Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021 Exécuté par KIKI (administrateur) sur DESKTOP-RDLJTG1 (Hewlett-Packard HP TouchSmart 7320 Lavaca-B EU L6 PC) (23-11-2021 14:06:14) Exécuté depuis C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads Profils chargés: KIKI Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.1348 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27> (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\ZHP\ZHPSuite.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [50416 2015-06-30] (Integrated Device Technology Inc. -> Hewlett-Packard) HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" (Pas de fichier) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1712656 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-405821695-555522263-4165001189-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-405821695-555522263-4165001189-1007\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-405821695-555522263-4165001189-1007\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy-x32: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {28B2FF84-98D2-4A52-BC68-A1AF7D1AA50D} - pas de chemin du fichier Task: {2F867DA2-277A-48AA-B87C-22DBC2955B2A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-05] (Mozilla Corporation -> Mozilla Foundation) Task: {318900C0-C598-41CB-82D9-D369F0F8F4BC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {33442FAD-7671-4C6E-9EC5-AAC8F36C7565} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {3B52F680-6036-4BF2-9F2C-180198303130} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32704 2021-02-02] (Microsoft Corporation -> Microsoft) Task: {4E320C48-FC30-412B-A6A1-FD047BD0F711} - pas de chemin du fichier Task: {56B206C9-67DE-47A9-B336-FB80C46B0927} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck Task: {64B8A335-7472-42B7-82CE-99349FB9F6B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {67A665E5-6F46-4E01-856A-E101747D35A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {685C9E7D-F511-40B7-A92B-C9C25558051E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6E0FD01D-C847-4B7B-ACE9-4DA346E35057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {756BECB2-21F5-4E19-99E9-79F0967B171D} - System32\Tasks\ScanToPCActivationApp.exe_{7C88FC22-91F7-4150-AF04-B5CCC54FB64B} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {7F0B33AA-2FFB-4A84-A482-8E5855CEE263} - pas de chemin du fichier Task: {8F464162-95DC-4006-B49F-3C915604FE49} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938368 2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {A8DC4670-2D5A-459B-9365-44C6D8E8AAFA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2323928 2021-02-02] (Microsoft Corporation -> Microsoft) Task: {AFEBAAA4-B9F2-4498-BDA2-A01BA6B5E822} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-04] (Google LLC -> Google LLC) Task: {B0BA74A1-E4A6-4C0F-968E-BD4FB01A43D9} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-10-20] () [Fichier non signé] Task: {B852237A-3C94-4350-AEC5-21E050F75C0C} - System32\Tasks\CCleanerSkipUAC - KIKI => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BF113F89-54F8-411F-832E-8050F83C9EB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {C57CD941-0E6D-406F-A705-4C31CA13F98E} - System32\Tasks\HP Photosmart 5510 series.exe_{23D4A10C-F3F8-49DA-9C3C-2FE9B664C71D} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HP Photosmart 5510 series.exe [5420136 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) -> -install -prfn "HP Photosmart 5510 series (réseau)" -ePCUrl "https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak8%2F&cc=fr&modelName=HP%20Photosmart%205510%20series&serialNo=CN1C1266H3&serialNo_Extra=05NR&modelID=CQ176B&serviceID=22041&lang=fr&usagetype=002" Task: {D4E42306-DA6F-4AD7-ADD9-22FD538CCA86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-04] (Google LLC -> Google LLC) Task: {D6AEBB29-6534-4306-B13B-D68298DBCE72} - System32\Tasks\Toolbox.exe_{4FD2F124-7217-4C61-B371-92669C263C58} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe [3985512 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {DA1E043B-ECB0-44E5-A819-FEF6CF2B9313} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {DA68254A-2B2B-495B-B76C-C3E3C5A987CF} - pas de chemin du fichier Task: {DB423374-B6B3-444E-A92C-15D14C2C4FB5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {EFB604FA-1A41-47E3-9F10-7FE2B90D5DD8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463176 2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {F1171CE1-D1F4-4CC3-B8E7-600D98BEBAD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{85767dec-76fc-40cf-94fe-5d993277a1d4}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-21] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-19] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: lqc4gws0.default FF ProfilePath: C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Mozilla\Firefox\Profiles\lqc4gws0.default [2021-10-16] FF user.js: detected! => C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Mozilla\Firefox\Profiles\lqc4gws0.default\user.js [2021-10-23] FF ProfilePath: C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Mozilla\Firefox\Profiles\3265y63n.default-release-1637657577046 [2021-11-23] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default [2021-11-23] CHR Extension: (Slides) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-04] CHR Extension: (Docs) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-04] CHR Extension: (Google Drive) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-04] CHR Extension: (YouTube) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-04] CHR Extension: (uBlock Origin) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-11-12] CHR Extension: (Sheets) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-04] CHR Extension: (Google Docs hors connexion) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-04] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-04] CHR Extension: (Gmail) - C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-04] CHR Profile: C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-21] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [98312 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-09] (Apple Inc. -> Apple Inc.) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288392 2021-04-09] (HP Inc. -> HP Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-11-23] (Malwarebytes Inc -> Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350216 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [36312 2017-10-24] (ITE Tech. Inc. -> ITE Tech. Inc.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-08] (Malwarebytes Inc -> Malwarebytes) R3 MpKsl7cf02c22; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E77B3A0A-5A42-40ED-8B62-237656F9450D}\MpKslDrv.sys [130296 2021-11-23] (Microsoft Windows -> Microsoft Corporation) R3 NWVoltron; C:\WINDOWS\System32\drivers\NWVoltron.sys [28920 2015-07-09] (NextWindow -> ) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561672 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.) R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-23 14:05 - 2021-11-23 14:05 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64 (2).exe 2021-11-23 14:04 - 2021-11-23 14:04 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64 (1).exe 2021-11-23 14:00 - 2021-11-23 14:00 - 000280445 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\ZHPDiag.txt 2021-11-23 13:50 - 2021-11-23 13:50 - 000342776 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\ZHPDiag.html 2021-11-23 12:45 - 2021-11-23 12:45 - 000001754 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\MBAM.txt 2021-11-23 12:18 - 2021-11-23 13:52 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\Nouveau dossier 2021-11-23 12:17 - 2021-11-23 12:17 - 002101944 _____ (Malwarebytes) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\MBSetup (2).exe 2021-11-23 12:17 - 2021-11-23 12:17 - 002101944 _____ (Malwarebytes) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\MBSetup (1).exe 2021-11-23 10:44 - 2021-11-23 10:44 - 002101944 _____ (Malwarebytes) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\MBSetup.exe 2021-11-23 10:30 - 2021-11-23 12:07 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\ZHPCLEANER 2021-11-23 10:18 - 2021-11-23 10:34 - 000000000 ____D C:\AdwCleaner 2021-11-23 10:18 - 2021-11-23 10:18 - 008553680 _____ (Malwarebytes) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\adwcleaner_8.3.0.exe 2021-11-23 10:01 - 2021-11-23 10:02 - 003291288 _____ (Nicolas Coolman) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ZHPCleaner.exe 2021-11-23 09:59 - 2021-11-23 09:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-11-22 19:23 - 2021-11-22 19:23 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-405821695-555522263-4165001189-1007 2021-11-22 19:23 - 2021-11-22 19:23 - 000002446 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-22 18:37 - 2021-11-22 18:37 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Wub (1) 2021-11-22 18:36 - 2021-11-22 18:36 - 001004586 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Wub (1).zip 2021-11-22 18:32 - 2021-11-22 18:32 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Wub 2021-11-22 18:31 - 2021-11-22 18:31 - 001004586 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Wub.zip 2021-11-22 16:12 - 2021-11-22 16:12 - 000041849 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Shortcut.txt 2021-11-22 16:10 - 2021-11-22 16:12 - 000027935 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Addition.txt 2021-11-22 16:04 - 2021-11-23 14:07 - 