Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021 Exécuté par Boussard (administrateur) sur DESKTOP-37K5KUI (LENOVO 90G90077FR) (25-12-2021 21:40:37) Exécuté depuis C:\Users\Boussard\Desktop Profils chargés: Boussard Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348603.inf_amd64_fa39d09c96417156\B348469\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348603.inf_amd64_fa39d09c96417156\B348469\atiesrxx.exe (CYBERLINKCOM CORPORATION) C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26> (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LITE-ON TECHNOLOGY CORP. -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe (Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUAE.EXE (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076512 2020-03-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Lenovo Fundamental USB Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe [2644472 2017-04-10] (LITE-ON TECHNOLOGY CORP. -> Lenovo) HKU\S-1-5-21-807175300-3283391698-184716370-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-807175300-3283391698-184716370-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUAE.EXE [416408 2017-05-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\WINDOWS\system32\EFXLM16A.DLL [182784 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON WF-2860 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUAE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-16] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0D1D95E6-91DB-4979-A1C7-C68F6CFE04E8} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.) Task: {31CC7BCE-93A1-47BC-93C7-C7AB42E25748} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-10-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {34645166-455F-41CD-9AD0-62DD87E4AF9F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {3A45C6A2-779B-4751-B7F7-EAD65FF6E2F3} - System32\Tasks\CCleanerSkipUAC - Boussard => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {49AA0114-D5C2-46E2-9A9C-4D45C070FE80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-01] (Google LLC -> Google LLC) Task: {5E9BA357-D9DD-4547-90CC-E6A47E26D73C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {6BCFFB07-7B46-40DE-B268-63C45418475B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8e5e536d-aa0b-446b-8588-e99830ddbe45 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.) Task: {6C82C2E0-8031-48C8-9826-92E7A8C42265} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\54efe878-931f-4a1c-b640-acbfca61a591 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.) Task: {75468FA6-AD29-4015-B0E3-B21AF078A408} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {78495F6A-33CD-48C0-A3F8-A5192875295E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7D09069C-8F34-4AE4-BA3A-BADC46F889EF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-10-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7F3B8DDD-F1E5-4C6F-AA3B-4D4636708AAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B3397F5A-F066-4939-A542-F64D439D51E1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {BD2076F2-67D9-488C-8EA3-CF2BCF6B548A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.) Task: {BDC7C62C-5715-404B-B186-A659A3AE994F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DC7003AA-C9EA-41A4-94CE-1EBEB38487C4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\45d0c65b-51b5-4615-92ad-8eede2ccdf57 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.) Task: {DDCAC114-9D28-49A4-87FF-E78543F9CA2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-01] (Google LLC -> Google LLC) Task: {E5AAD240-DDED-4B1D-8F1E-2CA3F9A96368} - System32\Tasks\EPSON WF-2860 Series Update {4C7F6DFD-FBC9-4B70-9AC2-8B8550676FFB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUAE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {E761CD58-54E2-49E7-A20A-E0875D4D71C6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5138b6ee-c084-4700-a8ee-158194d2070a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.) Task: {EDA83E2C-0140-44A2-9801-4D07A1983F65} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-25] (Avast Software s.r.o. -> AVAST Software) Task: {F041147C-0C46-466C-9900-FB928A1F7091} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\EPSON WF-2860 Series Update {4C7F6DFD-FBC9-4B70-9AC2-8B8550676FFB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUAE.EXE:/EXE:{4C7F6DFD-FBC9-4B70-9AC2-8B8550676FFB} /F:UpdateWORKGROUP\DESKTOP-37K5KUI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0f1b18e2-0d62-44c7-9fe7-48933ab54e5a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3214f71d-14bd-4db1-a276-72115e432df1}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Boussard\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-25] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default [2021-12-25] CHR Notifications: Default -> hxxps://assiste.com; hxxps://www.francetvinfo.fr CHR Extension: (Slides) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-01] CHR Extension: (Docs) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-01] CHR Extension: (Google Drive) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01] CHR Extension: (YouTube) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-01] CHR Extension: (Sheets) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-01] CHR Extension: (Google Docs hors connexion) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01] CHR Profile: C:\Users\Boussard\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-24] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-10-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-12-16] (McAfee, LLC -> McAfee, LLC) R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek) S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek) R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-25] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1192040 2020-05-20] (Kaspersky Lab -> AO Kaspersky Lab) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860816 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-04-24] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-25 21:40 - 2021-12-25 21:41 - 000018508 _____ C:\Users\Boussard\Desktop\FRST.txt 2021-12-25 21:40 - 2021-12-25 21:41 - 000000000 ____D C:\FRST 2021-12-25 21:39 - 2021-12-25 21:38 - 000259372 _____ C:\Users\Boussard\Desktop\ZHPDiag.txt 2021-12-25 21:25 - 2021-12-25 21:26 - 002311168 _____ (Farbar) C:\Users\Boussard\Desktop\FRST64.exe 2021-12-25 10:41 - 2021-12-25 21:38 - 000000000 ____D C:\Users\Boussard\AppData\Roaming\ZHP 2021-12-25 10:41 - 2021-12-25 10:41 - 000000875 _____ C:\Users\Boussard\Desktop\ZHPSuite.lnk 2021-12-25 10:41 - 2021-12-25 10:41 - 000000000 ____D C:\Users\Boussard\AppData\Local\ZHP 2021-12-25 10:40 - 2021-12-25 10:40 - 003478168 _____ (Nicolas Coolman) C:\Users\Boussard\Desktop\ZHPSuite.exe 2021-12-24 17:46 - 2021-12-24 17:47 - 000000000 ____D C:\Users\Boussard\Desktop\Vidéos Lubin 2021-12-21 13:36 - 2021-12-21 13:36 - 001349894 _____ C:\Users\Boussard\Documents\Untitled Game.rbxl 2021-12-21 13:10 - 2021-12-21 13:10 - 000283272 _____ C:\Users\Boussard\Documents\Baseplate.rbxl 2021-12-20 08:40 - 2021-12-20 08:40 - 002775293 _____ C:\Users\Boussard\Downloads\erreurs_mac.zip 2021-12-19 15:46 - 2021-12-19 15:46 - 000129421 _____ C:\Users\Boussard\Documents\Flat Terrain.rbxl 2021-12-19 15:36 - 2021-12-19 15:36 - 001151189 _____ C:\Users\Boussard\Documents\Village.rbxl 2021-12-19 15:34 - 2021-12-19 16:27 - 000001254 _____ C:\Users\Boussard\Desktop\Roblox Studio.lnk 2021-12-15 17:39 - 2021-12-15 17:39 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-12-15 12:16 - 2021-12-15 12:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-12-15 12:16 - 2021-12-15 12:16 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-12-15 12:14 - 2021-12-15 12:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-12-15 12:14 - 2021-12-15 12:14 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-12-15 11:40 - 2021-12-15 11:40 - 000000000 ___HD C:\$WinREAgent 2021-12-13 10:54 - 2021-12-13 10:54 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-807175300-3283391698-184716370-1001 2021-12-02 08:21 - 2021-12-02 08:21 - 000084004 _____ C:\Users\Boussard\Downloads\BOMBO1911214835773081301_return.pdf 2021-12-02 08:21 - 2021-12-02 08:21 - 000084004 _____ C:\Users\Boussard\Downloads\BOMBO1911214835773081301_return (1).pdf 2021-11-29 10:53 - 2021-11-29 10:53 - 000110050 _____ C:\Users\Boussard\Downloads\INFO_TRIMESTRIELLE_ASSURANCE_VIE_CONTRATS_EN_UC_P47K4QT4YXL_tUNqGM72.pdf 2021-11-25 09:16 - 2021-11-25 09:16 - 000140037 _____ C:\Users\Boussard\Downloads\Releve_n_007_du_23_11_2021_339645818_9iAmoo7d.pdf 2021-11-15 08:08 - 2021-11-15 08:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-02 23:24 - 2021-11-02 23:24 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-02 23:24 - 2021-11-02 23:24 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-10-30 09:03 - 2021-10-30 09:03 - 000004272 _____ C:\Users\Boussard\Downloads\CA20211030_100329.xlsx 2021-10-26 09:09 - 2021-10-26 09:09 - 000143016 _____ C:\Users\Boussard\Downloads\Releve_n_006_du_25_10_2021_337900742_EY49K3l7.pdf 2021-10-24 11:51 - 2021-10-24 11:51 - 001613925 _____ C:\Users\Boussard\Documents\Western.rbxl 2021-10-23 10:01 - 2021-10-23 10:01 - 000000000 ____D C:\Users\Boussard\Downloads\tools 2021-10-23 10:00 - 2021-10-23 10:01 - 003154776 _____ (Mojang) C:\Users\Boussard\Downloads\Minecraft.exe.tmp 2021-10-23 09:46 - 2021-10-23 09:46 - 001659864 _____ (Roblox Corporation) C:\Users\Boussard\Downloads\RobloxPlayerLauncher (5).exe 2021-10-13 16:31 - 2021-10-13 16:31 - 000373324 _____ C:\Users\Boussard\Downloads\DEKRA.pdf 2021-10-13 00:12 - 2021-10-13 00:12 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-13 00:11 - 2021-10-13 00:11 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-13 00:11 - 2021-10-13 00:11 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-13 00:11 - 2021-10-13 00:11 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-11 18:03 - 2021-10-11 18:03 - 000025034 _____ C:\Users\Boussard\Downloads\lettre fin.pdf 2021-10-02 10:22 - 2021-10-02 10:22 - 001891739 _____ C:\Users\Boussard\Documents\chateau de lancelot.rbxl 2021-10-02 10:22 - 2021-10-02 10:22 - 000000076 _____ C:\Users\Boussard\Documents\chateau de lancelot.rbxl.lock 2021-10-02 09:41 - 2021-10-02 09:41 - 004678013 _____ C:\Users\Boussard\Documents\City.rbxl ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-25 21:31 - 2020-11-01 17:28 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-25 21:19 - 2021-03-30 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-25 21:16 - 2021-03-30 18:08 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5C019ECA-32C2-4981-8B12-050046770857} 2021-12-25 20:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-25 16:03 - 2021-03-30 18:02 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-25 16:03 - 2019-12-07 15:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat 2021-12-25 16:03 - 2019-12-07 15:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat 2021-12-25 16:03 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-25 16:01 - 2020-11-01 18:18 - 000000000 ____D C:\Program Files\CCleaner 2021-12-25 15:58 - 2020-12-24 16:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-12-25 15:57 - 2021-03-30 18:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-25 15:57 - 2021-03-30 17:46 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-25 15:57 - 2020-11-01 15:20 - 000065536 _____ C:\WINDOWS\psp_storage.bin 2021-12-25 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-25 15:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-12-24 20:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-24 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-24 18:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-12-24 18:36 - 2021-03-30 18:08 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-12-24 18:36 - 2021-03-30 18:08 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-12-24 18:26 - 2021-04-01 10:30 - 000000000 ____D C:\WINDOWS\Minidump 2021-12-24 18:26 - 2021-03-28 16:32 - 000000000 ___DC C:\WINDOWS\Panther 2021-12-24 18:26 - 2020-11-28 04:42 - 000000000 ____D C:\Users\Boussard\AppData\Local\CrashDumps 2021-12-23 10:19 - 2021-03-07 10:22 - 000000000 ____D C:\Users\Boussard\Desktop\Epson 2021-12-19 18:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-12-19 17:00 - 2020-11-01 15:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-19 16:28 - 2021-08-07 17:55 - 000000000 ____D C:\Users\Boussard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2021-12-19 15:35 - 2020-11-01 17:24 - 000000000 ____D C:\Users\Boussard\AppData\Local\D3DSCache 2021-12-19 15:34 - 2021-03-28 09:29 - 000000256 _____ C:\Users\Boussard\AppData\LocalLow\rbxcsettings.rbx 2021-12-16 08:53 - 2018-09-19 19:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-12-16 08:48 - 2021-06-23 07:58 - 000016955 _____ C:\Users\Boussard\Documents\suivi ca.ods 2021-12-16 01:33 - 2020-11-01 17:30 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-12-15 17:42 - 2021-03-30 17:46 - 000457976 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-12-15 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-12-15 11:39 - 2020-11-06 08:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-12-15 11:35 - 2020-11-06 08:06 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-12-13 10:54 - 2021-03-30 18:08 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-807175300-3283391698-184716370-1001 2021-12-13 10:54 - 2021-03-29 07:33 - 000002433 _____ C:\Users\Boussard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-12-13 00:40 - 