Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01 Exécuté par adrie (administrateur) sur LAPTOP-UK29JPFN (LENOVO 80E3) (06-06-2021 19:58:09) Exécuté depuis C:\Users\adrie\Downloads Profils chargés: adrie Platform: Windows 10 Home Version 20H2 19042.985 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20> (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\adrie\Downloads\ZHPSuite.exe (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229080 2015-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKU\S-1-5-21-559716797-1808254368-773481850-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2138448 2021-04-08] (Wargaming.net Limited -> Wargaming.net) HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-05] (Google LLC -> Google LLC) GroupPolicy-x32: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0D1A0BCC-32DB-430F-BAF2-88E2782C36CB} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION Task: {12862EB8-4A66-4639-AADF-73BFBD1262C9} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe Task: {138F48D8-7A7A-4CA0-985E-2073703E50EC} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe Task: {1544CB9B-CDEF-4E4D-BD6B-82A13CA8E015} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe Task: {15F8AE93-4616-49BC-86FA-A95FFBE16104} - \Lenovo\ImController\TimeBasedEvents\3fa6aa7d-d1a5-4a1b-a8ad-637454e0bd0a -> Pas de fichier <==== ATTENTION Task: {287C4E9B-2D21-42B7-914C-A7F638E87352} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {30429249-24B1-414D-8BD7-F6124F8222FA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo) Task: {46629569-507D-4A38-9067-532F4E918FEA} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION Task: {4B96F9EE-F40A-45C9-8CC4-142B36B036CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-26] (Google Inc -> Google Inc.) Task: {4F47FA4F-CCBB-4778-BF7F-51C5A50A7402} - \Lenovo\ImController\TimeBasedEvents\33ac25b3-b92a-493d-b789-6ae4277db8cb -> Pas de fichier <==== ATTENTION Task: {54AAB4CE-805C-467A-8242-104FC988E205} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {599E80F5-0B42-4177-96F2-1927FBD17F25} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe Task: {6296D2F2-08DC-4AEB-B573-02DD24CA323E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7EDE49BE-344C-4FF5-860D-D1FFC8015411} - \Lenovo\ImController\TimeBasedEvents\9bb193af-e6c9-4993-b45c-1d1551c93b78 -> Pas de fichier <==== ATTENTION Task: {8837678C-328D-4F94-8C9F-E5D301A667DB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 65115EB12293C96F => C:\Users\adrie\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-29] (Mozilla Corporation -> Mozilla Foundation) <==== ATTENTION Task: {888D5B17-AD0F-4C7D-A26D-271AD475DDC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {94165F15-FABB-43C2-9619-84B9D338DFED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A8894E0C-2BEC-4576-B22B-CF6D1D10D6E8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe Task: {B9BC5353-B84A-4844-B77B-1F163919B636} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {BE73296B-C53C-4BF7-84E5-CFEAD5B2CFAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-26] (Google Inc -> Google Inc.) Task: {C3B0211E-9B53-4FF3-A997-79EE1E867669} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION Task: {C9BDEA1B-DF52-4A3A-A5FE-C29F82CBE3B8} - \Lenovo\ImController\TimeBasedEvents\b3277656-c0de-434a-a3a9-6fa0196024b0 -> Pas de fichier <==== ATTENTION Task: {D6833818-7385-4940-92C4-C49352A5B0D3} - System32\Tasks\Microsoft\Windows\PLA\spacedesk_log => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {F2DBFC2F-25E5-47AF-B403-851D9B439833} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe Task: {F4F6E937-FABD-471C-8B95-B1A5B3250BB0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [HKLM-x32] => Proxy est activé. ProxyServer: [HKLM] => 127.0.0.1:8080 ProxyServer: [HKLM-x32] => http=127.0.0.1:48080;https=127.0.0.1:48080 Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{84346582-3a2f-4cd9-b208-9f43c3f95ccf}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{d4580938-9c82-4840-9d72-4e7775d5b311}: [DhcpNameServer] 150.210.1.2 Edge: ======= DownloadDir: C:\Users\adrie\Downloads Edge Notifications: HKU\S-1-5-21-559716797-1808254368-773481850-1002 -> hxxps://topflownews.com Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\adrie\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-06] FireFox: ======== FF DefaultProfile: 3dy0dzkw.default FF ProfilePath: C:\Users\adrie\AppData\Roaming\Mozilla\Firefox\Profiles\3dy0dzkw.default [2019-11-27] FF ProfilePath: C:\Users\adrie\AppData\Roaming\Mozilla\Firefox\Profiles\8vfbhnmq.default-release [2021-06-05] FF user.js: detected! => C:\Users\adrie\AppData\Roaming\Mozilla\Firefox\Profiles\8vfbhnmq.default-release\user.js [2021-06-06] FF NetworkProxy: Mozilla\Firefox\Profiles\8vfbhnmq.default-release -> type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-27] (Adobe Inc. -> ) Chrome: ======= CHR Profile: C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default [2021-06-06] CHR StartupUrls: Default -> "hxxps://www.bing.com/?FORM=SLBRDF&PC=SL07" CHR Session Restore: Default -> est activé. CHR Extension: (Slides) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-06] CHR Extension: (Docs) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20] CHR Extension: (Google Drive) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-25] CHR Extension: (YouTube) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-28] CHR Extension: (Sheets) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20] CHR Extension: (Google Docs hors connexion) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-29] CHR Extension: (Plus) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2021-05-29] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07] CHR Extension: (Gmail) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-25] CHR Extension: (Chrome Media Router) - C:\Users\adrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-05] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [117976 2015-06-02] (Realtek Semiconductor Corp -> ) S2 dglvrsvc; C:\WINDOWS\dglvrsvc.exe [40928 2016-09-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo) S2 ShelblockSvc; C:\Program Files\Shelblock\ShelblockSvc.exe [4097736 2021-06-03] (SHELBLOCK -> Shelblock) S2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1079720 2020-07-30] (Datronicsoft, Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-29] (Microsoft Windows Publisher -> Microsoft Corporation) S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X] S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X] S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X] S2 UIUService; %SystemRoot%\system32\UIUSrv.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BlueStacksDrv_bgp64; C:\Program Files\BlueStacks_bgp64\BstkDrv_bgp64.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.) R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [95248 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) R3 dglvrbus; C:\WINDOWS\System32\drivers\dglvrbus.sys [85984 2016-09-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 dglvrkdod; C:\WINDOWS\system32\DRIVERS\dglvrkdod.sys [45536 2016-09-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 dglvrmflt; C:\WINDOWS\System32\drivers\dglvrmflt.sys [27104 2016-09-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) R3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [60944 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-29] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-29] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-06-06 19:55 - 2021-06-06 19:55 - 000349233 _____ C:\Users\adrie\Desktop\ZHPDiag.html 2021-06-06 19:55 - 2021-06-06 19:55 - 000282643 _____ C:\Users\adrie\Desktop\ZHPDiag.txt 2021-06-06 19:53 - 2021-06-06 19:53 - 000000000 ____D C:\Users\adrie\Desktop\derniers rapports 2021-06-06 19:42 - 2021-06-06 19:42 - 003471512 _____ (Nicolas Coolman) C:\Users\adrie\Downloads\ZHPSuite.exe 2021-06-06 18:52 - 2021-06-06 18:52 - 000000000 ____D C:\Users\adrie\AppData\LocalLow\AMD 2021-06-06 18:37 - 2021-06-06 18:42 - 000000000 ____D C:\AdwCleaner 2021-06-06 18:31 - 2021-06-06 18:31 - 000000000 ____D C:\Users\Public\spacedesk_logs 2021-06-06 18:14 - 2021-06-06 18:15 - 008534696 _____ (Malwarebytes) C:\Users\adrie\Downloads\adwcleaner_8.2.exe 2021-06-06 17:07 - 2021-06-06 17:07 - 000000000 ____D C:\Users\adrie\Downloads\Wub 2021-06-06 17:01 - 2021-06-06 17:03 - 001003898 _____ C:\Users\adrie\Downloads\Wub.zip 2021-06-06 16:54 - 2021-06-06 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2021-06-06 16:49 - 2021-06-06 16:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-06-06 16:44 - 2021-06-06 16:33 - 000000000 ____D C:\Windows.old 2021-06-06 16:36 - 2021-06-06 16:44 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-06-06 16:35 - 2021-06-06 16:35 - 000000020 ___SH C:\Users\adrie\ntuser.ini 2021-06-06 16:32 - 2021-06-06 18:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2021-06-06 16:32 - 2021-06-06 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-06 16:32 - 2021-06-06 16:33 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-06 16:32 - 2021-06-06 16:32 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-06-06 16:32 - 2021-06-06 16:32 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-06 16:32 - 2021-06-06 16:32 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-06-06 16:32 - 2021-06-06 16:32 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-559716797-1808254368-773481850-1002 2021-06-06 16:32 - 2021-06-06 16:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-559716797-1808254368-773481850-1002 