Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021 Exécuté par balou (administrateur) sur DESKTOP-CPT119A (MEDION H77H2-EM) (14-08-2021 17:07:53) Exécuté depuis C:\Users\balou\Desktop Profils chargés: balou Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Objectif Tarot\Objectif Tarot.exe () [Fichier non signé] C:\Program Files\Serviio\bin\ServiioService.exe <2> (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe (Chris Andriessen) [Fichier non signé] C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe (CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.73\identity_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [VX1000] => C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [754416 2019-09-26] (Acronis International GmbH -> ) HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> ) HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2019-09-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM\...\Winlogon: [LegalNoticeCaption] pour mémoire HKLM\...\Winlogon: [LegalNoticeText] dernière sauvegarde effectuée le 20022021 sous D: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [MicrosoftEdgeAutoLaunch_8749423E1A656369799CDA13EC037503] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {1b37827e-0b80-11eb-8294-503eaa099658} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {46758dd9-8bc1-11ea-8177-503eaa099658} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {4ef21b3f-fcb5-11e9-805a-806e6f6e6963} - "E:\Autorun.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {b5f6af41-4033-11eb-8308-13fa5dc91035} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {bfa41401-2567-11ea-80b6-503eaa099658} - "I:\LaunchU3.exe" -a HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b5021-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b503c-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {d46b50e0-e6f0-11eb-8472-c8d719c712d8} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-1001\...\MountPoints2: {de723dc7-691b-11ea-8124-503eaa099658} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3565519794-2566505848-2842821374-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: CNMLM9W.DLL HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\Windows\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BingSnap.lnk [2021-06-03] ShortcutTarget: BingSnap.lnk -> C:\Program Files\BingSnap\BingSnap.exe () [Fichier non signé] Startup: C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FalconX.lnk [2021-06-12] ShortcutTarget: FalconX.lnk -> C:\Users\balou\Desktop\Autres raccourcis\FalconX.exe (Chris Andriessen) [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {02482ED0-85EC-48B9-A813-FC986820AEB2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {030DE863-D27D-4928-9FFD-56B29B185BC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {0791D2E4-F8E5-4635-9FBF-AD3A2A704883} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) Task: {34F5F2F1-DC7B-4A4A-B4C9-E13C3A4945C7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500 => C:\Users\balou\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {394E2969-8D40-4622-BDEE-60ED93C1F316} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [100536 2019-09-06] (CyberLink Corp. -> CyberLink Corp.) Task: {43FFF390-1390-46C6-862C-CCCB9FC326BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC) Task: {4DC0D301-A040-484E-A6A7-60CBE26B8540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {80FC9301-24F2-44B1-B81B-8A6300DA3C0D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {81296429-9CDB-4982-9D1E-6B23045F955C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {91B567C8-0584-4A87-A9F9-74F01D9E882F} - System32\Tasks\HPPSDrTelemetryWatch => C:\Program Files (x86)\HP\Diagnostics\TelemetryWatch\PSDrTelemetryWatch.exe [32392 2021-03-29] (HP Inc. -> ) Task: {9485B5B5-A64E-4025-B843-34B082454AF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-08-11] (HP Inc. -> HP Inc.) Task: {B1D0E68A-2826-49FC-8030-D6E270BEE71A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {B5B9FA79-DD25-4B52-8E9E-337349A3C84B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {B7933A23-6867-4515-B510-2FE716D4CA0F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C304869A-41DE-4470-8E90-1FF483F08518} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C45D3CF6-74F6-4050-B8E6-05C71215F476} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C76217D0-6E9E-4A5C-B12C-183897E923BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform) Task: {C875DBA0-87A3-4EE1-BA93-0C43E19B0127} - System32\Tasks\PrivaZer_SkipUAC => F:\PrivaZer\PrivaZer.exe Task: {C93F9F08-D942-4AAE-B3B7-37A69CC0EE92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {CAD18DBE-FBC0-4DDF-8036-4768E2839B92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {D75B2505-5A43-4A11-8C31-7D98A928FEF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D89E46AC-8906-4FB7-B972-D1FDE81307F4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-13] (Mozilla Corporation -> Mozilla Foundation) Task: {EF99CC22-F3F1-4A97-9D01-30100EF2C898} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F618FFE1-9F9C-47D9-B723-0A4766287CA8} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe Task: {FA6C70FC-3002-4467-BC7E-91C4D0735579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC) Task: {FFAF25AA-942C-472A-95A4-4BD4B6AD0A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{37d369c3-222c-499c-9a4c-bd603964f37b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3c4c96f0-39e8-4ecd-91ef-95f4831807f8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a3bdf0ac-7aba-4cf3-ac96-b39696ee8c2e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ef0c8e75-ec85-4ca5-bdee-528308e9b757}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{fe55a651-2e5e-40f5-ae6e-1434d641e877}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= DownloadDir: C:\Users\balou\Downloads Edge HomeButtonPage: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.google.fr/ Edge Notifications: HKU\S-1-5-21-3565519794-2566505848-2842821374-1001 -> hxxps://www.facebook.com; hxxps://notification-list.com; hxxps://notification-centar.com; hxxps://www.wish.com; hxxps://geek.wish.com; hxxps://www.1formatik.com Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-11-02] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14] Edge Notifications: Default -> hxxps://www.capital.fr; hxxps://www.facebook.com Edge StartupUrls: Default -> "hxxp://www.google.fr/" Edge DefaultSearchURL: Default -> hxxps://www.ventusky.com/images/favicon.ico Edge Extension: (Ventusky) - C:\Users\balou\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akeljcfnkeccidbecaggemfjmbjhpgmh [2021-03-05] FireFox: ======== FF DefaultProfile: vfblv3j2.default FF ProfilePath: C:\Users\balou\AppData\Roaming\TomTom\HOME\Profiles\3lrpc2wb.default [2020-01-23] FF Extension: (Pas de nom) - F:\tom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)] FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\vfblv3j2.default [2019-11-01] FF ProfilePath: C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release [2021-08-13] FF Notifications: Mozilla\Firefox\Profiles\mwpu0cez.default-release -> hxxps://www.footballdatabase.eu FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\balou\AppData\Roaming\Mozilla\Firefox\Profiles\mwpu0cez.default-release\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2020-06-03] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> F:\VLC\npvlc.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé] FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\VLC\npvlc.dll [2021-04-27] (VideoLAN -> VideoLAN) [Fichier non signé] FF Plugin: @videolan.org/vlc,version=3.0.8 -> F:\VLC\npvlc.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> F:\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1157592 2019-09-26] (Acronis International GmbH -> ) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.) S4 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.1.0\ABService.exe [898216 2020-10-12] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [734760 2021-05-12] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [733224 2021-05-12] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [733216 2021-05-12] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-24] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [733760 2021-05-12] (HP Inc. -> HP Inc.) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-09-26] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1753704 2019-09-26] (Acronis International GmbH -> ) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-01-22] (Even Balance, Inc. -> ) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> ) R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [Fichier non signé] S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262312 2021-01-27] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Fichier non signé] R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrhidmini; C:\WINDOWS\System32\drivers\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 ddmdrv; C:\WINDOWS\SysWOW64\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-24] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 DxVGrb; C:\WINDOWS\system32\drivers\DxVGrb.sys [222464 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Dexetek) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 fiddrv64; pas de ImagePath R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 GENERICDRV; C:\Medion\amifldrv64.sys [15640 2013-02-12] (American Megatrends, Inc. -> ) R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [51400 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.) R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [48344 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [Fichier non signé] R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2020-08-14] (CACE Technologies, Inc. -> CACE Technologies, Inc.) S3 PinnacleMarvinAVS; C:\WINDOWS\system32\DRIVERS\MarvinAVS64.sys [484736 2007-05-09] (Pinnacle a division of Avid Technology, Inc.) [Fichier non signé] R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S4 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12528 2021-02-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Fichier non signé] R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Savitech Corp. -> Windows (R) Win 7 DDK provider) R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2020-12-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation) S1 SASDIFSV; \??\F:\\SASDIFSV64.SYS [X] S1 SASKUTIL; \??\F:\\SASKUTIL64.SYS [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-14 17:07 - 2021-08-14 17:08 - 000033401 _____ C:\Users\balou\Desktop\FRST.txt 2021-08-14 17:07 - 2021-08-14 17:07 - 000526505 _____ C:\Users\balou\Desktop\ZHPDiag.html 2021-08-14 17:07 - 2021-08-14 17:07 - 000433662 _____ C:\Users\balou\Desktop\ZHPDiag.txt 2021-08-14 17:07 - 2021-08-14 17:07 - 000000000 ____D C:\Users\balou\Desktop\FRST-OlderVersion 2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe 2021-08-14 16:59 - 2021-08-14 16:59 - 000000000 ____D C:\Users\balou\Desktop\archives 2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe 2021-08-14 08:07 - 2021-08-14 08:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-08-14 08:02 - 2021-08-14 08:02 - 011102896 _____ (McAfee, LLC) C:\Users\balou\Downloads\MCPR.exe 2021-08-13 21:08 - 2021-08-13 21:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-13 21:03 - 2021-08-13 21:03 - 000000000 ____D C:\Users\balou\AppData\Local\mbam 2021-08-13 21:02 - 2021-08-13 21:02 - 002120496 _____ (Malwarebytes) C:\Users\balou\Downloads\MBSetup.exe 2021-08-13 21:02 - 2021-08-13 21:02 - 000000000 ____D C:\Program Files\Malwarebytes 2021-08-13 20:59 - 2021-08-13 20:59 - 002822966 _____ C:\Users\balou\Downloads\ZHPCleaner.zip 2021-08-13 16:45 - 2021-08-13 16:45 - 000000000 ____D C:\Users\balou\Desktop\Wub 2021-08-13 16:04 - 2021-08-13 16:04 - 000002331 _____ C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk 2021-08-13 16:04 - 2021-08-13 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2021-08-13 16:04 - 2012-10-17 04:31 - 000741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMB111.dll 2021-08-13 15:18 - 2021-08-14 17:08 - 000000000 ____D C:\FRST 2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe 2021-08-13 14:57 - 2021-08-14 17:00 - 000000734 _____ C:\Users\balou\Desktop\ZHPSuite.lnk 2021-08-13 14:44 - 2021-08-13 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2021-08-13 14:44 - 2021-08-13 14:44 - 000000000 ____D C:\Program Files\iTunes 2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-13 11:57 - 2021-08-13 11:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-13 11:57 - 2021-08-13 11:57 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-13 11:57 - 2021-08-13 11:57 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-13 11:57 - 2021-08-13 11:57 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-13 11:57 - 2021-08-13 11:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-13 11:57 - 2021-08-13 11:57 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-13 11:49 - 2021-08-13 11:49 - 000000000 ___HD C:\$WinREAgent 2021-08-12 15:31 - 2021-08-12 15:31 - 000000000 ____D C:\WINDOWS\Panther 2021-08-12 07:32 - 2021-08-12 07:32 - 002504122 _____ C:\Users\balou\Desktop\article Paris Normandie Régis.pdf 2021-08-12 07:30 - 2021-08-12 07:30 - 000000000 ____D C:\Users\balou\AppData\Local\HP_Inc 2021-08-11 23:05 - 2021-08-11 23:05 - 000000000 ____D C:\Users\balou\AppData\Roaming\HP 2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Hewlett-Packard 2021-08-11 21:06 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-08-11 21:06 - 2021-08-13 16:04 - 000000000 ____D C:\Program Files\HP 2021-08-11 21:06 - 2021-08-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2021-08-11 20:56 - 2021-08-11 20:56 - 000003892 _____ C:\WINDOWS\system32\Tasks\HPPSDrTelemetryWatch 2021-08-11 20:20 - 2021-08-11 20:20 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\HPPSDr 2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Roaming\FastStone 2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\Users\balou\AppData\Local\FastStone 2021-08-11 20:08 - 2021-08-11 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer 2021-08-09 20:08 - 2021-08-09 20:08 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2021-08-09 20:08 - 2021-08-09 20:08 - 000002247 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2021-08-09 20:08 - 2021-08-09 20:08 - 000000000 ____D C:\Program Files\Google 2021-08-05 09:19 - 2021-08-05 09:19 - 000000522 _____ C:\Users\balou\Desktop\Données.lnk 2021-08-04 17:16 - 2021-08-04 17:16 - 000000000 ____D C:\Program Files\Conexant 2021-08-04 17:15 - 2012-01-10 12:12 - 000222464 _____ (Dexetek ) C:\WINDOWS\system32\Drivers\DxVGrb.sys 2021-08-04 17:15 - 2012-01-10 12:11 - 000055808 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\cxtvrate.dll 2021-08-04 17:15 - 2012-01-10 12:11 - 000040960 _____ (Conexant) C:\WINDOWS\system32\y8cnvt.ax 2021-08-04 17:15 - 2012-01-10 12:11 - 000032256 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\CxPolaris.ax 2021-08-04 17:15 - 2012-01-10 12:10 - 000019456 _____ (Conexant Systems, Inc) C:\WINDOWS\system32\cpnotify.ax 2021-08-04 17:15 - 2012-01-10 12:10 - 000016384 _____ C:\WINDOWS\system32\cxEZCAP.ax 2021-08-03 18:34 - 2021-08-03 18:34 - 000000000 ____D C:\Program Files (x86)\Terratec 2021-08-03 15:59 - 2021-08-03 15:59 - 000003288 _____ C:\WINDOWS\system32\Tasks\PowerDirectorStyleAgent 2021-08-03 15:58 - 2021-08-03 15:58 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 18.lnk 2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\ProgramData\install_backup 2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information 2021-08-03 15:58 - 2021-08-03 15:58 - 000000000 ____D C:\Program Files (x86)\CyberLink 2021-08-03 15:19 - 2021-08-03 15:19 - 000000000 ____D C:\Users\balou\AppData\Roaming\Bandicam Company 2021-08-02 10:09 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2021-07-31 19:17 - 2021-07-31 19:17 - 001677450 _____ C:\Users\balou\Downloads\pétition001.pdf 2021-07-30 21:10 - 2021-07-30 21:10 - 000000000 ____D C:\Users\balou\Documents\Samsung 2021-07-30 21:09 - 2021-07-30 21:09 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Samsung 2021-07-28 22:24 - 2021-08-13 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2021-07-28 22:24 - 2019-12-14 07:08 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll 2021-07-28 22:02 - 2021-07-28 22:02 - 000325214 _____ C:\Users\balou\Downloads\Infos Residence Medailles Militaires1.pdf 2021-07-28 20:19 - 2021-07-28 20:19 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2021-07-23 20:49 - 2021-08-14 07:52 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-19 21:35 - 2021-07-19 21:36 - 000000000 ___RD