHDCPSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.226.0_x64__dt26b99r8h8gj\RtkUWP.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\david\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1138992 2020-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [287648 2021-04-06] (IDSA Production signing key 2021 -> Intel) HKU\S-1-5-21-973030240-2638152377-385084838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation) HKU\S-1-5-21-973030240-2638152377-385084838-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408896 2021-03-14] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-973030240-2638152377-385084838-1001\...\Run: [david] => cmd.exe /c start www.exinariuminix.info HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-26] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {223E668A-BBE4-4382-89AD-1FEEC6862561} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {38253FA5-501C-42F1-AE87-79CCD9647E79} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-04-15] (Acer Incorporated -> Acer Incorporated) Task: {3B4D34D9-2423-41E3-8D26-1C057E9FCFEE} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated) Task: {3E0B4822-5399-4797-B15E-AE52A76C2558} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {47FE5D57-27F2-4378-96E1-37AE26514F58} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> ) Task: {50600EAC-C9FC-412B-9DF8-B1C98F6CA0F0} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe Task: {52BAD45F-5CF8-4B8E-A4AB-FFD6D9CD7980} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {63330A64-F9C1-4CCF-AE38-D3B6031CFFC2} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [151080 2020-06-18] (Acer Incorporated -> Microsoft) Task: {677F0EDE-B409-479B-99A1-14EBFC63C6BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7CFF9DC5-DC93-463F-8793-81069FC1EE96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7D94E9F1-A611-4DE9-96CE-904CEC0465CD} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {7FADE164-7244-49B8-8D52-9FDFA29C9CA9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {8BC1BA3A-3EE6-4CE5-AA3E-9A479E82C1A2} - System32\Tasks\david => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v david /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info" Task: {99CAAF36-FD20-474C-A53D-AC6E45E90203} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation) Task: {9F926DDE-F8DC-4B4D-B8C0-E0E1D3FF9AF6} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> ) Task: {AB4C1A39-DFE4-4C13-8426-A3E72BE2C7E1} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {ADFD0CD5-F306-4603-9BDE-DF0163F0E592} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> ) Task: {B4891A3F-9DCA-4D65-A944-51F72514CA31} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> ) Task: {B6386D0F-5F16-4457-ADF6-F2FA6757AA35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6F96E53-3B88-4862-A054-AF69E4FE1AFC} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-04-15] (Acer Incorporated -> Acer Incorporated) Task: {B7861169-20D2-48E2-894B-E4FADAD2BED0} - System32\Tasks\App Explorer => C:\Users\david\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7968424 2020-12-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {BD9407A0-8D06-4391-9C6D-0084D05CACAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {D2455CF8-858A-493E-A3FA-074ACF51987B} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> ) Task: {DA6D504B-A6CA-437E-B630-25B9DA5430BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC) Task: {DA9BBEB1-46F3-4D33-9A9F-7B512E6F1114} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer) Task: {F7F98916-5BA3-4F11-803A-652639800AD2} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{961fd807-18b8-4a55-a9ad-c9e68e4ff705}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-30] Chrome: ======= CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Default [2021-05-01] CHR DownloadDir: C:\Users\david\OneDrive\Documents CHR Notifications: Default -> hxxps://captcha-sourcecenter.com; hxxps://commande.dominos.fr; hxxps://news-central.me; hxxps://www.facebook.com; hxxps://www1.news-back.org CHR HomePage: Default -> hxxp://www.google.fr/ CHR StartupUrls: Default -> "hxxps://www.google.fr/" CHR Extension: (Slides) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-09] CHR Extension: (Docs) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-09] CHR Extension: (Google