2021-06-06 16:32 - 2021-06-06 16:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-06-06 16:32 - 2021-06-06 16:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink 2021-06-06 16:30 - 2021-06-06 16:32 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2021-06-06 16:30 - 2021-06-06 16:32 - 000007623 _____ C:\WINDOWS\diagerr.xml 2021-06-06 16:27 - 2021-06-06 16:36 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-06-06 16:27 - 2021-06-06 16:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-06-06 16:18 - 2021-06-06 16:18 - 000000000 ____D C:\ProgramData\ssh 2021-06-06 16:13 - 2021-06-06 17:36 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-06 16:02 - 2021-06-06 16:02 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-06-06 16:00 - 2021-06-06 16:00 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-06-06 16:00 - 2021-06-06 16:00 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-06-06 16:00 - 2021-06-06 16:00 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-06-06 16:00 - 2021-06-06 16:00 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2021-06-06 16:00 - 2021-06-06 16:00 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-06-06 16:00 - 2021-06-06 16:00 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-06-06 16:00 - 2021-06-06 16:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-06-06 15:59 - 2021-06-06 15:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-06 15:59 - 2021-06-06 15:59 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-06-06 15:59 - 2021-06-06 15:59 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-06-06 15:59 - 2021-06-06 15:59 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-06-06 15:59 - 2021-06-06 15:59 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-06-06 15:59 - 2021-06-06 15:59 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2021-06-06 15:59 - 2021-06-06 15:59 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-06-06 15:59 - 2021-06-06 15:59 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-06-06 15:59 - 2021-06-06 15:59 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-06-06 15:59 - 2021-06-06 15:59 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-06-06 15:59 - 2021-06-06 15:59 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll 2021-06-06 15:58 - 2021-06-06 16:35 - 000000000 ____D C:\Users\adrie 2021-06-06 15:58 - 2021-06-06 15:58 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-06 15:58 - 2021-06-06 15:58 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-06 15:58 - 2021-06-06 15:58 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-06-06 15:58 - 2021-06-06 15:58 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-06-06 15:58 - 2021-06-06 15:58 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-06-06 15:58 - 2021-06-06 15:58 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2021-06-06 15:58 - 2021-06-06 15:58 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Voisinage réseau 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Voisinage d'impression 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Modèles 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Mes documents 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Menu Démarrer 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Documents\Mes vidéos 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Documents\Mes images 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\Documents\Ma musique 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-06-06 15:58 - 2021-06-06 15:58 - 000000000 _SHDL C:\Users\adrie\AppData\Local\Historique 2021-06-06 15:58 - 2019-12-07 11:10 - 000001105 _____ C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-06-06 15:57 - 2021-06-06 15:57 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-06-06 15:57 - 2021-06-06 15:57 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2021-06-06 15:57 - 2021-06-06 15:57 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-06-06 15:57 - 2021-06-06 15:57 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2021-06-06 15:57 - 2021-06-06 15:57 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2021-06-06 15:57 - 2021-06-06 15:57 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll 2021-06-06 15:57 - 2021-06-06 15:57 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-06-06 15:56 - 2021-06-06 15:56 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-06 15:56 - 2021-06-06 15:56 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-06-06 15:56 - 2021-06-06 15:56 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-06-06 15:56 - 2021-06-06 15:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2021-06-06 15:56 - 2021-06-06 15:56 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2021-06-06 15:55 - 2021-06-06 15:55 