C:\Users\balou\AppData\Local\PCHealthCheck 2021-07-19 21:35 - 2021-07-19 21:35 - 000001355 _____ C:\Users\balou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-07-18 15:07 - 2021-07-18 15:07 - 000000000 ____D C:\Users\balou\AppData\Local\— 2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-17 09:07 - 2021-07-17 09:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-17 09:07 - 2021-07-17 09:07 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-08 17:23 - 2021-07-08 17:23 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-08 17:23 - 2021-07-08 17:23 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-08 17:23 - 2021-07-08 17:23 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-08 17:23 - 2021-07-08 17:23 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-08 17:23 - 2021-07-08 17:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-08 17:23 - 2021-07-08 17:23 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-08 17:23 - 2021-07-08 17:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-08 17:22 - 2021-07-08 17:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-08 17:22 - 2021-07-08 17:22 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-07 08:14 - 2021-07-07 08:14 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard 2021-07-07 08:14 - 2021-07-07 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12 2021-06-26 17:56 - 2021-06-26 17:56 - 000000000 ____D C:\Users\balou\AppData\Roaming\Cybelsoft 2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL 2021-06-26 09:07 - 2005-09-12 13:58 - 000198640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCI32.OCX 2021-06-25 15:08 - 2021-08-11 07:45 - 000000000 ____D C:\BluetoothExchangeFolder 2021-06-25 15:08 - 2021-06-25 15:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf 2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\es-cl 2021-06-25 15:06 - 2021-06-25 15:07 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files\CSR 2021-06-25 15:06 - 2021-06-25 15:06 - 000000000 ____D C:\Program Files (x86)\CSR 2021-06-22 08:31 - 2021-06-22 08:31 - 000001160 _____ C:\Users\balou\Desktop\Goeffroy st hilaire - Raccourci.lnk 2021-06-19 17:22 - 2021-05-19 20:35 - 001151992 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2021-06-12 19:23 - 2021-06-12 19:23 - 002666856 _____ C:\Users\balou\Desktop\Transformer une alimentation de PC en alimentation d’atelier – L'Atelier du Geek.pdf 2021-06-06 15:53 - 2021-08-13 18:10 - 000000000 ____D C:\Program Files (x86)\Wondershare 2021-06-03 19:30 - 2021-07-28 21:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Users\balou\AppData\Roaming\Carthago 2021-06-03 16:07 - 2021-06-03 16:07 - 000000000 ____D C:\Program Files\BingSnap 2021-06-02 16:56 - 2021-06-02 16:56 - 003063109 _____ C:\Users\balou\Desktop\pcastuces.pdf 2021-05-29 14:51 - 2021-05-29 14:51 - 005259776 _____ C:\Users\balou\Downloads\J'ai retrouve ton cartable1.pps 2021-05-28 20:32 - 2021-05-28 20:32 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-05-28 20:32 - 2021-05-28 20:32 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-05-28 20:32 - 2021-05-28 20:32 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-05-28 20:32 - 2021-05-28 20:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-05-28 20:31 - 2021-05-28 20:31 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-05-28 20:31 - 2021-05-28 20:31 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-05-28 20:31 - 2021-05-28 20:31 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-05-28 20:31 - 2021-05-28 20:31 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-05-28 20:31 - 2021-05-28 20:31 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ C:\Users\balou\AppData\Roaming\licecap.ini 2021-05-28 18:35 - 2021-05-28 18:35 - 000000000 ____D C:\Program Files (x86)\LICEcap 2021-05-24 22:55 - 2021-05-24 22:55 - 008228562 _____ C:\Users\balou\Downloads\blague.mp4 2021-05-24 22:53 - 2021-05-24 22:53 - 008390359 _____ C:\Users\balou\Downloads\F-A-18 Carrier break and landing1.mp4 2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\Smart_Disk_Checker 2021-05-23 19:55 - 2021-05-23 19:55 - 000000000 ____D C:\Users\balou\AppData\Local\IsolatedStorage 2021-05-22 18:40 - 2021-05-22 18:40 - 000515584 _____ C:\Users\balou\Downloads\Probleme_chez_BMW1-111111.pps 2021-05-19 18:58 - 2021-05-19 18:58 - 002118130 _____ C:\Users\balou\Downloads\histoire IFF.