Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021 Exécuté par Anne-Marie (administrateur) sur LENOVO-BUZY (LENOVO 20250) (19-07-2021 16:08:46) Exécuté depuis D:\Buzy\Desktop Profils chargés: Anne-Marie & Administrateur Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <6> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15> (IDT, Inc.) [Fichier non signé] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [Fichier non signé] C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Macrovision Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.) [Fichier non signé] HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo (Beijing) Limited -> Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-06-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-06-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-07-10] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [Fichier non signé] HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5388128 2017-06-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [Fichier non signé] HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2018-05-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [241448 2020-03-17] (Mixbyte Inc -> ) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] HKU\S-1-5-21-327280196-3364598576-1048081487-1008\...\Run: [Pokki] => C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Pokki\Engine\Launcher.dll [1892632 2014-03-29] (Pokki -> SweetLabs, Inc.) HKU\S-1-5-21-327280196-3364598576-1048081487-1008\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-327280196-3364598576-1048081487-1008\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) [Fichier non signé] HKU\S-1-5-21-327280196-3364598576-1048081487-1008\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\WINDOWS\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2019-09-11] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-13] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-09-07] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2017-09-03] ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe () [Fichier non signé] GroupPolicy-x32: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {09F81980-E764-49DB-9245-C34D4584865E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-02] (Google Inc -> Google Inc.) Task: {0F584753-FA10-4921-AB50-8EB3DB290483} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4903192 2021-07-10] (Avast Software s.r.o. -> AVAST Software) Task: {1E91C51E-842F-4165-8728-23F069C9D39B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-10] (Avast Software s.r.o. -> Avast Software) Task: {37452026-2DD2-4A49-BAAF-12BC7FAB8F04} - System32\Tasks\SweetLabs App Platform => C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe Task: {450402DA-64CD-4838-98DA-1D2E11B1FD08} - System32\Tasks\PinnacleStudioforDazzleNotifier => C:\Program Files\Pinnacle\Studio for Dazzle\programs\PinnacleNotifierWrapper.exe [17504 2020-03-12] (Corel Corporation -> Pinnacle) Task: {60AFD2C9-8500-409B-879F-FB6EE9ACBCF9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated -> Synaptics Incorporated) Task: {670335CC-5784-4D80-BCBA-460C2823959A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {84396186-84B8-48F7-9C65-687A19D0AFDB} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.) Task: {8DFE0F36-25EC-47A1-B7AE-8D270D138898} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform) Task: {A1973B12-71D2-4767-85CE-7B0C53DD2297} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-02] (Google Inc -> Google Inc.) Task: {C107C564-5B5F-40E0-8723-44C1D1741B30} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {C3DE9F9C-7050-419C-9BAD-CF99DC31EA17} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [241480 2013-06-03] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo) Task: {FA63AFBF-B20A-4386-A510-A323FBCCF9CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FC801642-C28F-42A8-8760-29035207D68E} - System32\Tasks\PinnacleStudioforDazzleUpdater => C:\Program Files\Pinnacle\Studio for Dazzle\programs\PSNotification.exe [889344 2020-03-12] () [Fichier non signé] (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0137AB77-F163-46CA-9D18-DDACD879C887}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1F86896B-88A8-4531-ADD1-37E84806301C}: [DhcpNameServer] 128.16.1.14 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-18] Edge HomePage: Default -> hxxp://www.lenovo.com/ Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-18] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @google.com/zxwebplugin -> C:\WINDOWS\system32\npzxwebplugin.