2021-04-26 10:56 - 000003538 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d725868fb8586 2021-12-13 00:40 - 2021-03-30 18:08 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-11 17:59 - 2020-12-27 10:49 - 000000000 ____D C:\Users\Boussard\Documents\Mes documents ==================== Fichiers à la racine de certains dossiers ======== 2021-08-08 10:20 - 2021-08-08 10:20 - 000001234 _____ () C:\Users\Boussard\AppData\Roaming\AdobeWLCMR2Cache.dat ==================== SigCheckExt ========================= 2021-01-24 12:10 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe 1998-08-03 11:56 - 1997-02-27 00:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\ST5UNST.EXE 2021-06-16 16:04 - 2021-06-16 16:04 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE 1998-07-12 23:00 - 1998-07-12 23:00 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMCTLFR.DLL 2021-01-24 12:10 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 1999-04-12 23:00 - 1999-04-12 23:00 - 001046288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL 1998-07-06 23:00 - 1998-07-06 23:00 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL 1998-04-24 23:00 - 1998-04-24 23:00 - 000024848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL 1998-04-24 23:00 - 1998-04-24 23:00 - 000252176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL 1999-04-12 23:00 - 1999-04-12 23:00 - 000415504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL 1998-08-03 11:56 - 1998-03-14 15:47 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVBVM50.dll 2021-06-16 15:55 - 1997-02-27 00:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.dll 2020-12-24 18:02 - 2010-02-03 11:21 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL 1998-06-17 23:00 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL 1998-08-03 11:56 - 1998-03-14 15:47 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5FR.dll 1998-08-03 11:56 - 1998-08-03 11:56 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5StKit.dll 2000-10-01 23:00 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 1999-03-25 23:00 - 1999-03-25 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2021-12-25 21:25 - 2021-12-25 21:26 - 002311168 _____ (Farbar) C:\Users\Boussard\Desktop\FRST64.exe 2021-12-25 10:40 - 2021-12-25 10:40 - 003478168 _____ (Nicolas Coolman) C:\Users\Boussard\Desktop\ZHPSuite.exe 2021-08-08 08:15 - 2021-08-08 08:15 - 001799999 _____ ( ) C:\Users\Boussard\Downloads\AZ-Launcher_Installer (1).exe 2021-08-08 08:16 - 2021-08-08 08:16 - 001799999 _____ ( ) C:\Users\Boussard\Downloads\AZ-Launcher_Installer (2).exe 2021-06-05 12:40 - 2021-06-05 12:40 - 001799999 _____ ( ) C:\Users\Boussard\Downloads\AZ-Launcher_Installer.exe 2021-07-18 11:20 - 2021-07-18 11:21 - 000000000 _____ C:\Users\Boussard\Downloads\RobloxPlayerLauncher (4).exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {582a3568-fdb1-11e8-b32b-806e6f6e6963} {582a3567-fdb1-11e8-b32b-806e6f6e6963} {582a3569-fdb1-11e8-b32b-806e6f6e6963} {582a356a-fdb1-11e8-b32b-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {8dcfba28-1c4b-11eb-acf2-8883f2d299ab} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {582a3567-fdb1-11e8-b32b-806e6f6e6963} description UEFI: PXE IP6 Realtek PCIe GBE Family Controller Application logicielle (101fffff) -------------------------------- identificateur {582a3568-fdb1-11e8-b32b-806e6f6e6963} description UEFI: PXE IP4 Realtek PCIe GBE Family Controller Application logicielle (101fffff) -------------------------------- identificateur {582a3569-fdb1-11e8-b32b-806e6f6e6963} description CD/DVD Device Application logicielle (101fffff) -------------------------------- identificateur {582a356a-fdb1-11e8-b32b-806e6f6e6963} description Generic Usb Device Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {8dcfba2b-1c4b-11eb-acf2-8883f2d299ab} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {8dcfba28-1c4b-11eb-acf2-8883f2d299ab} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {8dcfba2b-1c4b-11eb-acf2-8883f2d299ab} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{8dcfba2c-1c4b-11eb-acf2-8883f2d299ab} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{8dcfba2c-1c4b-11eb-acf2-8883f2d299ab} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {8dcfba28-1c4b-11eb-acf2-8883f2d299ab} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {8dcfba2b-1c4b-11eb-acf2-8883f2d299ab} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {8dcfba2c-1c4b-11eb-acf2-8883f2d299ab} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================