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-14 17:07 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Roaming\ZHP 2021-08-14 17:07 - 2019-11-02 09:34 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-14 17:00 - 2020-05-31 11:07 - 000000000 ____D C:\Users\balou 2021-08-14 17:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-08-14 16:17 - 2019-11-01 18:18 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-14 16:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-14 16:15 - 2019-11-01 21:10 - 000000000 ____D C:\Program Files\CCleaner 2021-08-14 16:12 - 2020-05-31 12:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-14 11:49 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-14 11:41 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Maintenance 2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-14 11:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-14 11:22 - 2020-03-22 09:06 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-14 09:16 - 2020-05-31 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-14 07:59 - 2020-05-31 11:59 - 001776794 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-14 07:59 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2021-08-14 07:59 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2021-08-14 07:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-14 07:58 - 2019-11-01 18:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-08-13 21:09 - 2021-01-30 17:34 - 000000000 ____D C:\Users\balou\AppData\LocalLow\Mozilla 2021-08-13 21:08 - 2019-11-01 17:38 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-13 18:10 - 2020-07-26 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2021-08-13 18:09 - 2019-11-01 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-13 18:08 - 2019-11-03 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2021-08-13 18:04 - 2019-11-02 09:16 - 000000000 ____D C:\Users\balou\AppData\Roaming\vlc 2021-08-13 17:12 - 2019-11-01 16:24 - 000000000 ___RD C:\Users\balou\Desktop\Autres raccourcis 2021-08-13 16:10 - 2020-11-03 11:24 - 000000000 ____D C:\Users\balou\AppData\Roaming\HpUpdate 2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\ProgramData\HP 2021-08-13 16:04 - 2020-11-03 11:24 - 000000000 ____D C:\Program Files (x86)\HP 2021-08-13 14:57 - 2019-11-22 16:25 - 000000000 ____D C:\Users\balou\AppData\Local\ZHP 2021-08-13 14:42 - 2021-02-20 16:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-13 14:40 - 2020-08-02 08:06 - 000591472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-13 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-13 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-13 11:57 - 2018-09-22 18:03 - 000414056 __RSH C:\bootmgr 2021-08-13 11:48 - 2019-11-01 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-13 11:46 - 2019-11-01 19:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-12 15:10 - 2019-11-01 16:51 - 000000000 ____D C:\Users\balou\AppData\Local\PlaceholderTileLogoFolder 2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files\Windows Sidebar 2021-08-12 14:46 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2021-08-12 07:31 - 2019-11-15 23:54 - 000049218 _____ C:\Users\balou\.sambox.cache 2021-08-11 21:06 - 2020-11-03 11:23 - 000000000 ____D C:\Users\balou\AppData\Local\HP 2021-08-11 21:06 - 2019-11-01 16:49 - 000000000 ____D C:\Users\balou\AppData\Local\Packages 2021-08-11 20:28 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media 2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ___HD C:\ProgramData\CanonIJScan 2021-08-11 20:27 - 2019-11-10 18:31 - 000000000 ____D C:\Users\balou\AppData\Roaming\Canon 2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2021-08-11 20:27 - 2019-11-02 08:56 - 000000000 ____D C:\Program Files (x86)\Canon 2021-08-11 20:20 - 2020-05-31 12:03 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3565519794-2566505848-2842821374-500 2021-08-11 20:20 - 2020-05-31 11:07 - 000002450 _____ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-11 20:20 - 2019-11-11 16:59 - 000000000 ___RD C:\Users\Administrateur\OneDrive 2021-08-11 20:20 - 2019-11-11 16:57 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Packages 2021-08-11 17:07 - 2019-11-01 16:24 - 000000000 ____D C:\Users\balou\Desktop\dossiers en cours 2021-08-11 16:52 - 2021-05-09 22:46 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-08-07 20:18 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files\NewBlue 2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2021-08-07 20:17 - 2020-08-07 08:23 - 000000000 ____D C:\Program Files (x86)\NewBlue 2021-08-07 20:15 - 2020-07-25 14:53 - 000000000 ____D C:\ProgramData\Corel 2021-08-07 20:15 - 2020-07-25 14:21 - 000000000 ____D C:\ProgramData\Pinnacle 2021-08-07 18:25 - 2019-11-01 16:23 - 000000000 ____D C:\Users\balou\Desktop\Jeux 2021-08-05 14:02 - 2020-05-31 12:03 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-05 14:02 - 2020-05-31 12:03 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-05 09:14 - 2021-01-06 17:11 - 000000114 ___RH C:\Users\balou\Downloads\Stinger.opt 2021-08-05 09:14 - 2020-08-06 11:16 - 000000000 ____D C:\Program Files\stinger 2021-08-05 09:07 - 2021-01-06 17:09 - 000000000 ____D C:\Program Files (x86)\stinger 2021-08-04 11:32 - 2019-11-01 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\temp 2021-08-03 18:37 - 2020-07-25 19:19 - 000000000 ____D C:\Users\balou\AppData\Local\Pinnacle 2021-08-03 18:37 - 2020-07-25 14:26 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2021-08-03 18:36 - 2020-07-25 14:27 - 000000000 ____D C:\Users\Public\Documents\Pinnacle 2021-08-03 18:30 - 2020-08-26 07:33 - 000006716 _____ C:\WINDOWS\system32\adorage-protocol.txt 2021-08-03 18:25 - 2020-07-25 19:19 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore 2021-08-03 18:25 - 2020-07-25 19:19 - 000000362 _____ C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt 2021-08-03 18:25 - 2020-07-25 14:27 - 000000349 _____ C:\WINDOWS\PCLECHAL.INI 2021-08-03 15:59 - 2020-08-07 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris FX Continuum CYBERLINK 2021-08-03 15:59 - 2020-08-01 11:23 - 000000000 ____D C:\ProgramData\CLSK 2021-08-03 15:58 - 2020-08-01 11:29 - 000000000 ___HD C:\ProgramData\CyberLink 2021-08-03 15:57 - 2020-08-02 18:49 - 000000000 ____D C:\ProgramData\install_clap 2021-08-03 15:57 - 2020-08-01 11:28 - 000000000 ____D C:\Program Files\Cyberlink 2021-08-03 15:50 - 2019-11-01 21:00 - 000000000 ____D C:\Users\balou\AppData\Roaming\avidemux 2021-08-02 10:21 - 2020-05-31 12:03 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-02 10:21 - 2020-05-31 12:03 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-01 18:51 - 2021-02-11 23:59 - 000000000 ____D C:\Program Files (x86)\Call of Duty 2021-07-30 21:50 - 2021-01-10 10:39 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-28 22:24 - 2021-03-06 16:11 - 000000000 ____D C:\ProgramData\Samsung 2021-07-28 20:31 - 2021-01-14 23:11 - 000000000 ____D C:\Program Files (x86)\Origin 2021-07-28 20:19 - 2019-11-27 19:12 - 000000000 ____D C:\Program Files (x86)\Intel 2021-07-28 20:19 - 2019-11-01 18:16 - 000000000 ____D C:\ProgramData\Package Cache 2021-07-27 18:51 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\résultats analyse philou 2021-07-25 10:43 - 2019-11-01 17:12 - 000000000 ____D C:\Users\balou\Documents\Papiers papa 2021-07-20 20:18 - 2020-05-31 12:03 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-07-19 22:15 - 2020-07-28 17:51 - 000002358 _____ C:\Users\Administrateur\Desktop\Microsoft Edge.lnk 2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-07-17 13:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-16 09:45 - 2021-02-20 16:43 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2021-07-16 09:45 - 2021-02-20 16:43 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll ==================== Fichiers à la racine de certains dossiers ======== 2021-04-22 22:55 - 2021-04-22 22:55 - 000000043 _____ () C:\Users\balou\IP_Log_Data.js 2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe 2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe 2020-03-13 19:33 - 2020-03-13 19:42 - 000000624 _____ () C:\Users\balou\AppData\Roaming\All CPU MeterV3_Settings.ini 2020-07-25 19:19 - 2021-08-03 18:25 - 000000362 _____ () C:\Users\balou\AppData\Roaming\DESKTOP-CPT119A.MTBF.txt 2020-11-23 16:16 - 2020-11-23 16:17 - 000000063 _____ () C:\Users\balou\AppData\Roaming\FalconX.cfg 2021-05-28 18:36 - 2021-05-28 18:39 - 000000145 _____ () C:\Users\balou\AppData\Roaming\licecap.ini 2021-04-22 22:55 - 2021-04-22 22:55 - 000000010 _____ () C:\Users\balou\AppData\Roaming\Network Meter_Usage.ini 2020-05-10 08:08 - 2021-06-11 17:59 - 000000114 _____ () C:\Users\balou\AppData\Roaming\Network Monitor II_#0_Traffic.ini 2021-04-22 23:00 - 2021-06-27 00:15 - 000000116 _____ () C:\Users\balou\AppData\Roaming\System Monitor II_UptimeRecord.ini 2019-11-22 16:51 - 2019-11-22 16:51 - 000122246 _____ () C:\Users\balou\AppData\Local\ars.cache 2019-11-22 16:51 - 2019-11-22 16:51 - 000384733 _____ () C:\Users\balou\AppData\Local\census.cache 2021-02-03 17:29 - 2021-02-03 17:29 - 000000038 _____ () C:\Users\balou\AppData\Local\cloudready_installer_uuid 2020-07-25 19:19 - 2020-07-25 19:19 - 000003584 _____ () C:\Users\balou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-11-22 16:35 - 2019-11-22 16:35 - 000000036 _____ () C:\Users\balou\AppData\Local\housecall.guid.cache 2021-02-20 21:37 - 2021-02-20 21:37 - 000007601 _____ () C:\Users\balou\AppData\Local\Resmon.ResmonCfg 2020-02-11 23:01 - 2020-03-03 19:56 - 000000071 _____ () C:\Users\balou\AppData\Local\uts.ini ==================== SigCheckExt ========================= 2009-07-14 03:25 - 2009-07-14 03:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll 2009-07-14 03:40 - 2009-07-14 03:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll 2020-05-06 09:48 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2020-05-06 09:48 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BJCE.DLL 2020-05-06 09:48 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMJCE.DLL 2020-07-25 20:51 - 2007-03-05 16:36 - 000070656 _____ (Pinnacle Systems) C:\WINDOWS\system32\PCLECoInst64.dll 2019-11-02 00:30 - 2019-11-08 10:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe 2009-07-14 03:41 - 2009-07-14 03:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll 2021-01-04 17:46 - 2016-09-29 10:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe 2021-06-26 09:07 - 2006-05-03 19:13 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.DLL 2021-08-14 11:19 - 2021-08-14 11:19 - 003260056 _____ (Nicolas Coolman) C:\Users\balou\ZHPCleaner.exe 2021-08-14 17:00 - 2021-08-14 17:00 - 003475096 _____ (Nicolas Coolman) C:\Users\balou\ZHPSuite.exe 2021-08-13 15:11 - 2021-08-14 17:07 - 002300416 _____ (Farbar) C:\Users\balou\Desktop\FRST64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {197b98a1-be81-11e8-84fa-e0bcc9f07fd4} device ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a2-be81-11e8-84fa-e0bcc9f07fd4} systemroot \windows nx OptIn winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {197b98a5-be81-11e8-84fa-e0bcc9f07fd4} device ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\Winre.wim,{197b98a6-be81-11e8-84fa-e0bcc9f07fd4} systemroot \windows nx OptIn winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {dcff31b9-475f-11e9-b8e2-dac3d9dc6ec6} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {de30e2e3-a324-11ea-81b4-503eaa099658} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {de30e2e6-a324-11ea-81b4-503eaa099658} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{de30e2e7-a324-11ea-81b4-503eaa099658} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {de30e2e3-a324-11ea-81b4-503eaa099658} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {de30e2e6-a324-11ea-81b4-503eaa099658} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {197b98a2-be81-11e8-84fa-e0bcc9f07fd4} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\197b98a1-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {197b98a6-be81-11e8-84fa-e0bcc9f07fd4} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\197b98a5-be81-11e8-84fa-e0bcc9f07fd4\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {dcff31ba-475f-11e9-b8e2-dac3d9dc6ec6} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {de30e2e7-a324-11ea-81b4-503eaa099658} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================