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @TRENDnet.com/CameraPlugin -> C:\Program Files (x86)\TRENDnet\Plugin\npcamstreamctrl.dll [2014-07-17] (TRENDnet, Inc. -> TRENDnet) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default [2021-07-19] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://plus.google.com CHR HomePage: Default -> hxxps://www.google.fr/ CHR StartupUrls: Default -> "hxxp://www.orange.fr/portail" CHR Extension: (Google Traduction) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-26] CHR Extension: (Slides) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-09-03] CHR Extension: (YouTube) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-02] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20] CHR Extension: (Ajouter à votre Liste d'envies Amazon) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2017-09-03] CHR Extension: (Sheets) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (Don't track me Google) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbofhhdmcladcmmfjolgndfkpobecpg [2021-06-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-16] CHR Extension: (Save as PDF) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2017-11-19] CHR Extension: (Kindle Cloud Reader) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnambgcbojdeagknjljhiafpjaiacad [2017-09-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Evernote Web Clipper) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2020-12-15] CHR Extension: (Gmail) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03] CHR Extension: (Chrome Media Router) - C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-06] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8249936 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [625432 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [373528 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-06] (Avast Software s.r.o. -> AVAST Software) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-16] (Malwarebytes Inc -> Malwarebytes) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> ) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [Fichier non signé] R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [675184 2017-06-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331632 2017-06-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [Fichier non signé] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216928 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [366616 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [182600 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524400 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851192 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-07-10] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327536 2021-07-10] (Avast Software s.r.o. -> AVAST Software) R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) S3 DCamUSBEMPIA; C:\WINDOWS\system32\DRIVERS\emDevice64.sys [231312 2015-08-05] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.) S3 DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [236360 2016-10-19] (Ultron AG -> Dexetek) R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation) S3 emAudio; C:\WINDOWS\system32\drivers\emAudio64.sys [42000 2015-08-05] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-07-16] (Malwarebytes Inc -> Malwarebytes) S3 FiltUSBEMPIA; C:\WINDOWS\system32\DRIVERS\emFilter64.sys [17792 2015-08-05] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-16] (Malwarebytes Inc -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-16] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-18] (Malwarebytes Inc -> Malwarebytes) S3 ScanUSBEMPIA; C:\WINDOWS\system32\DRIVERS\emScan64.sys [18304 2015-08-05] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-09-15] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.) S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64A.sys [748352 2020-02-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.) S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64A.sys [1236160 2020-02-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-07-18 14:27 - 2021-07-18 14:27 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-07-18 14:27 - 2021-07-18 14:27 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-07-16 14:19 - 2021-07-19 16:09 - 000000000 ____D C:\FRST 2021-07-16 12:49 - 2021-07-19 16:07 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\ZHP 2021-07-16 12:49 - 2021-07-16 12:49 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\ZHP 2021-07-16 11:37 - 2021-07-16 11:37 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-07-16 11:21 - 2021-07-16 11:21 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-07-16 11:21 - 2021-07-16 11:21 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-07-16 11:21 - 2021-07-16 11:21 - 000001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-07-16 11:21 - 2021-07-16 11:21 - 000001975 