Drive) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-09] CHR Extension: (YouTube) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-09] CHR Extension: (Sheets) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-09] CHR Extension: (Google Docs hors connexion) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-13] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-12] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-04-23] CHR Extension: (Nebula) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlmflgnnmmojlnbmaokpfcjdkhkjbnok [2021-02-18] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09] CHR Extension: (Gmail) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-09] CHR Extension: (Chrome Media Router) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4993344 2021-03-14] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [Fichier non signé] R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [306728 2020-04-15] (Acer Incorporated -> Acer Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-22] (Acer Incorporated -> Acer Incorporated) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-03-14] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2021-03-14] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 MpKsl3df66260; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4EA9AB6-C627-4B47-98B8-C0AB0E3F1A94}\MpKslDrv.sys [47336 2021-04-30] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-01 01:26 - 2021-05-01 01:27 - 000000000 ____D C:\FRST 2021-05-01 01:14 - 2021-05-01 01:18 - 000000000 ____D C:\Users\david\AppData\Roaming\ZHP 2021-05-01 01:14 - 2021-05-01 01:14 - 000000000 ____D C:\Users\david\AppData\Local\ZHP 2021-04-30 11:50 - 2021-04-30 11:50 - 000360677 _____ C:\Users\david\OneDrive\Documents\2021 04 28-1 Présentation AQ.pdf 2021-04-29 13:35 - 2021-04-30 22:56 - 000000000 ____D C:\Users\david\OneDrive\Documents\AHQJM 2021-04-23 02:31 - 2021-04-23 02:31 - 1456861647 _____ C:\Users\david\OneDrive\Documents\Monster Hunter.mkv 2021-04-22 01:35 - 2021-04-22 01:35 - 000000000 ____D C:\Users\david\AppData\Local\Epic Games 2021-04-19 02:53 - 2021-04-19 17:31 - 000000000 ____D C:\Users\david\OneDrive\Documents\Fear TWD vu 9 2021-04-18 12:16 - 2021-04-18 12:16 - 000000000 ____D C:\Users\david\AppData\Local\GUI.Win 2021-04-18 12:16 - 2021-04-18 12:16 - 000000000 ____D C:\ProgramData\TotalAV 2021-04-18 12:16 - 2021-04-18 12:16 - 000000000 ____D C:\ProgramData\SecuritySuite 2021-04-15 20:52 - 2021-04-15 20:52 - 000001426 _____ C:\Windows\system32\default_error_stack-000006-000000.txt 2021-04-15 19:54 - 2021-04-15 19:54 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-04-15 19:54 - 2021-04-15 19:54 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll 2021-04-15 19:54 - 2021-04-15 19:54 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-04-08 16:04 - 2021-04-08 16:04 - 000137128 _____ C:\Windows\system32\ze_validation_layer.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 026659736 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 013487512 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 001851304 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-04-08 16:03 - 2021-04-08 16:03 - 001851304 _____ C:\Windows\system32\vulkaninfo.exe 2021-04-08 16:03 - 2021-04-08 16:03 - 001431976 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-04-08 16:03 - 2021-04-08 16:03 - 001431976 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-04-08 16:03 - 2021-04-08 16:03 - 001093736 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 001093736 _____ C:\Windows\system32\vulkan-1.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000947816 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000947816 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000605592 _____ C:\Windows\system32\ze_tracing_layer.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000499096 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000421272 _____ C:\Windows\system32\ze_loader.