000018050 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST.txt 2021-11-22 16:04 - 2021-11-23 14:07 - 000000000 ____D C:\FRST 2021-11-22 16:03 - 2021-11-22 16:03 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64.exe 2021-11-22 15:53 - 2021-11-23 14:00 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\ZHP 2021-11-22 15:53 - 2021-11-23 10:02 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\ZHP 2021-11-22 15:52 - 2021-11-22 15:52 - 003477656 _____ (Nicolas Coolman) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ZHPSuite.exe 2021-11-21 19:10 - 2021-11-21 19:10 - 000085074 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S333771785.pdf 2021-11-21 18:03 - 2021-11-21 18:03 - 000006911 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\N0G8G5R3GK-1-recapitulatif-cni (1).pdf 2021-11-21 16:20 - 2021-11-21 16:20 - 000013294 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S333640279.pdf 2021-11-21 16:02 - 2021-11-21 16:02 - 000011922 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211121-StickerMR-81571330.pdf 2021-11-21 16:02 - 2021-11-21 16:02 - 000011922 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211121-StickerMR-81571330 (1).pdf 2021-11-20 18:50 - 2021-11-20 18:50 - 000011918 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211120-StickerMR-81484632.pdf 2021-11-20 14:59 - 2021-11-20 14:59 - 000023776 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\logo.svg 2021-11-19 13:36 - 2021-11-19 13:36 - 000011855 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211119-StickerMR-81365088 (1).pdf 2021-11-19 13:35 - 2021-11-19 13:36 - 000011855 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211119-StickerMR-81365088.pdf 2021-11-19 09:45 - 2021-11-19 09:45 - 000011885 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211119-StickerMR-81352766.pdf 2021-11-18 16:23 - 2021-11-18 16:23 - 000011892 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211118-StickerMR-81196259.pdf 2021-11-18 16:23 - 2021-11-18 16:23 - 000011892 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211118-StickerMR-81196259 (1).pdf 2021-11-18 16:07 - 2021-11-18 16:07 - 000085119 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S331897227 (1).pdf 2021-11-18 09:11 - 2021-11-18 09:11 - 000085119 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S331897227.pdf 2021-11-16 09:17 - 2021-11-16 09:18 - 000011909 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211116-StickerMR-81099420 (3).pdf 2021-11-16 09:07 - 2021-11-16 09:07 - 000089686 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330559023 (2).pdf 2021-11-16 09:07 - 2021-11-16 09:07 - 000089686 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330559023 (1).pdf 2021-11-16 09:07 - 2021-11-16 09:07 - 000013186 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330627382.pdf 2021-11-16 09:07 - 2021-11-16 09:07 - 000013186 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330627382 (1).pdf 2021-11-16 03:44 - 2021-11-16 03:44 - 000089686 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330559023.pdf 2021-11-16 03:38 - 2021-11-16 03:39 - 000011909 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211116-StickerMR-81099420 (2).pdf 2021-11-16 03:38 - 2021-11-16 03:38 - 000011909 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211116-StickerMR-81099420.pdf 2021-11-16 03:38 - 2021-11-16 03:38 - 000011909 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211116-StickerMR-81099420 (1).pdf 2021-11-15 19:09 - 2021-11-15 19:09 - 000027978 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330330710 (1).pdf 2021-11-15 19:06 - 2021-11-15 19:06 - 000011971 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211115-StickerMR-81089826.pdf 2021-11-15 19:06 - 2021-11-15 19:06 - 000011971 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211115-StickerMR-81089826 (1).pdf 2021-11-15 18:29 - 2021-11-15 18:29 - 000027978 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S330330710.pdf 2021-11-15 14:34 - 2021-11-15 14:34 - 000006974 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\NQ80M81U9Z-1-recapitulatif-cni NONO.pdf 2021-11-15 14:33 - 2021-11-15 14:33 - 000006974 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\NQ80M81U9Z-1-recapitulatif-cni.pdf 2021-11-15 14:24 - 2021-11-15 14:24 - 000006911 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\N0G8G5R3GK-1-recapitulatif-cni MOI.pdf 2021-11-15 14:23 - 2021-11-15 14:23 - 000006911 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\N0G8G5R3GK-1-recapitulatif-cni.pdf 2021-11-15 13:47 - 2021-11-15 13:47 - 000819228 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\comment-faire-pour-televerser-votre-photographie.pdf 2021-11-13 10:27 - 2021-11-13 10:09 - 1251746816 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\AVRIL 2021.bak 2021-11-12 12:30 - 2021-11-12 