Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021 Exécuté par dthav (administrateur) sur DESKTOP-6FEQG1D (Micro-Star International Co., Ltd. MS-7B45) (14-08-2021 15:41:14) Exécuté depuis C:\Users\dthav\OneDrive\Bureau Profils chargés: dthav Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.13801.20860.0_x64__8wekyb3d8bbwe\WordIm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {351A12F2-5C95-45AC-8993-B67ADFAB03CE} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5954584 2021-08-04] (IObit CO., LTD -> IObit) Task: {403305CA-C0B7-4B77-8017-CEE431CED728} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {6BCBFA53-2F3C-43EB-A6FE-6685CAA8A225} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform) Task: {8A3E3739-F98E-4F98-A42D-D57041DF8D54} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20078184 2021-07-24] (Goversoft LLC -> Goversoft LLC) Task: {A9783B1F-5BFF-47D3-AA40-DD066E72025B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-10] (Mozilla Corporation -> Mozilla Foundation) Task: {AAA07BA7-F91C-4C73-8468-677C6CC92A39} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit) Task: {B1A79810-22F9-4721-BAEC-C5A2CE95F8BF} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [29214040 2021-08-05] (ADLICE (ASCOET JULIEN) -> ) Task: {D81B9982-191D-43ED-88D3-A87D66A5E7A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {EC26F7DC-CCA6-41E6-BAF1-F4CDE42593E3} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3477528 2021-05-26] (IObit CO., LTD -> IObit) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{e75ff8d0-9f8a-497b-8a35-032d4e607b31}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14] Edge Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-08] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\dthav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-11] Edge HKU\S-1-5-21-2318516632-1433698277-3918489527-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 0hxpkp5n.default FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\0hxpkp5n.default [2021-07-08] FF ProfilePath: C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release [2021-08-14] FF Homepage: Mozilla\Firefox\Profiles\kktwelt6.default-release -> hxxps://www.gurumed.org/ FF Notifications: Mozilla\Firefox\Profiles\kktwelt6.default-release -> hxxps://www.lemonde.fr FF Extension: (AdBlocker Ultimate) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2021-07-27] FF Extension: (Kaspersky Protection) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-07-08] FF Extension: (uBlock Origin) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31] FF Extension: (Malwarebytes Browser Guard) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-08-12] FF Extension: (Beach) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2021-07-08] FF Extension: (Web of Trust) - C:\Users\dthav\AppData\Roaming\Mozilla\Firefox\Profiles\kktwelt6.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-07-08] FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-07-08] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-07-08] <==== ATTENTION Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2357880 2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-23] (HP Inc. -> HP Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [368360 2021-06-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 NahimicService; C:\Windows\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic) R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [309104 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115744 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [224880 2021-07-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) U3 avgbdisk; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-14 15:40 - 2021-08-14 15:41 - 000000000 ____D C:\FRST 2021-08-14 14:33 - 2021-08-14 14:33 - 000295168 _____ C:\Windows\system32\FNTCACHE.DAT 2021-08-14 11:08 - 2021-08-14 11:10 - 000000000 ____D C:\ProgramData\TEMP 2021-08-14 11:08 - 2021-08-14 11:08 - 000000000 ____D C:\ProgramData\Binarysense 2021-08-12 07:47 - 2021-08-12 07:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-08-12 