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000361880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000298416 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000246288 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000163008 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll 2021-04-08 16:03 - 2021-04-08 16:03 - 000138504 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll 2021-04-08 16:02 - 2021-04-08 16:02 - 000330648 _____ C:\Windows\system32\ControlLib.dll 2021-04-02 16:49 - 2021-04-24 16:32 - 000000000 ____D C:\Users\david\OneDrive\Documents\Greys Anatomy saison 17 6 sur 16 2021-03-26 00:38 - 2021-03-26 00:38 - 000000000 ____D C:\Users\david\OneDrive\Documents\ALED 2021-03-21 04:32 - 2021-03-21 04:32 - 000001425 _____ C:\Windows\system32\default_error_stack-000005-000000.txt 2021-03-21 02:38 - 2021-04-20 01:26 - 000000000 ____D C:\Users\david\AppData\Roaming\bettercrewlink 2021-03-21 02:38 - 2021-03-21 02:38 - 000002468 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Better-CrewLink.lnk 2021-03-21 02:38 - 2021-03-21 02:38 - 000000000 ____D C:\Users\david\AppData\Local\bettercrewlink-updater 2021-03-20 22:11 - 2021-03-20 22:16 - 000000000 ____D C:\Users\david\AppData\Roaming\crewlink 2021-03-20 22:11 - 2021-03-20 22:11 - 000002357 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrewLink.lnk 2021-03-20 22:11 - 2021-03-20 22:11 - 000000000 ____D C:\Users\david\AppData\Local\crewlink-updater 2021-03-18 17:56 - 2021-04-22 01:33 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps 2021-03-17 00:30 - 2021-05-01 00:26 - 000000000 ____D C:\Users\david\AppData\Roaming\discord 2021-03-17 00:30 - 2021-05-01 00:07 - 000000000 ____D C:\Users\david\AppData\Local\Discord 2021-03-17 00:30 - 2021-03-17 00:30 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-03-17 00:30 - 2021-03-17 00:30 - 000000000 ____D C:\Users\david\AppData\Local\SquirrelTemp 2021-03-17 00:12 - 2021-04-07 09:28 - 000003944 _____ C:\Windows\system32\Tasks\BlueStacksHelper 2021-03-17 00:08 - 2021-03-17 00:08 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk 2021-03-17 00:08 - 2021-03-17 00:08 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk 2021-03-17 00:07 - 2021-03-17 00:08 - 000000000 ____D C:\ProgramData\BlueStacks 2021-03-17 00:07 - 2021-03-17 00:07 - 000000000 ____D C:\Program Files\BlueStacks 2021-03-17 00:05 - 2021-03-17 00:07 - 000000000 ____D C:\Users\Public\BlueStacks 2021-03-17 00:05 - 2021-03-17 00:07 - 000000000 ____D C:\Users\david\AppData\Local\BlueStacksSetup 2021-03-17 00:05 - 2021-03-17 00:07 - 000000000 ____D C:\Users\david\AppData\Local\Bluestacks 2021-03-16 01:03 - 2021-03-16 10:01 - 000000000 ____D C:\Users\david\AppData\Local\Spotify 2021-03-16 01:03 - 2021-03-16 10:00 - 000000000 ____D C:\Users\david\AppData\Roaming\Spotify 2021-03-16 01:03 - 2021-03-16 01:03 - 000001840 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2021-03-15 23:14 - 2021-03-15 23:14 - 000003570 _____ C:\Windows\system32\Tasks\david 2021-03-14 18:59 - 2021-03-14 18:59 - 000000000 ____D C:\Users\david\AppData\Roaming\Frontier Developments 2021-03-14 18:59 - 2021-03-14 18:59 - 000000000 ____D C:\Users\david\AppData\Local\Frontier Developments 2021-03-14 18:20 - 2021-03-14 22:51 - 000000000 ____D C:\Users\david\AppData\Local\Disc_Soft_Ltd 2021-03-14 18:19 - 2021-03-14 18:31 - 000000000 ____D C:\ProgramData\Avast Software 2021-03-14 18:19 - 2021-03-14 18:19 - 000000000 ____D C:\Users\david\AppData\Roaming\Disc-Soft 2021-03-14 18:19 - 2021-03-14 18:19 - 000000000 ____D C:\Users\david\AppData\Roaming\DAEMON Tools Lite 2021-03-14 18:18 - 2021-03-14 18:18 - 000059360 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2021-03-14 18:18 - 2021-03-14 18:18 - 000042256 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2021-03-14 18:18 - 2021-03-14 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite 2021-03-14 18:18 - 2021-03-14 18:18 - 000000000 ____D C:\ProgramData\Disc-Soft 2021-03-14 18:18 - 2021-03-14 18:18 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2021-03-13 21:14 - 2021-03-13 21:14 - 000000000 ____D C:\Users\david\AppData\Roaming\Surviving Mars 2021-03-13 20:49 - 2021-03-14 00:40 - 000000000 ____D C:\Program Files\Epic Games 2021-03-13 20:43 - 2021-03-13 20:43 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA Corporation 2021-03-13 20:42 - 2021-03-13 20:42 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2021-03-13 20:42 - 2021-03-13 20:42 - 000001258 _____ C:\ProgramData\Bureau\Epic Games Launcher.lnk 2021-03-13 20:42 - 2021-03-13 20:42 - 000000000 ____D C:\Users\david\AppData\Local\UnrealEngineLauncher 2021-03-13 20:42 - 2021-03-13 20:42 - 000000000 ____D C:\Users\david\AppData\Local\UnrealEngine 2021-03-13 