12:30 - 003836859 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\notice-installation-utilisation-nirvana-1280-1118i-compressee.pdf 2021-11-12 10:11 - 2021-11-12 10:11 - 000013172 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S327899348.pdf 2021-11-11 16:47 - 2021-11-11 16:47 - 000013257 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S327682882.pdf 2021-11-10 13:34 - 2021-11-10 13:34 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-10 13:34 - 2021-11-10 13:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-10 13:34 - 2021-11-10 13:34 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-10 13:33 - 2021-11-10 13:33 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-10 13:01 - 2021-11-10 13:01 - 000000000 ___HD C:\$WinREAgent 2021-11-08 15:31 - 2021-11-08 15:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-11-08 12:51 - 2021-11-08 12:51 - 000010653 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\DetailMessage.pdf 2021-11-08 12:51 - 2021-11-08 12:51 - 000010653 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\DetailMessage (1).pdf 2021-11-07 19:22 - 2021-11-07 19:22 - 000013184 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S325088596.pdf 2021-11-07 12:40 - 2021-11-07 12:40 - 000013179 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Vinted-FR-S324776158.pdf 2021-11-07 12:27 - 2021-11-07 12:27 - 000011955 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211107-StickerMR-80716347 (1).pdf 2021-11-07 12:26 - 2021-11-07 12:26 - 000011955 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\20211107-StickerMR-80716347.pdf 2021-11-06 10:13 - 2021-11-06 10:13 - 000026281 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Expedition-58694844(1).pdf 2021-11-06 10:11 - 2021-11-06 10:11 - 000026299 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Expedition-58694706.pdf 2021-11-06 10:11 - 2021-11-06 10:11 - 000026281 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Expedition-58694844.pdf 2021-11-06 10:11 - 2021-11-06 10:11 - 000026281 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Expedition-58694844 (2).pdf 2021-11-06 10:11 - 2021-11-06 10:11 - 000026281 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Expedition-58694844 (1).pdf 2021-11-04 18:35 - 2021-11-16 03:41 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-04 18:35 - 2021-11-16 03:41 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-11-04 18:35 - 2021-11-04 18:35 - 000000000 ____D C:\Program Files\Google 2021-11-04 18:34 - 2021-11-23 13:42 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-04 18:34 - 2021-11-04 18:45 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Google 2021-11-04 18:34 - 2021-11-04 18:34 - 001341272 _____ (Google LLC) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ChromeSetup.exe 2021-11-04 18:34 - 2021-11-04 18:34 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-11-04 18:34 - 2021-11-04 18:34 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-10-28 15:13 - 2021-10-28 15:13 - 000001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2021-10-28 15:13 - 2021-10-28 15:13 - 000001055 _____ C:\Users\Public\Desktop\Thunderbird.lnk 2021-10-28 15:13 - 2021-10-28 15:13 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Thunderbird 2021-10-28 15:13 - 2021-10-28 15:13 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Thunderbird 2021-10-28 15:13 - 2021-10-28 15:13 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2 2021-10-28 15:12 - 2021-11-22 12:13 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-10-28 15:11 - 2021-10-28 15:12 - 057243632 _____ (Mozilla) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\Thunderbird Setup 91.2.1.exe 2021-10-26 08:40 - 2021-10-26 08:40 - 001264416 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\recoverit_setup_full4159.exe 2021-10-23 17:42 - 2021-10-23 17:42 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\IOTransfer 2021-10-23 17:36 - 2021-10-23 17:36 - 000003654 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2021-10-23 17:35 - 2021-10-23 17:35 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled 2021-10-23 17:04 - 2021-11-05 08:21 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\MPC-HC 2021-10-23 17:00 - 2021-10-23 17:00 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update 2021-10-23 16:59 - 2021-10-23 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2021-10-23 16:59 - 2021-10-23 16:59 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2021-10-23 16:57 - 2021-10-23 16:57 - 049640905 _____ (KLCP ) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\k-lite-codec-pack-full-16-5-0.exe 2021-10-23 16:44 - 2021-10-23 16:47 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\vlc 2021-10-23 16:43 - 2021-10-23 16:43 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\vlc-3.0.16-win64 