07:47 - 2021-08-12 07:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-08-12 07:47 - 2021-08-12 07:47 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-08-12 07:47 - 2021-08-12 07:47 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-08-12 07:47 - 2021-08-12 07:47 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-08-12 07:47 - 2021-08-12 07:47 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2021-08-12 07:47 - 2021-08-12 07:47 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-08-12 07:44 - 2021-08-12 07:44 - 000000000 ___HD C:\$WinREAgent 2021-08-10 21:09 - 2021-08-10 21:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-08-10 20:32 - 2021-08-11 08:17 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-08-07 08:14 - 2021-08-07 08:14 - 000000072 _____ C:\Windows\system32\AdsInfoCls 2021-07-31 09:04 - 2021-07-31 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2021-07-31 09:04 - 2021-07-31 09:04 - 000000000 ____D C:\Program Files\Core Temp 2021-07-30 20:23 - 2021-07-30 20:23 - 000000000 ____D C:\Users\dthav\AppData\Local\WhyNotWin11 2021-07-30 18:32 - 2021-07-30 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader 2021-07-30 18:19 - 2021-07-31 09:01 - 000000000 ____D C:\Users\dthav\AppData\Local\Patch_My_PC,_LLC 2021-07-27 07:34 - 2021-07-27 07:34 - 000000000 ____D C:\Program Files\WinDjView 2021-07-24 08:35 - 2021-08-14 07:53 - 000000000 ____D C:\Users\dthav\AppData\Local\PrivaZer 2021-07-24 08:35 - 2021-07-24 08:35 - 000003188 _____ C:\Windows\system32\Tasks\PrivaZer_SkipUAC 2021-07-24 08:35 - 2021-07-24 08:35 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2021-07-24 08:35 - 2021-07-24 08:35 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2021-07-24 08:35 - 2021-07-24 08:35 - 000000000 ____D C:\ProgramData\privazer 2021-07-24 08:35 - 2021-07-24 08:35 - 000000000 ____D C:\Program Files (x86)\PrivaZer 2021-07-23 10:48 - 2021-07-23 10:48 - 000000000 ____D C:\Windows\system32\Tasks\HP 2021-07-20 07:27 - 2021-07-20 07:27 - 000000000 ____D C:\Users\dthav\AppData\Local\calibre-parallel 2021-07-19 08:17 - 2021-07-19 08:17 - 000001956 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unlocker.lnk 2021-07-19 08:17 - 2021-07-19 08:17 - 000000000 ____D C:\Program Files (x86)\Unlocker 2021-07-16 20:17 - 2021-07-16 20:17 - 000000000 ____D C:\Users\dthav\AppData\Roaming\CrystalIdea Software 2021-07-16 20:14 - 2021-07-24 08:40 - 000000000 ____D C:\Users\dthav\AppData\Local\CrashDumps 2021-07-16 20:05 - 2021-07-30 17:45 - 000000000 ____D C:\Users\dthav\AppData\Local\D3DSCache 2021-07-15 23:40 - 2021-07-15 23:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2021-07-15 23:40 - 2021-07-15 23:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2021-07-15 23:40 - 2021-07-15 23:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb 2021-07-15 23:40 - 2021-07-15 23:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb 2021-07-15 15:16 - 2021-08-01 09:03 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2021-07-15 15:16 - 2021-07-15 15:16 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2021-07-14 09:32 - 2021-07-14 09:32 - 000000000 ____D C:\Users\dthav\AppData\Roaming\GlarySoft 2021-07-14 07:37 - 2021-07-14 07:37 - 000000000 ____D C:\Users\dthav\AppData\Roaming\EaseUS 2021-07-14 07:37 - 2021-07-14 07:37 - 000000000 ____D C:\ProgramData\SystemAcCrux 2021-07-13 08:14 - 2021-07-23 10:48 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-07-12 21:10 - 2021-07-12 21:10 - 000000000 ____D C:\Users\dthav\AppData\Roaming\WinRAR 2021-07-12 21:10 - 2021-07-12 21:10 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-07-12 21:10 - 2021-07-12 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-07-12 21:10 - 2021-07-12 21:10 - 000000000 ____D C:\Program Files\WinRAR 2021-07-12 17:06 - 2021-07-13 10:34 - 000000000 ____D C:\SAUVEGARDE Dsk interne 250 Go 2021-07-12 16:39 - 2021-07-12 17:47 - 000000000 ____D C:\Users\dthav\AppData\Local\DiskDrill 2021-07-12 16:39 - 2021-07-12 16:39 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Cleverfiles Software 2021-07-12 16:39 - 2021-07-12 16:39 - 000000000 ____D C:\Users\dthav\AppData\Local\CrashRpt 2021-07-12 16:37 - 2021-07-12 16:37 - 000000000 ____D C:\Program Files (x86)\CleverFiles 2021-07-12 13:20 - 2021-07-21 18:58 - 000000000 ____D C:\Program Files\HWiNFO64 2021-07-12 13:20 - 2021-07-16 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2021-07-10 18:50 - 2021-07-30 18:32 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Foxit Software 2021-07-10 18:50 - 2021-07-13 09:40 - 000000000 ____D C:\ProgramData\Foxit Software 2021-07-10 18:50 - 2021-07-13 09:40 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2021-07-10 18:50 - 2021-07-10 18:50 - 000000000 ____D C:\Users\Public\Foxit Software 2021-07-10 18:50 - 2021-07-10 18:50 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Foxit AgentInformation 2021-07-10 18:50 - 2021-07-10 18:50 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2021-07-10 10:01 - 2021-07-10 10:01 - 000000000 ____D C:\Program Files\EaseUS 2021-07-09 22:05 - 2021-08-14 10:53 - 000000000 ____D C:\Users\dthav\AppData\Roaming\vlc 2021-07-09 21:52 - 2021-07-09 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2021-07-09 21:52 - 2021-07-09 21:52 - 000000000 ____D C:\Program Files\VideoLAN 2021-07-09 21:47 - 2021-07-09 21:47 - 002371072 _____ C:\Windows\system32\rdpnano.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 001687040 _____ C:\Windows\system32\libcrypto.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-07-09 21:47 - 2021-07-09 21:47 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE 2021-07-09 21:47 - 2021-07-09 21:47 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-07-09 21:47 - 2021-07-09 21:47 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2021-07-09 21:47 - 2021-07-09 21:47 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-07-09 21:47 - 2021-07-09 21:47 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-07-09 21:47 - 2021-07-09 21:47 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-07-09 21:47 - 2021-07-09 21:47 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-07-09 21:47 - 2021-07-09 21:47 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-07-09 21:47 - 2021-07-09 21:47 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-07-09 21:47 - 2021-07-09 21:47 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-07-09 21:47 - 2021-07-09 21:47 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-07-09 21:42 - 2021-07-09 21:47 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-07-09 21:42 - 2021-07-09 21:47 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-07-09 21:42 - 2021-07-09 21:42 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2021-07-09 21:42 - 2021-07-09 21:42 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe 2021-07-09 21:38 - 2021-08-04 07:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-07-09 21:37 - 2021-08-12 07:43 - 000000000 ____D C:\Windows\system32\MRT 2021-07-09 21:22 - 2021-08-14 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2021-07-09 21:22 - 2021-08-14 07:44 - 000000000 ____D C:\Program Files (x86)\Calibre2 2021-07-09 21:22 - 2021-07-09 21:22 - 000000000 ____D C:\Users\dthav\AppData\Roaming\calibre 2021-07-09 21:22 - 2021-07-09 21:22 - 000000000 ____D C:\Users\dthav\AppData\Local\calibre-cache 2021-07-09 21:15 - 2021-08-14 15:37 - 000000000 ____D C:\Users\dthav\AppData\Roaming\ZHP 2021-07-09 21:15 - 2021-08-14 15:33 - 000000000 ____D C:\Users\dthav\AppData\Local\ZHP 2021-07-09 13:22 - 2021-07-15 15:16 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo 2021-07-09 10:14 - 2021-07-24 08:40 - 000000000 ____D C:\Users\dthav\AppData\Local\ElevatedDiagnostics 2021-07-09 09:00 - 2021-07-09 09:00 - 000000000 ____D C:\ProgramData\HP 2021-07-09 08:51 - 2021-07-09 08:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2021-07-09 07:41 - 2021-07-09 07:41 - 000000000 ____D C:\Users\dthav\AppData\Roaming\OpenOffice 2021-07-09 07:33 - 2021-07-09 07:34 - 000000000 ____D C:\ProgramData\SystemExplorer 2021-07-09 07:33 - 2021-07-09 07:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2021-07-09 07:33 - 2021-07-09 07:33 - 000000000 ____D C:\Program