20:42 - 2021-03-13 20:42 - 000000000 ____D C:\Users\david\AppData\Local\EpicGamesLauncher 2021-03-13 20:41 - 2021-03-13 20:43 - 000000000 ____D C:\ProgramData\Epic 2021-03-13 20:41 - 2021-03-13 20:41 - 000000000 ____D C:\Program Files (x86)\Epic Games 2021-03-12 17:50 - 2021-03-12 17:50 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-03-12 17:50 - 2021-03-12 17:50 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-03-12 17:50 - 2021-03-12 17:50 - 001394024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-03-12 17:50 - 2021-03-12 17:50 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-03-12 17:50 - 2021-03-12 17:50 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE 2021-03-12 17:50 - 2021-03-12 17:50 - 000707016 _____ C:\Windows\system32\TextShaping.dll 2021-03-12 17:50 - 2021-03-12 17:50 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll 2021-03-12 17:50 - 2021-03-12 17:50 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-03-12 01:40 - 2021-03-12 01:40 - 000001425 _____ C:\Windows\system32\default_error_stack-000004-000000.txt 2021-03-11 23:57 - 2021-03-12 01:38 - 000000000 ____D C:\Windows\system32\Tasks\Remediation 2021-03-10 00:29 - 2021-03-10 00:29 - 000001426 _____ C:\Windows\system32\default_error_stack-000003-000000.txt 2021-03-09 23:32 - 2021-03-21 12:12 - 000000000 ____D C:\Users\david\OneDrive\Documents\Logiciel 2021-03-09 23:31 - 2021-03-09 23:31 - 000000000 ____D C:\Users\david\AppData\Roaming\WinRAR 2021-03-09 23:31 - 2021-03-09 23:31 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-03-09 23:31 - 2021-03-09 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-03-09 23:30 - 2021-03-09 23:31 - 000000000 ____D C:\Program Files\WinRAR 2021-03-09 23:16 - 2021-03-09 23:17 - 000000000 ____D C:\Users\david\AppData\Roaming\WoodedLawgiver 2021-03-09 23:16 - 2021-03-09 23:16 - 000000000 ____D C:\Program Files (x86)\WoodedLawgiverrvmSetup 2021-03-08 21:12 - 2021-03-08 21:12 - 000001425 _____ C:\Windows\system32\default_error_stack-000002-000000.txt 2021-03-08 21:06 - 2021-03-08 21:06 - 000000000 ____D C:\Users\david\AppData\Roaming\CreamAPI 2021-03-08 21:06 - 2021-03-08 21:06 - 000000000 ____D C:\Users\david\AppData\LocalLow\Innersloth 2021-03-07 20:37 - 2021-03-07 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2021-03-07 20:37 - 2021-03-07 20:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Works 2021-03-07 20:36 - 2021-03-07 20:36 - 000000000 ____D C:\Windows\PCHEALTH 2021-03-07 20:36 - 2021-03-07 20:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2021-03-07 20:35 - 2021-03-07 20:36 - 000000000 ____D C:\Windows\SHELLNEW 2021-03-07 20:35 - 2021-03-07 20:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-03-07 20:35 - 2021-03-07 20:35 - 000000000 __RHD C:\MSOCache 2021-03-07 20:35 - 2021-03-07 20:35 - 000000000 ____D C:\Users\david\AppData\Local\Microsoft Help 2021-03-07 20:35 - 2021-03-07 20:35 - 000000000 ____D C:\Program Files\Microsoft Office 2021-03-07 20:35 - 2021-03-07 20:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2021-03-05 14:21 - 2021-04-23 12:24 - 000000000 ____D C:\Users\david\OneDrive\Documents\Resident Alien saison 1 complet 2021-03-05 02:04 - 2021-03-05 02:04 - 000001435 _____ C:\Windows\system32\default_error_stack-000001-000000.txt 2021-02-27 21:32 - 2021-02-27 21:32 - 001738744 _____ C:\Users\david\Downloads\Scoleo - plaquette 8 pages Nos dispositifs.pdf 2021-02-27 21:32 - 2021-02-27 21:32 - 000152957 _____ C:\Users\david\Downloads\Fiche_referents_Scoleo_2021_-_a_compléter.pdf 2021-02-27 00:33 - 2021-02-27 00:34 - 000000000 ____D C:\Users\david\AppData\Local\NPE 2021-02-21 19:54 - 2021-02-21 19:54 - 000146239 _____ C:\Users\david\Downloads\AttestationDroits.pdf 2021-02-17 22:52 - 2021-02-17 22:52 - 000437633 _____ C:\Users\david\Downloads\LADAPT Normandie - Questionnaire Pré-Accueil - Préorientation.pdf 2021-02-17 22:52 - 2021-02-17 22:52 - 000407319 _____ C:\Users\david\Downloads\Préo Présentation - juin 2020.pdf 2021-02-17 22:20 - 2021-02-17 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com 2021-02-17 22:20 - 2021-02-17 22:20 - 000000000 ____D C:\ProgramData\DriversCloud.com 2021-02-17 22:20 - 2021-02-17 22:20 - 000000000 ____D C:\Program Files\DriversCloud.com 2021-02-17 22:19 - 2021-02-17 22:19 - 000239216 _____ C:\Users\david\Downloads\DriversCloud_Win.exe 2021-02-17 21:51 - 2021-04-15 19:49 - 000000000 ____D C:\Windows\system32\MRT 2021-02-16 20:43 - 2021-02-16 20:43 - 005250839 _____ C:\Users\david\Downloads\file.mp4 2021-02-14 16:14 - 2021-04-24 16:41 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache 2021-02-14 16:14 - 2021-02-14 16:14 - 005186136 _____ (Husdawg, LLC) C:\Users\david\Downloads\Detection.exe 2021-02-14 14:19 - 2021-02-14 14:19 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2021-02-14 14:19 - 2021-02-14 14:19 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2021-02-14 14:19 - 2021-02-14 14:19 - 000095744 _____ C:\Windows\system32\VirtualMonitorManager.