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2021-06-06 15:55 - 2021-06-06 15:55 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2021-06-06 15:55 - 2021-06-06 15:55 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2021-06-06 15:55 - 2021-06-06 15:55 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2021-06-06 15:55 - 2021-06-06 15:55 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-06-06 15:55 - 2021-06-06 15:55 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2021-06-06 15:55 - 2021-06-06 15:55 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2021-06-06 15:55 - 2021-06-06 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2021-06-06 15:55 - 2021-06-06 15:55 - 000000000 ____D C:\Program Files\Dolby Digital Plus 2021-06-06 15:54 - 2021-06-06 15:54 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-06-06 15:54 - 2021-06-06 15:54 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-06 15:54 - 2021-06-06 15:54 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-06 15:54 - 2021-06-06 15:54 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2021-06-06 15:54 - 2021-06-06 15:54 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-06-06 15:54 - 2021-06-06 15:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-06-06 15:54 - 2021-06-06 15:54 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2021-06-06 15:54 - 2021-06-06 15:54 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2021-06-06 15:53 - 2021-06-06 15:53 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-06-06 15:53 - 2021-06-06 15:53 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-06-06 15:53 - 2021-06-06 15:53 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-06-06 15:53 - 2021-06-06 15:53 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2021-06-06 15:53 - 2021-06-06 15:53 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-06 15:52 - 2021-06-06 15:52 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2021-06-06 15:52 - 2021-06-06 15:52 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll 2021-06-06 15:51 - 2021-06-06 15:51 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-06 15:51 - 2021-06-06 15:51 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-06-06 15:51 - 2021-06-06 15:51 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-06-06 15:51 - 2021-06-06 15:51 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-06-06 15:51 - 2021-06-06 15:51 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2021-06-06 15:50 - 2021-06-06 15:50 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-06-06 15:50 - 2021-06-06 15:50 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2021-06-06 15:50 - 2021-06-06 15:50 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-06-06 15:45 - 2021-06-06 18:30 - 000008192 ___SH C:\DumpStack.log.tmp 2021-06-06 15:45 - 2021-06-06 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-06 15:45 - 2021-06-06 15:46 - 000305880 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-06-06 15:19 - 2021-06-06 15:19 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2021-06-06 15:19 - 2021-06-06 15:19 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2021-06-06 14:52 - 2021-06-06 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2021-06-06 14:52 - 2021-06-06 14:52 - 000000000 ____D C:\Program Files\Reference Assemblies 2021-06-06 14:52 - 2021-06-06 14:52 - 000000000 ____D C:\Program Files\MSBuild 2021-06-06 14:52 - 2021-06-06 14:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2021-06-06 14:52 - 2021-06-06 14:52 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-06-06 08:28 - 2021-06-06 08:28 - 000000000 ___HD C:\$SysReset 2021-06-05 23:06 - 2021-06-05 23:06 - 000042933 _____ C:\Users\adrie\Downloads\Shortcut.txt 2021-06-05 22:55 - 2021-06-05 23:06 - 000034428 _____ C:\Users\adrie\Downloads\Addition.txt 2021-06-05 22:29 - 2021-06-06 20:00 - 000017344 _____ C:\Users\adrie\Downloads\FRST.txt 2021-06-05 22:22 - 2021-06-06 19:57 - 000000000 ____D C:\Users\adrie\Downloads\FRST-OlderVersion 2021-06-05 22:21 - 2021-06-06 19:59 - 000000000 ____D C:\FRST 2021-06-05 22:20 - 2021-06-06 19:57 - 002300416 _____ (Farbar) C:\Users\adrie\Downloads\FRST64-2.1.exe 2021-06-05 21:57 - 2021-06-06 19:39 - 000000872 _____ C:\Users\adrie\Desktop\ZHPSuite.lnk 2021-06-05 21:53 - 2021-06-05 21:56 - 003471512 _____ (Nicolas Coolman) C:\Users\adrie\Desktop\ZHPSuite.exe 2021-06-05 20:21 - 2021-06-06 16:35 - 000000000 ___DC C:\WINDOWS\Panther 2021-06-05 20:01 - 2021-06-05 20:01 - 000000882 _____ C:\Users\adrie\Desktop\ZHPCleaner.lnk 2021-06-05 01:06 - 2021-06-05 01:06 - 000000000 ___HD C:\$WinREAgent 2021-06-04 23:59 - 2021-06-05 00:01 - 005912816 _____ (SOSVirus) C:\Users\adrie\Downloads\AdsFix(1).exe 2021-06-04 23:54 - 2021-06-04 23:57 - 005912816 _____ (SOSVirus) C:\Users\adrie\Downloads\AdsFix.exe 2021-06-04 22:44 - 2021-06-06 19:55 - 000000000 ____D C:\Users\adrie\AppData\Roaming\ZHP 2021-06-04 22:44 - 2021-06-05 21:57 - 000000000 ____D C:\Users\adrie\AppData\Local\ZHP 2021-06-04 22:44 - 2021-06-04 22:44 - 000000872 _____ C:\Users\adrie\Desktop\ZHPDiag.lnk 2021-06-04 22:12 - 2021-06-04 22:14 - 003275416 _____ (Nicolas Coolman) C:\Users\adrie\Downloads\ZHPDiag3.exe 2021-06-04 21:43 - 2021-06-04 21:43 - 000000000 ____D C:\Users\adrie\AppData\Local\mbam 2021-06-04 21:30 - 2021-06-04 21:30 - 000000000 ____D C:\Users\adrie\AppData\Local\ESET 2021-06-04 20:36 - 2021-06-04 20:36 - 000000000 ____D C:\Users\adrie\AppData\Local\D3DSCache 2021-06-04 20:26 - 2021-06-05 17:30 - 000364670 _____ C:\WINDOWS\ntbtlog.txt 2021-06-04 20:26 - 2021-06-04 20:26 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-06-02 22:25 - 2021-06-02 22:28 - 000003671 _____ C:\Clean_DNS.txt 2021-06-02 22:25 - 2021-06-02 22:28 - 000000000 ____D C:\Clean_Dns 2021-06-02 22:22 - 2021-06-02 22:23 - 003279088 _____ (SosVirus) C:\Users\adrie\Downloads\Clean_Dns.exe 2021-06-02 21:39 - 2021-06-02 22:34 - 000000000 ____D C:\Users\adrie\AppData\Local\FSDART 2021-06-02 21:39 - 2021-06-02 21:55 - 000000000 ____D C:\ProgramData\F-Secure 2021-06-02 21:39 - 2021-06-02 21:39 - 000000000 ____D C:\Users\adrie\AppData\Local\F-Secure 2021-06-02 21:38 - 2021-06-02 21:38 - 012401864 _____ (F-Secure Corporation) C:\Users\adrie\Downloads\F-SecureOnlineScanner.exe 2021-06-02 21:29 - 2021-06-02 21:29 - 000000000 ____D C:\Program Files\Malwarebytes 2021-06-02 21:28 - 2021-06-02 21:28 - 002080712 _____ (Malwarebytes) C:\Users\adrie\Downloads\MBSetup.exe 2021-06-02 21:15 - 2021-06-02 21:16 - 008703024 _____ (ESET) C:\Users\adrie\Downloads\eset_internet_security_live_installer.exe 2021-05-30 17:11 - 2021-05-30 17:12 - 008703024 _____ (ESET) C:\Users\adrie\Downloads\eset_nod32_antivirus_live_installer.exe 2021-05-30 09:25 - 2021-05-30 09:25 - 000000000 ____D C:\Users\adrie\AppData\Local\ElevatedDiagnostics 2021-05-29 19:10 - 2021-05-29 19:10 - 000000000 ____D C:\Users\adrie\AppData\Roaming\WinRAR 2021-05-29 19:09 - 2021-06-06 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-29 19:09 - 2021-06-06 16:04 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-29 19:09 - 2021-05-29 19:09 - 000000000 ____D C:\Program Files\WinRAR 2021-05-29 19:08 - 2021-05-29 19:08 - 077325099 _____ C:\Users\adrie\Downloads\CrackByFrizy.zip 2021-05-29 18:57 - 2021-05-29 18:57 - 003440528 _____ (Alexander Roshal) C:\Users\adrie\Downloads\winrar-x64-601fr.exe 2021-05-29 18:16 - 2021-06-06 16:04 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 2021-05-29 18:16 - 2021-05-29 18:17 - 000000000 ____D C:\Users\adrie\AppData\Roaming\PhotoFiltre 7 2021-05-29 18:16 - 2021-05-29 18:16 - 000001174 _____ C:\Users\adrie\Desktop\PhotoFiltre 7.lnk 2021-05-29 18:16 - 2021-05-29 18:16 - 000000000 ____D C:\Program Files (x86)\PhotoFiltre 7 2021-05-29 18:15 - 2021-05-29 18:15 - 005239812 _____ C:\Users\adrie\Downloads\photofiltre-7-2-1-en-win.exe 2021-05-29 18:09 - 2021-05-29 18:11 - 030940926 _____ (PhotoFiltre ) C:\Users\adrie\Downloads\photofiltre-studio-11-2.exe 2021-05-29 17:56 - 2021-03-14 22:27 - 000429944 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll 2021-05-29 17:56 - 2021-03-14 22:27 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll 2021-05-29 17:56 - 2021-03-14 22:27 - 000062392 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe 2021-05-29 17:10 - 2021-06-04 21:22 - 000000000 ____D C:\Users\adrie\AppData\Local\Mozilla Firefox 2021-05-28 21:00 - 2021-05-29 18:38 - 000000000 ____D C:\Users\adrie\Desktop\ROBLOX 2021-05-28 20:59 - 2021-06-06 17:46 - 000000000 ____D C:\Users\adrie\Desktop\filmora 2021-04-09 15:26 - 2021-05-29 04:10 - 000000000 ____D C:\Program Files\BlueStacks 2021-04-09 15:26 - 2021-04-09 15:32 - 000000000 ____D C:\ProgramData\BlueStacks 2021-04-09 10:53 - 2021-04-09 10:53 - 000000000 ____D C:\Users\adrie\AppData\Local\ManyCam 2021-04-09 10:49 - 2021-05-29 03:53 - 000000000 ____D C:\ProgramData\ManyCam 2021-04-09 10:49 - 2021-05-29 03:53 - 000000000 ____D C:\Program Files (x86)\ManyCam 2021-04-09 10:49 - 2021-05-29 03:52 - 000000000 ____D C:\Users\adrie\AppData\Roaming\ManyCam 2021-03-29 15:23 - 2021-03-29 17:48 - 000019858 _____ C:\Users\adrie\Desktop\devoir SVT 1.odt 2021-03-27 19:52 - 2021-03-27 19:52 - 001236448 _____ (BlueStack Systems Inc.) C:\Users\adrie\Downloads\BlueStacksInstaller_4.280.0.1022_native_65043953bc5a054afe9d483c915d449e.exe 2021-03-27 19:44 - 2021-06-04 22:14 - 000000000 ____D C:\ProgramData\Shelblock 2021-03-27 19:28 - 2021-06-06 16:04 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-03-27 19:14 - 2021-03-27 19:14 - 000000000 ____D C:\Users\adrie\AppData\Local\Steam 2021-03-27 18:59 - 2021-03-27 18:59 - 001770744 _____ C:\Users\adrie\Downloads\SteamSetup.exe 