Files (x86)\System Explorer 2021-07-08 22:01 - 2021-07-08 22:01 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Cybelsoft 2021-07-08 21:56 - 2021-07-08 21:56 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.10 2021-07-08 21:56 - 2021-07-08 21:56 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2021-07-08 21:49 - 2021-08-14 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2021-07-08 21:49 - 2021-08-14 14:31 - 000000000 ____D C:\Program Files\CPUID 2021-07-08 21:49 - 2021-07-08 21:49 - 000000000 ____D C:\Users\dthav\AppData\Local\AMD 2021-07-08 21:40 - 2021-07-08 21:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2021-07-08 21:40 - 2021-07-08 21:40 - 000000000 ____D C:\Program Files\Speccy 2021-07-08 21:38 - 2021-08-14 14:36 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner 2021-07-08 21:38 - 2021-08-14 14:36 - 000000000 ____D C:\Program Files (x86)\Wise 2021-07-08 21:33 - 2021-08-06 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck 2021-07-08 21:33 - 2021-08-06 18:15 - 000000000 ____D C:\Program Files\UCheck 2021-07-08 21:33 - 2021-07-08 21:33 - 000003100 _____ C:\Windows\system32\Tasks\UCheck 2021-07-08 21:33 - 2021-07-08 21:33 - 000000000 ____D C:\ProgramData\UCheck 2021-07-08 21:13 - 2021-08-14 07:43 - 000000000 ____D C:\Users\dthav\AppData\Roaming\IObit 2021-07-08 21:13 - 2021-08-14 07:43 - 000000000 ____D C:\ProgramData\IObit 2021-07-08 21:13 - 2021-08-14 07:39 - 000000000 ____D C:\ProgramData\ProductData 2021-07-08 21:13 - 2021-08-06 18:47 - 000003264 _____ C:\Windows\system32\Tasks\SmartDefrag_AutoAnalyze 2021-07-08 21:13 - 2021-08-06 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2021-07-08 21:13 - 2021-07-08 21:13 - 000003104 _____ C:\Windows\system32\Tasks\SmartDefrag_Startup 2021-07-08 21:13 - 2021-07-08 21:13 - 000003100 _____ C:\Windows\system32\Tasks\SmartDefrag_Update 2021-07-08 21:13 - 2021-07-08 21:13 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled 2021-07-08 21:13 - 2021-07-08 21:13 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\IObit 2021-07-08 21:13 - 2021-07-08 21:13 - 000000000 ____D C:\Program Files (x86)\IObit 2021-07-08 21:13 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll 2021-07-08 21:13 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys 2021-07-08 21:13 - 2016-03-22 11:02 - 000036824 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe 2021-07-08 21:10 - 2021-07-08 21:10 - 000000000 ____D C:\Users\dthav\AppData\Local\mbam 2021-07-08 21:09 - 2021-07-08 21:09 - 000000000 ____D C:\Program Files\Malwarebytes 2021-07-08 21:05 - 2021-07-08 21:05 - 000000000 ____D C:\Users\dthav\AppData\Local\CEF 2021-07-08 21:04 - 2021-08-14 14:35 - 000000000 ____D C:\Program Files\CCleaner 2021-07-08 21:04 - 2021-07-23 16:14 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-07-08 21:04 - 2021-07-08 21:08 - 000000000 ____D C:\ProgramData\AVG 2021-07-08 21:04 - 2021-07-08 21:04 - 000002888 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2021-07-08 21:04 - 2021-07-08 21:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-07-08 21:03 - 2021-07-09 21:02 - 000000000 ____D C:\AdwCleaner 2021-07-08 20:06 - 2021-07-10 21:22 - 000000000 ____D C:\Windows\Panther 2021-07-08 19:59 - 2021-08-14 07:51 - 000000000 ____D C:\Users\dthav\Tracing 2021-07-08 19:59 - 2021-08-14 07:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2021-07-08 19:59 - 2021-07-08 19:59 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Skype 2021-07-08 19:55 - 2021-07-08 19:55 - 000309104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2021-07-08 19:46 - 2021-07-08 19:46 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab 2021-07-08 19:46 - 2021-07-08 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager 2021-07-08 19:45 - 2021-07-08 19:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-07-08 19:45 - 2021-07-08 19:46 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2021-07-08 19:45 - 2021-07-08 19:45 - 000263888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2021-07-08 19:45 - 2021-07-08 19:45 - 000224880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2021-07-08 