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 002254336 _____ C:\Windows\system32\dwmscene.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2021-02-14 14:18 - 2021-02-14 14:18 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2021-02-14 14:18 - 2021-02-14 14:18 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000455680 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-02-14 14:18 - 2021-02-14 14:18 - 000330752 _____ C:\Windows\SysWOW64\ssdm.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2021-02-14 14:18 - 2021-02-14 14:18 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000240640 _____ C:\Windows\SysWOW64\CoreMas.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000235520 _____ C:\Windows\SysWOW64\HeatCore.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2021-02-14 14:18 - 2021-02-14 14:18 - 000190976 _____ C:\Windows\system32\BthpanContextHandler.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2021-02-14 14:18 - 2021-02-14 14:18 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe 2021-02-14 14:18 - 2021-02-14 14:18 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax 2021-02-14 14:18 - 2021-02-14 14:18 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2021-02-14 14:18 - 2021-02-14 14:18 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2021-02-14 14:18 - 2021-02-14 14:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-02-14 14:18 - 2021-02-14 14:18 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-02-14 14:18 - 2021-02-14 14:18 - 000053760 _____ C:\Windows\SysWOW64\BWContextHandler.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2021-02-14 14:18 - 2021-02-14 14:18 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe 2021-02-14 14:18 - 2021-02-14 14:18 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt 2021-02-14 14:17 - 2021-02-14 14:17 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000643072 _____ C:\Windows\system32\WindowManagementAPI.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-02-14 14:17 - 2021-02-14 14:17 - 000455168 _____ C:\Windows\system32\ssdm.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000306688 _____ C:\Windows\system32\HeatCore.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2021-02-14 14:17 - 2021-02-14 14:17 - 000197632 _____ C:\Windows\system32\IHDS.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-02-14 14:17 - 2021-02-14 14:17 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-02-14 14:17 - 2021-02-14 14:17 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe 2021-02-13 16:24 - 2021-02-13 16:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2021-02-13 16:18 - 2020-08-10 04:17 - 041604136 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2021-02-12 14:27 - 2021-02-12 14:27 - 000001435 _____ C:\Windows\system32\default_error_stack-000000-000000.txt 2021-02-11 14:19 - 2021-04-30 09:14 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-02-09 18:59 - 2021-02-09 18:59 - 000003390 _____ C:\Windows\system32\Tasks\NortonLifeLock Trial Agent V2 2021-02-09 18:41 - 2021-02-09 18:41 - 000004890 _____ C:\Windows\system32\Tasks\AcerCMUpdateTask2.1.20250 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\Modèles 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\Mes documents 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\ProgramData\Modèles 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\ProgramData\Bureau 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Program Files\Fichiers communs 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 _SHDL C:\Documents and Settings 2021-02-09 18:41 - 2021-02-09 18:41 - 000000000 ____D C:\Windows\oem 2021-02-09 15:38 - 2021-02-09 15:38 - 000000036 _____ C:\Users\david\AppData\LocalLow\.bidstack-device-id 