2021-03-27 18:58 - 2021-03-27 19:29 - 000000000 ___HD C:\Users\adrie\.opera 2021-03-27 18:58 - 2021-03-27 18:58 - 000000000 ___HD C:\Users\adrie\Downloads\.opera 2021-03-27 18:58 - 2021-03-27 18:58 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Opera Software 2021-03-27 18:57 - 2021-03-27 18:57 - 002406264 _____ (Opera Software) C:\Users\adrie\Downloads\OperaSetup.exe 2021-03-15 16:39 - 2021-03-15 16:39 - 000000000 ____D C:\Users\adrie\AppData\Local\Shelblock 2021-03-15 16:38 - 2021-03-15 16:38 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shelblock.lnk 2021-03-15 16:37 - 2021-06-04 22:00 - 000000000 ____D C:\Program Files\Shelblock 2021-03-15 16:37 - 2021-03-15 16:37 - 000000000 ____D C:\ProgramData\AppoloTeam 2021-03-15 16:35 - 2021-03-15 16:36 - 010823000 _____ (Shelblock) C:\Users\adrie\Downloads\shelblock_installer-2.3.44-8914110331654796.exe ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-06-06 19:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-06 18:43 - 2017-11-05 00:24 - 000000000 ____D C:\ProgramData\Lenovo 2021-06-06 18:43 - 2017-11-05 00:24 - 000000000 ____D C:\Program Files (x86)\Lenovo 2021-06-06 18:42 - 2020-03-24 16:16 - 000000000 ____D C:\WINDOWS\Lenovo 2021-06-06 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-06-06 18:42 - 2017-11-05 00:24 - 000000000 ____D C:\Program Files\Lenovo 2021-06-06 18:42 - 2017-01-26 22:52 - 000000000 ____D C:\Users\adrie\AppData\Local\Lenovo 2021-06-06 18:42 - 2016-02-23 07:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-06-06 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-06 18:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-06-06 18:29 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-06-06 18:29 - 2017-11-05 00:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2021-06-06 17:48 - 2020-06-25 10:23 - 000000000 ____D C:\Users\adrie\Documents\Wondershare Filmora 9 2021-06-06 17:36 - 2019-12-07 16:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat 2021-06-06 17:36 - 2019-12-07 16:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat 2021-06-06 17:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-06 17:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-06-06 17:08 - 2017-01-26 22:51 - 000000000 ____D C:\Users\adrie\AppData\Local\Packages 2021-06-06 17:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-06 16:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-06 16:51 - 2017-11-05 00:28 - 000000000 ____D C:\Program Files\AMD 2021-06-06 16:46 - 2019-02-09 11:53 - 000000000 ____D C:\ProgramData\Packages 2021-06-06 16:44 - 2020-08-04 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twomon PC Program 2021-06-06 16:44 - 2020-06-14 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Video Editor 2021-06-06 16:44 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup 2021-06-06 16:44 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-06 16:44 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-06-06 16:44 - 2019-11-11 16:47 - 000000000 ____D C:\WINDOWS\system32\4_168acb 2021-06-06 16:44 - 2019-06-02 16:38 - 000000000 ____D C:\WINDOWS\system32\ ‰ 2021-06-06 16:44 - 2019-02-18 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017 2021-06-06 16:44 - 2018-12-14 22:47 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5 2021-06-06 16:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-06-06 16:44 - 2017-12-06 19:39 - 000000000 ____D C:\WINDOWS\system32\0b2b9c7dee1e270c..bin 2021-06-06 16:44 - 2017-11-05 01:00 - 000000000 ____D C:\WINDOWS\system32\ÿÿo 2021-06-06 16:44 - 2017-11-05 01:00 - 000000000 ____D C:\WINDOWS\system32\07f0aabc56947f60..bin 2021-06-06 16:44 - 2017-11-05 01:00 - 000000000 ____D C:\WINDOWS\system32\ 2021-06-06 16:44 - 2017-11-05 00:25 - 000000000 ____D C:\Program Files\CONEXANT 2021-06-06 16:44 - 2017-09-01 18:16 - 000000000 ____D C:\Program Files\UNP 2021-06-06 16:44 - 2017-01-29 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2021-06-06 16:44 - 2017-01-28 23:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-06 16:44 - 2017-01-26 22:47 - 000000000 ____D C:\WINDOWS\system32\LSC 2021-06-06 16:44 - 2016-06-27 00:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2021-06-06 16:43 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-06-06 16:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-06 16:38 - 2019-04-28 17:44 - 000000000 ___RD C:\Users\adrie\3D Objects 2021-06-06 16:38 - 2015-11-03 21:24 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-06-06 16:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-06-06 16:37 - 2017-01-29 00:34 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2021-06-06 16:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources 2021-06-06 16:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help 2021-06-06 16:36 - 2017-11-05 00:28 