19:45 - 2021-07-08 19:45 - 000115744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2021-07-08 19:45 - 2021-07-08 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN 2021-07-08 19:45 - 2021-07-08 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2021-07-08 19:45 - 2021-07-08 19:45 - 000000000 ____D C:\Program Files\Common Files\AV 2021-07-08 19:45 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2021-07-08 19:45 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2021-07-08 19:45 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2021-07-08 19:43 - 2021-07-08 19:44 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2021-07-08 19:34 - 2021-07-08 19:34 - 000000000 ____D C:\Users\dthav\AppData\Local\Comms 2021-07-08 19:33 - 2021-08-14 14:54 - 000000000 ____D C:\ProgramData\Mozilla 2021-07-08 19:33 - 2021-08-14 14:53 - 000000000 ____D C:\Users\dthav\AppData\LocalLow\Mozilla 2021-07-08 19:33 - 2021-08-14 14:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-08 19:33 - 2021-08-10 21:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-08 19:33 - 2021-07-08 19:33 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Mozilla 2021-07-08 19:33 - 2021-07-08 19:33 - 000000000 ____D C:\Users\dthav\AppData\Local\OneDrive 2021-07-08 19:33 - 2021-07-08 19:33 - 000000000 ____D C:\Users\dthav\AppData\Local\Mozilla 2021-07-08 19:29 - 2021-07-08 19:29 - 000003840 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification 2021-07-08 19:29 - 2021-07-08 19:29 - 000000000 ____D C:\Users\dthav\AppData\Local\NhNotifSys 2021-07-08 19:28 - 2021-07-08 19:28 - 000000000 ____D C:\ProgramData\A-Volute 2021-07-08 19:20 - 2021-08-03 08:30 - 000000000 ____D C:\Users\dthav\AppData\Local\PlaceholderTileLogoFolder 2021-07-08 19:20 - 2021-07-08 19:20 - 000000000 ___HD C:\OneDriveTemp 2021-07-08 19:19 - 2021-08-14 14:06 - 000000000 ___RD C:\Users\dthav\OneDrive 2021-07-08 19:19 - 2021-08-03 07:59 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2318516632-1433698277-3918489527-1002 2021-07-08 19:19 - 2021-07-08 19:19 - 000000000 ____D C:\Users\dthav\AppData\Roaming\ATI 2021-07-08 19:19 - 2021-07-08 19:19 - 000000000 ____D C:\Users\dthav\AppData\Local\ATI 2021-07-08 19:19 - 2021-07-08 19:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-07-08 19:19 - 2021-07-08 19:19 - 000000000 ____D C:\ProgramData\ATI 2021-07-08 19:18 - 2021-08-10 07:32 - 000000000 ____D C:\Users\dthav\AppData\Local\Packages 2021-07-08 19:18 - 2021-07-10 20:18 - 000000000 ____D C:\ProgramData\Packages 2021-07-08 19:18 - 2021-07-08 19:28 - 000000000 ____D C:\Users\dthav\AppData\Local\ConnectedDevicesPlatform 2021-07-08 19:18 - 2021-07-08 19:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-07-08 19:18 - 2021-07-08 19:18 - 000000000 ___RD C:\Users\dthav\3D Objects 2021-07-08 19:18 - 2021-07-08 19:18 - 000000000 ____D C:\Users\dthav\AppData\Roaming\Adobe 2021-07-08 19:18 - 2021-07-08 19:18 - 000000000 ____D C:\Users\dthav\AppData\Local\VirtualStore 2021-07-08 19:18 - 2021-07-08 19:18 - 000000000 ____D C:\Users\dthav\AppData\Local\Publishers 2021-07-08 19:14 - 2021-08-09 11:58 - 000000000 ____D C:\Users\dthav 2021-07-08 19:14 - 2021-08-03 07:59 - 000002405 _____ C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-08 19:14 - 2021-07-08 19:14 - 000000020 ___SH C:\Users\dthav\ntuser.ini 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\Voisinage réseau 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\Voisinage d'impression 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\Modèles 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\Mes documents 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\Menu Démarrer 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-07-08 19:14 - 2021-07-08 19:14 - 000000000 _SHDL C:\Users\dthav\AppData\Local\Historique 2021-07-08 19:11 - 2021-08-14 14:37 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\ProgramData\Package Cache 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\Program Files\ATI Technologies 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\Program Files\AMD 