2021-10-23 16:15 - 2021-10-23 16:15 - 073030352 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\vlc-3.0.16-win64.zip 2021-10-23 11:40 - 2021-10-23 11:41 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\XnConvert 2021-10-23 11:40 - 2021-10-23 11:40 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\XnConvert-win-x64 2021-10-23 11:39 - 2021-10-23 11:39 - 039440954 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\XnConvert-win-x64.zip 2021-10-23 10:48 - 2021-10-23 10:48 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Brice_Lambson 2021-10-23 10:39 - 2021-10-23 10:45 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Apple Computer 2021-10-23 10:39 - 2021-10-23 10:39 - 000000000 ____D C:\ProgramData\Apple 2021-10-23 10:39 - 2021-10-23 10:39 - 000000000 ____D C:\Program Files\Common Files\Apple 2021-10-23 10:37 - 2021-10-23 10:37 - 000000000 ____D C:\WINDOWS\IObit 2021-10-23 10:29 - 2021-10-23 10:29 - 083062784 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit 2021-10-23 10:29 - 2021-10-23 10:29 - 006447104 _____ C:\WINDOWS\system32\config\DRIVERS.iobit 2021-10-23 10:29 - 2021-10-23 10:29 - 000987136 _____ C:\WINDOWS\system32\config\DEFAULT.iobit 2021-10-23 10:29 - 2021-10-23 10:29 - 000110592 _____ C:\WINDOWS\system32\config\SAM.iobit 2021-10-23 10:29 - 2021-10-23 10:29 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2021-10-23 10:16 - 2021-10-23 10:16 - 000000000 ____D C:\Program Files\Image Resizer for Windows 2021-10-23 10:15 - 2021-10-23 10:15 - 000000000 ____D C:\ProgramData\Package Cache 2021-10-23 10:15 - 2021-10-23 10:15 - 000000000 ____D C:\Program Files (x86)\Image Resizer for Windows 2021-10-23 10:14 - 2021-10-23 10:14 - 001106048 _____ (Brice Lambson) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ImageResizerSetup-3.1.2.exe 2021-10-21 10:27 - 2021-10-21 10:27 - 000456061 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\arnal.jpeg 2021-10-21 10:22 - 2021-10-21 10:22 - 000456061 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\ordonnance VSG 21-10.jpeg 2021-10-20 09:33 - 2021-10-20 09:33 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15} 2021-10-19 20:11 - 2021-10-19 20:13 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\dvdcss 2021-10-19 20:09 - 2021-10-20 09:37 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2021-10-19 20:09 - 2021-10-19 20:09 - 041372992 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\vlc-3.0.16-win32.exe 2021-10-16 16:09 - 2021-10-16 16:09 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-10-16 16:09 - 2021-10-16 16:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2021-10-16 15:21 - 2021-10-16 15:21 - 027097880 _____ (IObit ) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\driver_booster_setup.exe 2021-10-16 10:00 - 2021-10-16 10:00 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B} 2021-10-16 09:56 - 2021-10-25 18:45 - 000000000 ____D C:\ProgramData\ProductData 2021-10-16 09:56 - 2021-10-16 10:24 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\instinfo 2021-10-16 09:55 - 2021-10-25 18:45 - 000000000 ____D C:\Program Files (x86)\IObit 2021-10-16 09:55 - 2021-10-23 17:36 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\LocalLow\IObit 2021-10-16 09:55 - 2021-10-16 09:55 - 000000000 ____D C:\ProgramData\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952} 2021-10-16 09:54 - 2021-11-23 10:19 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\IObit 2021-10-16 09:54 - 2021-10-25 18:45 - 000000000 ____D C:\ProgramData\IObit 2021-10-16 09:02 - 2021-10-16 09:51 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Easeware 2021-10-13 12:40 - 2021-10-13 12:40 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-13 12:39 - 2021-10-13 12:39 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-09 10:37 - 2021-10-09 10:37 - 000000000 ____D C:\WINDOWS\Panther 2021-10-09 10:18 - 2021-10-09 10:18 - 000001420 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-10-09 10:18 - 2021-10-09 10:18 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\PCHealthCheck 2021-10-03 14:26 - 2021-10-03 14:26 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-10-03 14:26 - 2021-10-03 14:26 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-10-03 14:26 - 2021-10-03 14:26 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-10-03 14:24 - 2021-10-03 14:24 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-03 14:24 - 2021-10-03 14:24 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-09-24 09:16 - 2021-11-23 09:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-15 11:47 - 2021-09-15 11:47 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-15 11:47 - 2021-09-15 11:47 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-15 11:47 - 2021-09-15 11:47 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-15 