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2021-06-06 16:36 - 2017-11-05 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant 2021-06-06 16:36 - 2017-11-05 00:24 - 000000000 ____D C:\Program Files\Synaptics 2021-06-06 16:36 - 2017-01-28 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eInstruction 2021-06-06 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-06 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT 2021-06-06 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-06-06 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-06-06 16:32 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-06 16:18 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-06-06 16:18 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-06-06 16:18 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-06-06 16:18 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-06-06 16:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-06-06 16:14 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-06-06 16:14 - 2019-12-07 16:53 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-06-06 16:14 - 2017-11-05 00:46 - 000023208 _____ C:\WINDOWS\system32\emptyregdb.dat 2021-06-06 16:04 - 2021-02-15 15:52 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2021-06-06 16:04 - 2020-06-19 18:45 - 000000000 ____D C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2021-06-06 15:57 - 2017-11-05 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2021-06-06 15:54 - 2019-04-28 18:02 - 001701376 _____ (TODO: ) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2021-06-06 15:52 - 2017-11-05 00:28 - 000000000 ____D C:\AMD 2021-06-06 15:51 - 2020-07-05 16:50 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-06 15:51 - 2020-07-05 16:50 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-06-06 15:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-06-06 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-06-06 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-06-06 15:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-06-06 15:16 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-06-06 15:16 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-06-06 14:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2021-06-06 14:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI 2021-06-05 20:58 - 2019-11-27 18:03 - 000000000 ____D C:\Users\adrie\AppData\LocalLow\Mozilla 2021-06-05 20:58 - 2019-11-27 18:03 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-30 15:23 - 2019-11-11 16:44 - 000000000 ____D C:\Users\adrie\AppData\Local\PackageStaging 2021-05-30 15:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput 2021-05-30 10:35 - 2021-02-15 17:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-05-30 10:25 - 2017-01-28 23:25 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-29 21:06 - 2019-11-27 18:03 - 000001280 _____ C:\Users\adrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-29 09:27 - 2017-01-26 22:57 - 000000000 ___RD C:\Users\adrie\OneDrive 2021-05-29 04:17 - 2018-03-03 14:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-29 03:53 - 2017-11-05 00:28 - 000000000 ____D C:\ProgramData\Package Cache 2021-05-28 20:56 - 2020-06-16 21:12 - 000000000 ____D C:\Users\adrie\Desktop\youtube ==================== Fichiers à la racine de certains dossiers ======== 2017-01-28 18:24 - 2017-01-28 18:26 - 000000251 _____ () C:\Program Files (x86)\Common Files\eInstruction.ini 2017-01-26 22:51 - 2021-06-06 18:33 - 000978199 _____ () C:\Users\adrie\AppData\Local\BTServer.log ==================== SigCheckExt ========================= 2017-04-23 11:52 - 2017-03-04 07:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2016-06-27 00:07 - 2015-01-26 17:35 - 000040516 _____ C:\WINDOWS\system32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll 2016-06-27 00:07 - 2015-05-12 16:11 - 000050920 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2016-06-27 00:07 - 2015-04-23 13:45 - 000050144 _____ C:\WINDOWS\system32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll 2016-06-27 00:07 - 2015-04-23 13:45 - 000050144 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll 2016-06-27 00:07 - 2015-04-23 13:45 - 000050060 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll 2016-06-27 00:07 - 2015-04-23 13:45 - 000050956 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll 2016-06-27 00:07 - 2015-04-23 13:45 - 000047692 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2016-06-27 00:07 - 2015-05-27 18:53 - 000036040 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2016-06-27 00:09 - 2014-03-24 12:37 - 000422400 _____ (Realtek) C:\WINDOWS\SwUSB.exe 2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2016-06-27 00:06 - 2015-10-30 09:18 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll 2016-06-27 