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-07-16 11:21 - 2021-07-16 11:20 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-07-14 15:50 - 2021-07-14 15:50 - 000001831 _____ C:\Users\Public\Desktop\Canon My Printer.lnk 2021-07-14 15:49 - 2021-07-14 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2021-07-14 15:49 - 2021-07-14 15:49 - 000000000 ____D C:\Program Files\Canon 2021-07-14 15:45 - 2021-07-14 15:45 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2021-07-14 15:45 - 2021-07-14 15:45 - 000000000 ___HD C:\Program Files\CanonBJ 2021-07-14 15:45 - 2021-07-14 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series 2021-07-14 15:45 - 2009-04-03 16:01 - 001321984 _____ (CANON INC.) C:\WINDOWS\system32\CNC550C.dll 2021-07-14 15:45 - 2009-04-03 16:00 - 000092672 _____ (CANON INC.) C:\WINDOWS\system32\CNC550I.dll 2021-07-14 15:45 - 2009-04-03 15:57 - 000106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC550U.dll 2021-07-14 15:45 - 2009-03-19 14:39 - 000328192 _____ (CANON INC.) C:\WINDOWS\system32\CNC550L.dll 2021-07-14 15:45 - 2009-03-19 14:38 - 000303104 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC550L.dll 2021-07-14 15:45 - 2009-02-04 13:18 - 000104960 _____ (Canon Inc.) C:\WINDOWS\system32\CNC550O.dll 2021-07-12 20:14 - 2021-07-12 20:14 - 000002162 _____ C:\Users\Public\Desktop\MultiCam Capture Lite.lnk 2021-07-12 20:14 - 2021-07-12 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCam Capture Lite 2021-07-12 20:13 - 2021-07-12 20:14 - 000000000 ____D C:\Program Files\Corel 2021-07-12 20:12 - 2021-07-12 20:12 - 000000000 ____D C:\ProgramData\Uninstall 2021-07-12 20:11 - 2021-07-12 20:11 - 000002157 _____ C:\Users\Public\Desktop\Dazzle MyDVD.lnk 2021-07-12 20:10 - 2021-07-12 20:10 - 000000000 ____D C:\ProgramData\Roxio 2021-07-12 20:10 - 2021-07-12 20:10 - 000000000 ____D C:\ProgramData\MyDVD 2021-07-12 20:10 - 2021-07-12 20:10 - 000000000 ____D C:\Program Files\Pinnacle Studio for Dazzle 2021-07-12 20:07 - 2021-07-12 20:07 - 000000000 ____D C:\Program Files (x86)\Pinnacle 2021-07-12 20:03 - 2021-07-12 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio for Dazzle 2021-07-12 20:03 - 2021-07-12 20:03 - 000002291 _____ C:\Users\Public\Desktop\Pinnacle Studio for Dazzle.lnk 2021-07-12 20:03 - 2021-07-12 20:03 - 000002228 _____ C:\Users\Public\Desktop\Learn Pinnacle Studio.lnk 2021-07-12 20:01 - 2021-07-12 21:49 - 000003670 _____ C:\WINDOWS\system32\Tasks\PinnacleStudioforDazzleUpdater 2021-07-12 20:01 - 2021-07-12 20:01 - 000003446 _____ C:\WINDOWS\system32\Tasks\PinnacleStudioforDazzleNotifier 2021-07-12 19:27 - 2021-07-10 16:22 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-07-12 15:49 - 2021-07-12 15:49 - 000000000 ___HD C:\$AV_ASW 2021-07-11 18:29 - 2021-07-11 18:29 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Corel 2021-07-11 15:15 - 2021-07-14 15:40 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\temp 2021-07-11 15:15 - 2021-07-14 14:51 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Pinnacle 2021-07-11 15:15 - 2021-07-11 15:20 - 000000000 ____D C:\Users\Public\Documents\Triple Scoop Music 2021-07-11 15:14 - 2021-07-14 14:51 - 000001096 _____ C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\LENOVO-BUZY.MTBF.txt 2021-07-11 15:14 - 2021-07-11 15:14 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\Documents\Pinnacle 2021-07-11 15:14 - 2021-07-11 15:14 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\NVIDIA 2021-07-10 16:58 - 2021-07-10 16:58 - 000000000 ____D C:\ProgramData\Roxio Log Files 2021-07-10 16:57 - 2021-07-12 21:50 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Pinnacle_Studio_Dazzle 2021-07-10 16:39 - 2021-07-16 20:01 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2021-07-10 16:39 - 2021-07-12 20:10 - 000000000 ____D C:\ProgramData\Corel 2021-07-10 16:39 - 2021-07-12 17:22 - 000000000 ____D C:\ProgramData\Pinnacle 2021-07-10 16:39 - 2021-07-12 17:22 - 000000000 ____D C:\Program Files\Pinnacle 2021-07-10 16:39 - 2021-07-10 16:39 - 000000000 ____D C:\Users\Public\Documents\Pinnacle 2021-07-10 16:24 - 2021-07-10 16:22 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-07-10 16:21 - 2021-07-12 15:52 - 000000000 ____D C:\ProgramData\UniqueId 2021-07-10 16:21 - 2021-07-10 16:21 - 000000000 ____D C:\ProgramData\Pinnacle Log Files 2021-06-22 14:47 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2021-06-22 14:47 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-22 14:47 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-19 14:47 - 2021-06-19 14:47 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\Documents\Téléchargements MAGIX 2021-06-19 14:47 - 2021-06-19 14:47 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\MAGIX 2021-06-19 14:45 - 2021-07-19 14:48 - 