11:47 - 2021-09-15 11:47 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll 2021-09-15 11:46 - 2021-09-15 11:46 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-15 11:46 - 2021-09-15 11:46 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-15 11:46 - 2021-09-15 11:46 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-15 11:45 - 2021-09-15 11:45 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-09 09:20 - 2021-09-09 09:20 - 000011891 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\suivi compteur Laurent.pdf 2021-09-07 13:18 - 2021-09-07 13:18 - 001646600 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\LINKY.pdf 2021-09-06 08:45 - 2021-09-06 08:45 - 000042502 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\COVID NONO.pdf 2021-09-06 08:42 - 2021-09-06 08:42 - 000042499 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\COVID MOI.pdf 2021-09-02 17:06 - 2021-09-02 17:06 - 000007906 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\attest.pdf 2021-08-25 17:05 - 2021-08-25 17:07 - 000247965 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Documents\alain periot.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-23 14:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-23 14:01 - 2021-04-07 18:06 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\LocalLow\Mozilla 2021-11-23 14:01 - 2021-03-22 15:35 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-23 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-11-23 13:42 - 2020-11-18 23:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-23 12:50 - 2021-03-27 14:32 - 000000000 ____D C:\Program Files\CCleaner 2021-11-23 12:48 - 2021-03-26 08:58 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-23 12:48 - 2020-11-19 00:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-23 12:47 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-11-23 12:19 - 2021-05-15 10:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-11-23 12:19 - 2021-05-15 10:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-11-23 12:18 - 2021-05-15 10:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-11-23 12:18 - 2021-05-15 10:23 - 000000000 ____D C:\Program Files\Malwarebytes 2021-11-23 11:43 - 2021-04-07 18:09 - 1259873280 _____ C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\AVRIL 2021.pst 2021-11-23 10:34 - 2021-04-03 18:03 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-11-23 09:53 - 2021-04-14 14:13 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\Desktop\Anciennes données de Firefox 2021-11-22 20:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-11-22 18:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-11-22 12:13 - 2021-03-22 15:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-22 08:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-21 18:23 - 2021-04-07 17:58 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\PlaceholderTileLogoFolder 2021-11-21 09:43 - 2021-05-12 18:19 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-21 09:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-20 14:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-20 14:06 - 2021-04-07 17:54 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Microsoft Help 2021-11-19 07:06 - 2020-11-19 00:48 - 000000000 ____D C:\ProgramData\Packages 2021-11-17 19:31 - 2021-03-26 09:10 - 001689148 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-17 19:31 - 2019-12-07 15:50 - 000758022 _____ C:\WINDOWS\system32\perfh00C.dat 2021-11-17 19:31 - 2019-12-07 15:50 - 000142950 _____ C:\WINDOWS\system32\perfc00C.dat 2021-11-17 19:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-17 13:20 - 2021-05-12 18:19 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-17 13:19 - 2021-05-12 18:19 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-15 17:52 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-11-14 18:10 - 2021-03-27 15:21 - 000000000 ____D C:\WINDOWS\SHELLNEW 2021-11-14 18:10 - 2015-10-30 08:24 - 000000167 _____ C:\WINDOWS\win.ini 2021-11-14 14:32 - 2021-04-07 18:04 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\D3DSCache 2021-11-10 20:29 - 2020-11-18 23:44 - 000456496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-10 20:27 - 2019-12-07 15:53 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-10 20:27 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-10 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-10 20:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-10 12:59 - 2016-08-30 22:00 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-10 12:57 - 2016-08-30 22:00 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-06 08:52 - 2021-03-26 16:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-05 08:24 - 2021-03-22 15:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-05 08:19 - 2021-04-29 18:27 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\CrashDumps 2021-11-03 09:47 - 2020-11-19 00:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-10-30 08:07 - 2021-04-07 17:54 - 000000000 ____D C:\Users\KIKI.DESKTOP-RDLJTG1\AppData\Local\Packages ==================== SigCheckExt ========================= 2017-05-17 17:29 - 2017-03-04 06:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2021-05-02 18:00 - 2019-11-08 09:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2012-10-18 09:32 - 2012-10-18 09:32 - 000255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646429.