00:09 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2017-01-28 19:51 - 2015-10-30 04:40 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2017-01-28 19:51 - 2015-10-30 04:30 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2019-04-28 18:02 - 2021-06-06 15:54 - 001701376 _____ (TODO: ) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2021-06-05 21:53 - 2021-06-05 21:56 - 003471512 _____ (Nicolas Coolman) C:\Users\adrie\Desktop\ZHPSuite.exe 2021-06-04 23:59 - 2021-06-05 00:01 - 005912816 _____ (SOSVirus) C:\Users\adrie\Downloads\AdsFix(1).exe 2021-06-04 23:54 - 2021-06-04 23:57 - 005912816 _____ (SOSVirus) C:\Users\adrie\Downloads\AdsFix.exe 2017-01-28 18:31 - 2017-01-28 18:34 - 132368998 _____ C:\Users\adrie\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_fr.exe 2018-12-14 22:31 - 2018-12-14 22:37 - 132403128 _____ C:\Users\adrie\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe 2021-06-02 22:22 - 2021-06-02 22:23 - 003279088 _____ (SosVirus) C:\Users\adrie\Downloads\Clean_Dns.exe 2021-06-05 22:20 - 2021-06-06 19:57 - 002300416 _____ (Farbar) C:\Users\adrie\Downloads\FRST64-2.1.exe 2018-09-28 21:19 - 2018-09-28 21:27 - 063796336 _____ (International GeoGebra Institute) C:\Users\adrie\Downloads\geogebra_6-0-489-0_fr_14087.exe 2021-05-29 18:15 - 2021-05-29 18:15 - 005239812 _____ C:\Users\adrie\Downloads\photofiltre-7-2-1-en-win.exe 2021-05-29 18:09 - 2021-05-29 18:11 - 030940926 _____ (PhotoFiltre ) C:\Users\adrie\Downloads\photofiltre-studio-11-2.exe 2021-06-04 22:12 - 2021-06-04 22:14 - 003275416 _____ (Nicolas Coolman) C:\Users\adrie\Downloads\ZHPDiag3.exe 2021-06-06 19:42 - 2021-06-06 19:42 - 003471512 _____ (Nicolas Coolman) C:\Users\adrie\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {1a15cddb-3c32-11e6-b47a-806e6f6e6963} {1a15cddc-3c32-11e6-b47a-806e6f6e6963} {1a15cdd9-3c32-11e6-b47a-806e6f6e6963} {1a15cdda-3c32-11e6-b47a-806e6f6e6963} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {b4b3d78c-c6d5-11eb-8010-f7bb0d6f9c8c} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {1a15cdd9-3c32-11e6-b47a-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {1a15cdda-3c32-11e6-b47a-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {1a15cddb-3c32-11e6-b47a-806e6f6e6963} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {1a15cddc-3c32-11e6-b47a-806e6f6e6963} device partition=\Device\HarddiskVolume7 path \EFI\Microsoft\Boot\LrsBootMgr.efi description Lenovo Recovery System Application logicielle (101fffff) -------------------------------- identificateur {1a15cddd-3c32-11e6-b47a-806e6f6e6963} description EFI Network 0 for IPv4 (C8-5B-76-28-9B-58) Application logicielle (101fffff) -------------------------------- identificateur {1a15cdde-3c32-11e6-b47a-806e6f6e6963} description EFI Network 0 for IPv6 (C8-5B-76-28-9B-58) Installation de Windows ----------------------- identificateur {7254a080-1510-4e85-ac0f-e7fb3d444736} device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{87fbb02e-048b-11ea-9f5c-efe2e2e72736} bootstatdevice partition=C: custom:11000083 partition=C: path \windows\system32\winload.efi description Windows Rollback locale fr-FR bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat inherit {bootloadersettings} restartonfailure Yes osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{87fbb02e-048b-11ea-9f5c-efe2e2e72736} custom:21000152 partition=C: systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {87fbb02c-048b-11ea-9f5c-efe2e2e72736} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{87fbb02d-048b-11ea-9f5c-efe2e2e72736} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{87fbb02d-048b-11ea-9f5c-efe2e2e72736} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {b4b3d78e-c6d5-11eb-8010-f7bb0d6f9c8c} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {b4b3d78c-c6d5-11eb-8010-f7bb0d6f9c8c} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {b4b3d78e-c6d5-11eb-8010-f7bb0d6f9c8c} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{b4b3d78f-c6d5-11eb-8010-f7bb0d6f9c8c} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{b4b3d78f-c6d5-11eb-8010-f7bb0d6f9c8c} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {87fbb02a-048b-11ea-9f5c-efe2e2e72736} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {87fbb02c-048b-11ea-9f5c-efe2e2e72736} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {b4b3d78c-c6d5-11eb-8010-f7bb0d6f9c8c} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {b4b3d78e-c6d5-11eb-8010-f7bb0d6f9c8c} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {87fbb02d-048b-11ea-9f5c-efe2e2e72736} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {87fbb02e-048b-11ea-9f5c-efe2e2e72736} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {b4b3d78f-c6d5-11eb-8010-f7bb0d6f9c8c} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================