000000000 ____D C:\Program Files (x86)\MAGIX 2021-06-19 14:45 - 2021-07-12 18:58 - 000000000 ____D C:\ProgramData\MAGIX 2021-06-19 14:45 - 2021-06-19 14:47 - 000000000 ___RD C:\Users\Anne-Marie.Lenovo-Buzy\Documents\MAGIX 2021-06-19 14:45 - 2021-06-19 14:45 - 000000000 ____D C:\Program Files (x86)\MSXML 4.0 2021-06-19 14:19 - 2021-06-19 14:19 - 000000000 ____D C:\Program Files (x86)\TERRATEC 2021-06-19 14:11 - 2021-07-12 20:14 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\Downloaded Installations 2021-06-06 14:17 - 2021-07-16 14:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-05-18 15:17 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-10 16:11 - 2021-05-10 16:11 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\IsolatedStorage 2021-05-10 15:31 - 2021-05-10 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnalogExif 2021-05-10 15:31 - 2021-05-10 15:31 - 000000000 ____D C:\Program Files (x86)\AnalogExif 2021-05-10 15:25 - 2021-05-10 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename 2021-05-10 15:25 - 2021-05-10 15:25 - 000000000 ____D C:\Program Files (x86)\TagRename 2021-04-23 11:23 - 2021-07-18 14:25 - 000566632 _____ C:\WINDOWS\system32\FNTCACHE.DAT ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-07-19 16:10 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2021-07-19 15:22 - 2017-08-01 16:32 - 000000000 ____D C:\Program Files (x86)\Google 2021-07-19 15:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2021-07-19 15:04 - 2017-09-02 13:09 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-327280196-3364598576-1048081487-1008 2021-07-19 14:49 - 2017-08-01 17:07 - 000000000 ____D C:\Program Files\CCleaner 2021-07-19 14:45 - 2020-03-27 12:28 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\LocalLow\IGDump 2021-07-18 16:15 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2021-07-18 14:45 - 2020-02-10 15:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-07-18 14:30 - 2018-05-10 13:31 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\AVAST Software 2021-07-18 14:28 - 2017-08-02 15:46 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-07-18 14:26 - 2020-03-26 13:41 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2021-07-18 14:26 - 2014-06-18 11:55 - 000000000 ____D C:\ProgramData\NVIDIA 2021-07-18 14:25 - 2017-08-02 15:39 - 000000000 ____D C:\ProgramData\AVAST Software 2021-07-18 14:25 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-18 14:18 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-07-16 23:29 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-07-16 21:35 - 2020-08-08 15:21 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-16 21:35 - 2020-08-08 15:21 - 000002217 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-07-16 14:54 - 2017-09-09 16:39 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\LocalLow\Mozilla 2021-07-16 13:13 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-07-16 13:09 - 2017-08-04 20:22 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-16 13:05 - 2017-08-04 20:22 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-16 11:17 - 2017-09-02 17:44 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-07-16 11:17 - 2017-09-02 17:44 - 000003374 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-07-14 16:47 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2021-07-14 16:22 - 2014-06-18 21:08 - 000810636 _____ C:\WINDOWS\system32\perfh00C.dat 2021-07-14 16:22 - 2014-06-18 21:08 - 000158076 _____ C:\WINDOWS\system32\perfc00C.dat 2021-07-14 16:22 - 2013-10-07 20:27 - 001828264 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-14 15:49 - 2017-08-01 16:52 - 000000000 ____D C:\Program Files (x86)\Canon 2021-07-14 15:44 - 2017-09-10 19:49 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\Canon 2021-07-14 15:44 - 2017-08-02 16:24 - 000000000 ___HD C:\ProgramData\CanonIJScan 2021-07-13 18:53 - 2017-10-14 19:37 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\CrashDumps 2021-07-13 18:04 - 2020-08-12 15:29 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-12 20:14 - 2017-10-14 12:05 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\Corel 2021-07-12 20:08 - 2017-10-14 12:02 - 000000000 ____D C:\Program Files (x86)\Corel 2021-07-12 19:28 - 2019-06-08 14:46 - 000002030 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2021-07-12 19:13 - 2017-08-25 14:48 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy 2021-07-12 19:09 - 2013-10-07 20:25 - 000000000 ____D C:\Users\Administrator 2021-07-12 19:08 - 2020-04-18 14:35 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2021-07-12 19:08 - 2020-04-18 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2021-07-12 19:08 - 2020-04-18 14:34 - 000000000 ____D C:\Program Files (x86)\Freemake 