2021-02-09 14:33 - 2021-02-09 14:33 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-02-09 14:24 - 2021-04-08 21:59 - 000001514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2021-02-09 14:24 - 2021-02-09 14:24 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-02-09 14:24 - 2021-02-09 14:24 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-02-09 14:24 - 2021-02-09 14:24 - 000002678 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2021-02-09 14:24 - 2020-12-15 15:37 - 000041816 _____ C:\Windows\system32\Drivers\semav6msr64.sys 2021-02-09 14:22 - 2021-02-09 14:22 - 005349304 _____ (Intel) C:\Users\david\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe 2021-02-09 14:19 - 2021-02-14 15:15 - 000000000 ____D C:\Users\david\OneDrive\Documents\Sports Interactive 2021-02-09 14:19 - 2021-02-14 15:15 - 000000000 ____D C:\Users\david\AppData\Local\Sports Interactive 2021-02-09 14:04 - 2021-03-09 21:43 - 000000000 ___HD C:\$WinREAgent 2021-02-09 14:04 - 2021-02-09 14:04 - 000003072 _____ C:\Windows\system32\Tasks\Power Button 2021-02-09 14:04 - 2021-02-09 14:04 - 000002998 _____ C:\Windows\system32\Tasks\Quick Access 2021-02-09 12:40 - 2021-02-09 12:40 - 000000000 ____D C:\Users\david\AppData\Local\OneDrive 2021-02-09 12:26 - 2021-02-09 12:42 - 000000000 ____D C:\Users\david\AppData\Local\Comms 2021-02-09 12:25 - 2021-04-15 00:33 - 000000000 ____D C:\Users\david\OneDrive\Documents\Fond d'écran 2021-02-09 12:25 - 2021-03-08 21:48 - 000000000 ____D C:\Program Files\Common Files\AV 2021-02-09 12:13 - 2021-02-09 12:13 - 000000000 ____D C:\Users\david\AppData\Local\Steam 2021-02-09 12:13 - 2021-02-09 12:13 - 000000000 ____D C:\Users\david\AppData\Local\CEF 2021-02-09 12:12 - 2021-05-01 00:26 - 000000000 ____D C:\Program Files (x86)\Steam 2021-02-09 12:12 - 2021-02-09 12:12 - 001770744 _____ C:\Users\david\Downloads\SteamSetup.exe 2021-02-09 12:12 - 2021-02-09 12:12 - 000001036 _____ C:\ProgramData\Bureau\Steam.lnk 2021-02-09 12:12 - 2021-02-09 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2021-02-09 12:10 - 2021-02-11 01:25 - 000000000 ____D C:\Users\david\AppData\Local\Publishers 2021-02-09 12:02 - 2021-02-13 22:17 - 000000000 ____D C:\ProgramData\Packages 2021-02-09 11:59 - 2021-02-09 11:59 - 000000000 ____D C:\Users\david\AppData\Local\OEM 2021-02-09 11:58 - 2021-04-26 22:30 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-02-09 11:57 - 2021-04-21 12:24 - 000003588 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-02-09 11:57 - 2021-04-21 12:24 - 000003464 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-02-09 11:57 - 2021-02-09 12:02 - 000000000 ____D C:\Users\david\AppData\Local\Google 2021-02-09 11:57 - 2021-02-09 11:57 - 001304160 _____ (Google LLC) C:\Users\david\Downloads\ChromeSetup.exe 2021-02-09 11:57 - 2021-02-09 11:57 - 000000000 ____D C:\Users\david\AppData\Local\CareCenter 2021-02-09 11:57 - 2021-02-09 11:57 - 000000000 ____D C:\Program Files\Google 2021-02-09 11:57 - 2021-02-09 11:57 - 000000000 ____D C:\Program Files (x86)\Google 2021-02-09 11:56 - 2021-02-14 16:47 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder 2021-02-09 11:56 - 2021-02-09 11:56 - 000000000 ___HD C:\OneDriveTemp 2021-02-09 11:56 - 2021-02-09 11:56 - 000000000 ____D C:\Users\Public\App Explorer 2021-02-09 11:55 - 2021-04-29 08:54 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-973030240-2638152377-385084838-1001 2021-02-09 11:55 - 2021-04-29 08:54 - 000000000 ___RD C:\Users\david\OneDrive 2021-02-09 11:54 - 2021-04-30 07:44 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles 2021-02-09 11:54 - 2021-03-01 19:06 - 000000000 ____D C:\Users\david\AppData\Local\Packages 2021-02-09 11:54 - 2021-02-09 14:28 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform 2021-02-09 11:54 - 2021-02-09 14:24 - 000000000 ____D C:\Users\david\AppData\Local\Intel 2021-02-09 11:54 - 2021-02-09 11:54 - 000000000 ___RD C:\Users\david\3D Objects 2021-02-09 11:54 - 2021-02-09 11:54 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe 2021-02-09 11:54 - 2021-02-09 11:54 - 000000000 ____D C:\Users\david\AppData\LocalLow\Intel 2021-02-09 11:54 - 2021-02-09 11:54 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore 2021-02-09 11:49 - 2021-04-30 23:36 - 000000000 ____D C:\Users\david 2021-02-09 11:49 - 2021-04-30 07:47 - 000000000 ____D