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2015-10-30 08:19 - 2017-02-20 14:59 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 08:19 - 2017-02-20 14:59 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2008-08-25 21:50 - 2008-08-25 21:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAME.DLL 2021-08-23 17:36 - 2021-08-23 17:36 - 000003812 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe 2021-08-23 17:36 - 2021-08-23 17:36 - 000003210 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2021-08-23 17:36 - 2021-08-23 17:36 - 000003206 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2021-11-23 14:04 - 2021-11-23 14:04 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64 (1).exe 2021-11-23 14:05 - 2021-11-23 14:05 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64 (2).exe 2021-11-22 16:03 - 2021-11-22 16:03 - 002311680 _____ (Farbar) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\FRST64.exe 2021-10-23 16:57 - 2021-10-23 16:57 - 049640905 _____ (KLCP ) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\k-lite-codec-pack-full-16-5-0.exe 2021-11-23 10:01 - 2021-11-23 10:02 - 003291288 _____ (Nicolas Coolman) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ZHPCleaner.exe 2021-11-22 15:52 - 2021-11-22 15:52 - 003477656 _____ (Nicolas Coolman) C:\Users\KIKI.DESKTOP-RDLJTG1\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {7fd2e4b1-a0e5-11e6-bc7c-806e6f6e6963} {7fd2e4b2-a0e5-11e6-bc7c-806e6f6e6963} {7fd2e4b4-a0e5-11e6-bc7c-806e6f6e6963} {7fd2e4b5-a0e5-11e6-bc7c-806e6f6e6963} {7fd2e4b6-a0e5-11e6-bc7c-806e6f6e6963} {7fd2e4b7-a0e5-11e6-bc7c-806e6f6e6963} {e25095a3-6ec6-11e6-aee2-c6f0a63977e1} {e0677960-f7ff-11e6-b459-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {e25095b9-6ec6-11e6-aee2-c6f0a63977e1} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b1-a0e5-11e6-bc7c-806e6f6e6963} description USB Floppy/CD Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b2-a0e5-11e6-bc7c-806e6f6e6963} description USB Hard Drive Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b4-a0e5-11e6-bc7c-806e6f6e6963} description ATAPI CD-ROM Drive Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b5-a0e5-11e6-bc7c-806e6f6e6963} description Unknown Device Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b6-a0e5-11e6-bc7c-806e6f6e6963} description USB Floppy/CD Application logicielle (101fffff) -------------------------------- identificateur {7fd2e4b7-a0e5-11e6-bc7c-806e6f6e6963} description Hard Drive Application logicielle (101fffff) -------------------------------- identificateur {e0677960-f7ff-11e6-b459-806e6f6e6963} description ATAPI CD-ROM Drive Application logicielle (101fffff) -------------------------------- identificateur {e0677961-f7ff-11e6-b459-806e6f6e6963} description Unknown Device Application logicielle (101fffff) -------------------------------- identificateur {e0677962-f7ff-11e6-b459-806e6f6e6963} description Realtek PXE B07 D00 Application logicielle (101fffff) -------------------------------- identificateur {e0677963-f7ff-11e6-b459-806e6f6e6963} description USB Floppy/CD Application logicielle (101fffff) -------------------------------- identificateur {e25095a3-6ec6-11e6-aee2-c6f0a63977e1} description Realtek PXE B07 D00 Application logicielle (101fffff) -------------------------------- identificateur {e25095a9-6ec6-11e6-aee2-c6f0a63977e1} description Hard Drive Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {e25095bc-6ec6-11e6-aee2-c6f0a63977e1} displaymessageoverride SystemRestore recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {e25095b9-6ec6-11e6-aee2-c6f0a63977e1} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {e25095bc-6ec6-11e6-aee2-c6f0a63977e1} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e25095bd-6ec6-11e6-aee2-c6f0a63977e1} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{e25095bd-6ec6-11e6-aee2-c6f0a63977e1} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {e25095b9-6ec6-11e6-aee2-c6f0a63977e1} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {e25095bc-6ec6-11e6-aee2-c6f0a63977e1} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {e25095bd-6ec6-11e6-aee2-c6f0a63977e1} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================