2021-07-12 19:08 - 2017-08-24 19:23 - 000000000 ____D C:\Users\Shadow 2021-07-12 19:08 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-07-12 19:06 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-12 19:00 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\registration 2021-07-11 12:04 - 2017-08-27 17:41 - 000000000 ____D C:\Users\Anne-Marie.Lenovo-Buzy\Documents\Banque 2021-07-10 16:28 - 2020-08-08 15:16 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-10 16:28 - 2020-08-08 15:16 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-10 16:23 - 2017-08-02 15:46 - 000327536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-07-10 16:22 - 2020-09-23 14:13 - 000182600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-07-10 16:22 - 2020-05-24 12:28 - 000524400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-07-10 16:22 - 2019-02-17 14:17 - 000366616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-07-10 16:22 - 2019-01-24 15:30 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-07-10 16:22 - 2019-01-24 15:30 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-07-10 16:22 - 2019-01-24 15:30 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-07-10 16:22 - 2017-12-05 11:57 - 000216928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-07-10 16:22 - 2017-08-02 15:49 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-07-10 16:22 - 2017-08-02 15:46 - 000851192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-07-10 16:22 - 2017-08-02 15:46 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-07-10 16:22 - 2017-08-02 15:46 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-07-10 16:22 - 2017-08-02 15:46 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-07-10 16:08 - 2017-09-09 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-10 16:02 - 2017-08-27 10:38 - 000000000 ____D C:\.WDTemp 2021-06-24 14:35 - 2017-09-09 16:39 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-06-22 15:34 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2021-06-22 15:31 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender 2021-06-22 14:21 - 2014-06-18 12:46 - 000000000 ____D C:\Program Files\DIFX 2021-06-22 14:09 - 2014-06-18 12:46 - 000000000 ____D C:\ProgramData\Energy Manager 2021-06-19 14:06 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-19 14:05 - 2021-03-10 12:30 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update ==================== Fichiers à la racine de certains dossiers ======== 2021-07-11 15:14 - 2021-07-14 14:51 - 000001096 _____ () C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Roaming\LENOVO-BUZY.MTBF.txt 2020-02-10 15:35 - 2020-02-10 15:35 - 000000410 _____ () C:\Users\Anne-Marie.Lenovo-Buzy\AppData\Local\oobelibMkey.log ==================== SigCheckExt ========================= 2001-09-05 21:00 - 2001-09-05 21:00 - 001700352 _____ (Microsoft Corporation) C:\gdiplus.dll 2013-09-07 01:52 - 2013-09-07 01:52 - 000361600 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\AthCredentialProvider.dll 2014-06-18 12:01 - 2013-08-11 16:54 - 000088576 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTPMA64.exe 2019-09-11 12:00 - 2019-09-11 12:00 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2014-06-18 12:01 - 2013-08-11 16:54 - 000338944 _____ (IDT, Inc.) C:\WINDOWS\system32\stacsv64.exe 2014-06-18 12:01 - 2013-08-11 16:54 - 006101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2005-03-08 11:33 - 2005-03-08 11:33 - 000087392 _____ (Twain Working Group) C:\WINDOWS\twain.dll 2005-03-08 11:33 - 2005-03-08 11:33 - 000048560 _____ (Twain Working Group) C:\WINDOWS\twunk_16.exe 2005-03-08 11:33 - 2005-03-08 11:33 - 000069632 _____ (Twain Working Group) C:\WINDOWS\twunk_32.exe 2004-12-14 02:12 - 2004-12-14 02:12 - 000022016 _____ (Adobe Systems Incorporated.) C:\WINDOWS\SysWOW64\AdobePDF.dll 2002-01-05 02:18 - 2002-01-05 02:18 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll 2003-03-18 21:05 - 2003-03-18 21:05 - 000089088 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2020-08-13 22:04 - 2012-09-25 21:39 - 002555406 _____ C:\WINDOWS\SysWOW64\avcodec-54.dll 2020-08-13 22:04 - 2012-09-25 21:39 - 000157198 _____ C:\WINDOWS\SysWOW64\avutil-51.dll 2014-06-18 11:50 - 2013-08-05 05:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 2020-08-13 22:04 - 2018-11-07 09:57 - 000573952 _____ C:\WINDOWS\SysWOW64\Hi265.dll 2020-08-13 22:04 - 2019-01-11 15:55 - 000081920 _____ () C:\WINDOWS\SysWOW64\hiPBClient.dll 2020-08-13 22:04 - 2019-08-13 19:02 - 000524420 _____ () C:\WINDOWS\SysWOW64\HIPlayer.dll 2020-08-13 22:04 - 2018-11-07 11:26 - 000319488 _____ () C:\WINDOWS\SysWOW64\HIPlayer.exe 2020-08-13 22:04 - 2019-08-09 08:45 - 000057344 _____ () C:\WINDOWS\SysWOW64\HISDK.dll 1999-08-04 00:00 - 1999-08-04 00:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMGWALK.DLL 2013-05-11 17:17 - 2013-05-11 17:17 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2002-01-05 04:48 - 2002-01-05 04:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2002-01-05 04:36 - 2002-01-05 04:36 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll 2003-03-18 20:44 - 2003-03-18 20:44 - 000040960 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000045056 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000065536 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2003-03-18 22:44 - 2003-03-18 22:44 - 000057344 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000061440 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000049152 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2003-03-18 20:44 - 2003-03-18 20:44 - 000049152 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 1999-08-04 00:00 - 1999-08-04 00:00 - 000016304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINF16H.EXE 1999-08-04 00:00 - 1999-08-04 00:00 - 000278589 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSISAM10.DLL 1999-08-04 00:00 - 1999-08-04 00:00 - 001050384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL 1999-08-04 00:00 - 1999-08-04 00:00 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL 1999-08-04 00:00 - 1999-08-04 00:00 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL 1999-05-23 20:07 - 1999-05-23 20:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msprpfr.dll 1999-08-04 00:00 - 1999-08-04 00:00 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL 2000-04-03 17:52 - 2000-04-03 17:52 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll 1999-08-04 00:00 - 1999-08-04 00:00 - 000241724 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSUNI10.DLL 2002-01-05 03:38 - 2002-01-05 03:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll 2002-01-05 03:40 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2002-01-05 03:37 - 2002-01-05 03:37 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2020-08-13 22:04 - 2019-08-13 19:05 - 000249856 _____ () C:\WINDOWS\SysWOW64\NetLib.dll 2020-08-13 22:04 - 2013-07-10 17:21 - 000217600 _____ C:\WINDOWS\SysWOW64\npzxwebplugin.dll 2020-08-13 22:04 - 2014-04-10 14:28 - 000057344 _____ (微软中国) C:\WINDOWS\SysWOW64\SearchLib.dll 1999-05-23 20:07 - 1999-05-23 20:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdftfr.dll 2020-08-13 22:04 - 2020-08-13 22:04 - 000716789 _____ C:\WINDOWS\SysWOW64\unins000.exe 1999-05-23 20:07 - 1999-05-23 20:07 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {0749f49c-f71c-11e3-b7f7-e6c8ba54c3a2} {197b75d7-f71b-11e3-b7f7-806e6f6e6963} {0749f49b-f71c-11e3-b7f7-e6c8ba54c3a2} {197b75d5-f71b-11e3-b7f7-806e6f6e6963} {197b75d6-f71b-11e3-b7f7-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {cfceef18-7712-11e7-9b78-bb5e88ed48af} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {0749f49b-f71c-11e3-b7f7-e6c8ba54c3a2} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\LrsBootMgr.efi description Lenovo Recovery System Application logicielle (101fffff) -------------------------------- identificateur {0749f49c-f71c-11e3-b7f7-e6c8ba54c3a2} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Application logicielle (101fffff) -------------------------------- identificateur {197b75d5-f71b-11e3-b7f7-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {197b75d6-f71b-11e3-b7f7-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {197b75d7-f71b-11e3-b7f7-806e6f6e6963} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {197b75d8-f71b-11e3-b7f7-806e6f6e6963} description EFI Network 0 for IPv4 (60-02-92-02-BA-53) Application logicielle (101fffff) -------------------------------- identificateur {197b75d9-f71b-11e3-b7f7-806e6f6e6963} description EFI Network 0 for IPv6 (60-02-92-02-BA-53) Chargeur de d‚marrage Windows ----------------------------- identificateur {0749f499-f71c-11e3-b7f7-e6c8ba54c3a2} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{0749f49a-f71c-11e3-b7f7-e6c8ba54c3a2} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{0749f49a-f71c-11e3-b7f7-e6c8ba54c3a2} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {0749f499-f71c-11e3-b7f7-e6c8ba54c3a2} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {cfceef18-7712-11e7-9b78-bb5e88ed48af} nx OptIn bootmenupolicy Standard detecthal Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {cfceef18-7712-11e7-9b78-bb5e88ed48af} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {0749f499-f71c-11e3-b7f7-e6c8ba54c3a2} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {0749f49a-f71c-11e3-b7f7-e6c8ba54c3a2} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi LastRegBack: 2021-07-16 12:02 ==================== Fin de FRST.txt ========================