C:\Users\david\AppData\Local\Host App Service 2021-02-09 11:49 - 2021-04-29 08:54 - 000002405 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-02-09 11:49 - 2021-02-10 11:17 - 000000000 ____D C:\Windows\system32\Tasks\Oem 2021-02-09 11:49 - 2021-02-09 11:49 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ExpressVPN.lnk 2021-02-09 11:49 - 2021-02-09 11:49 - 000000020 ___SH C:\Users\david\ntuser.ini 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\Voisinage réseau 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\Voisinage d'impression 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\Modèles 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\Mes documents 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\Menu Démarrer 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 _SHDL C:\Users\david\AppData\Local\Historique 2021-02-09 11:49 - 2021-02-09 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-01 01:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-30 22:52 - 2020-12-17 14:54 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-04-29 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-04-29 10:23 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-29 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-04-28 12:10 - 2020-12-17 14:59 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-26 08:31 - 2020-12-17 14:58 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-26 08:31 - 2020-12-17 14:58 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-18 12:28 - 2020-12-17 15:02 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI 2021-04-18 12:28 - 2020-05-14 10:36 - 000793016 _____ C:\Windows\system32\perfh00C.dat 2021-04-18 12:28 - 2020-05-14 10:36 - 000150146 _____ C:\Windows\system32\perfc00C.dat 2021-04-18 12:24 - 2020-12-17 14:54 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-18 12:24 - 2020-12-17 14:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-04-18 12:24 - 2020-12-17 14:54 - 000000000 ___HD C:\Intel 2021-04-18 12:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2021-04-18 12:24 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-04-18 01:49 - 2020-12-17 14:59 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-17 14:56 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2021-04-17 14:56 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-04-15 20:52 - 2020-12-17 14:54 - 000460952 _____ C:\Windows\system32\FNTCACHE.DAT 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-04-15 20:52 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-04-15 19:54 - 2020-12-17 15:00 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2021-04-11 03:26 - 2020-12-17 14:54 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-04-08 21:59 - 2020-12-17 15:00 - 000000000 ____D C:\Program Files (x86)\Intel ==================== SigCheckExt ========================= 2006-10-26 14:45 - 2006-10-26 14:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {09ca6405-4067-11eb-8341-806e6f6e6963} {09ca6406-4067-11eb-8341-806e6f6e6963} {09ca6407-4067-11eb-8341-806e6f6e6963} {bootmgr} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {736002a6-40b2-11eb-a419-089798d4d87c} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {09ca6405-4067-11eb-8341-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {09ca6406-4067-11eb-8341-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {09ca6407-4067-11eb-8341-806e6f6e6963} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {736002a8-40b2-11eb-a419-089798d4d87c} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {736002a6-40b2-11eb-a419-089798d4d87c} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {736002a8-40b2-11eb-a419-089798d4d87c} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{736002a9-40b2-11eb-a419-089798d4d87c} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{736002a9-40b2-11eb-a419-089798d4d87c} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {736002a6-40b2-11eb-a419-089798d4d87c} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {736002a8-40b2-11eb-a419-089798d4d87c} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {736002a9-40b2-11eb-a419-089798d4d87c} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Acer Recovery Management ramdisksdidevice partition=C: ramdisksdipath \TempHidden\SCD\boot\boot.sdi ==================== Fin de FRST.txt ========================