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\Program Files (x86)\ATI Technologies 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 ____D C:\AMD 2021-07-08 19:10 - 2021-07-08 19:10 - 000000000 _____ C:\Windows\ativpsrm.bin 2021-07-08 19:09 - 2021-07-08 19:09 - 000000000 ____D C:\Windows\system32\A-Volute 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\Modèles 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\Mes documents 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\ProgramData\Modèles 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\ProgramData\Bureau 2021-07-08 19:08 - 2021-07-08 19:08 - 000000000 _SHDL C:\Documents and Settings 2021-07-08 19:07 - 2021-08-14 14:33 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-08 19:07 - 2021-08-14 14:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-07-08 19:07 - 2021-08-14 12:45 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-07-08 19:07 - 2021-08-13 08:20 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-08 19:07 - 2021-08-13 08:20 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-08 19:07 - 2021-08-07 17:20 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-08 19:07 - 2021-07-08 19:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2021-07-08 19:07 - 2021-07-08 19:07 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-07-08 19:07 - 2021-07-08 19:07 - 000000000 ____D C:\Windows\ServiceProfiles 2021-05-27 20:57 - 2021-05-27 20:57 - 006651544 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll 2021-05-27 20:57 - 2021-05-27 20:57 - 001088640 _____ (Nahimic) C:\Windows\system32\NahimicSvc64.exe 2021-05-27 20:57 - 2021-05-27 20:57 - 000944768 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControl.dll 2021-05-27 20:57 - 2021-05-27 20:57 - 000925312 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControlExpert.dll 2021-05-27 20:57 - 2021-05-27 20:57 - 000829568 _____ (Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-14 15:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-08-14 14:37 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat 2021-08-14 14:37 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat 2021-08-14 14:37 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-08-14 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-14 14:33 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-08-14 13:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\GroupPolicy 2021-08-13 21:43 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-08-13 08:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-13 08:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2021-08-12 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-08-12 07:49 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2021-08-07 12:41 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2021-07-16 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-07-16 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {366dd4ab-e016-11eb-9610-8769174e3224} {366dd4ac-e016-11eb-9610-8769174e3224} {dd510f68-fcfb-11eb-8d04-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {366dd4b0-e016-11eb-9610-8769174e3224} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {366dd4ab-e016-11eb-9610-8769174e3224} description Hard Drive Application logicielle (101fffff) -------------------------------- identificateur {366dd4ac-e016-11eb-9610-8769174e3224} description CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {dd510f68-fcfb-11eb-8d04-806e6f6e6963} description USB HDD Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {366dd4b0-e016-11eb-9610-8769174e3224} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {366dd4b2-e016-11eb-9610-8769174e3224} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{366dd4b3-e016-11eb-9610-8769174e3224} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {366dd4b0-e016-11eb-9610-8769174e3224} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {366dd4b2-e016-11eb-9610-8769174e3224} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {366dd4b3-e016-11eb-9610-8769174e3224} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================