Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022 Exécuté par RD (administrateur) sur ROLDIC (Dell Inc. Inspiron 3847) (13-03-2022 18:29:31) Exécuté depuis C:\Users\RD\Desktop Profils chargés: RD Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1526 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe (C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe ->) (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe ->) (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe (services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (services.exe ->) (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (Pas de fichier) HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116056952 2022-02-23] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-02-15] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1514058905-1561428195-4176855323-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\LANTER~1.SCR [2047664 2015-12-26] (3Planesoft (Panichev Igor Valentinovich IP) -> 3Planesoft) HKLM\...\Windows x64\Print Processors\Canon MG6400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBT.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series: C:\WINDOWS\system32\CNMLMBT.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2022-01-10] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2020-10-14] ShortcutTarget: Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Raccourci.lnk [2020-10-27] ShortcutTarget: thunderbird.exe - Raccourci.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {07842194-C40A-4C1C-9E21-938C48774825} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1964832 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) Task: {0D78A7B1-17C0-4257-B93C-6C5786819BF4} - System32\Tasks\RD DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) Task: {10686CC9-CF22-4D11-9EF3-A8089B4F94E6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink Corp. -> CyberLink) Task: {11A8994B-BDE4-4533-92E4-79CF434D4710} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {13D025B2-653D-448A-B103-D199DCCD0423} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc) Task: {261E0AEC-EBB5-4D71-BC7D-CECC61A77F98} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {2DF242F7-7BFF-48DC-A38C-FBF383CF6FA9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier) Task: {35E09C9E-013D-40EF-B725-59F97BD17464} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {37346067-3ECD-43BB-8C0B-2C15F6757687} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {380D2C0E-1F18-4DC0-A087-3FE374C7D30C} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [157216 2014-10-31] (Leader Technologies Inc -> Aviata Inc) Task: {402E9A36-0863-4759-BB24-0F54BC744A78} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe (Pas de fichier) Task: {40793E25-0EA0-49B5-ABF8-82058EC4C875} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Pas de fichier <==== ATTENTION Task: {45E1BDB0-09A0-4715-9757-BBB4C000EC07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {4A6EA92F-B7F3-4FDD-BD00-75423CF6DF13} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {62E2D959-4246-4C03-86DB-B78A72EF891C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {6451F131-FFFD-4EF2-8402-68EA88838B4D} - System32\Tasks\GoogleUpdateTaskMachineUA1cff05ab570ed90 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {68E136FD-3683-46DB-88AC-6438A2A0D758} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {6FD967F2-D8D8-49D4-AAAC-692D0D0211C3} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-02-15] (Garmin International, Inc. -> ) Task: {798D6366-6D75-401F-B90E-9FD30541F9BC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (Pas de fichier) Task: {85441B90-5162-4FC1-9902-AA5E2B621F5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {98AE3EE0-3819-4183-98A6-96798521ABD2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111000 2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {AB501500-D754-460B-B39A-2B8C2CA62987} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {AC646701-F07C-4EC7-8EC4-EBF614CA0275} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {BBDB6C73-4225-40B2-A292-7E41F34B8E45} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {BCD56E94-2FAE-44CE-BDDE-4F07B1C825AB} - System32\Tasks\CCleanerSkipUAC - RD => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C5409C24-1BB0-4D62-A105-CD2DDA8B377A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {C6F09FDA-016E-4D23-8F1D-E60DDDD84C26} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {C8826869-D6C6-4365-AC8D-BBB93586A063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB0037C2-2583-4AB1-A817-A422A63B1444} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {CB9B601D-40BB-42DB-AE8B-68CA606C14BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580640 2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D0A07190-93BE-4EED-B7F8-5C3A0A306FBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580640 2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {D455AE13-28E0-4168-BEEF-EBE31BA47F3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {D703BF90-C5B3-45A9-848B-FAF56017EB39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D9A7F87A-A2F6-4B26-B904-7775D4079499} - \WPD\SqmUpload_S-1-5-21-1514058905-1561428195-4176855323-1001 -> Pas de fichier <==== ATTENTION Task: {EBF7BF96-9F3A-451C-BF04-05F766929B5D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {EE17CF3D-6E69-4E9B-919E-23B1ACF567AA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111000 2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {F85604E9-3802-4E50-BEDE-9A9504B6AAC7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {FE60FFE8-823C-4C8D-99C0-9199EE5EF098} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{482b4d02-b2b9-42ce-aa73-9d2eabf9ab4f}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{7745954f-d280-4f8f-a50b-9b94d395ce0a}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{e2c65305-0d6f-4aa6-a7d7-0bc3a1994eb7}: [DhcpNameServer] 192.168.0.254 Edge: ======= DownloadDir: C:\Users\RD\Downloads Edge Notifications: HKU\S-1-5-21-1514058905-1561428195-4176855323-1001 -> hxxps://assiste.com Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\RD\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-11] Edge HomePage: Default -> hxxps://duckduckgo.com/?atb=v257-2__&atb=v257-2__ FireFox: ======== FF DefaultProfile: yi53dg0h.default-1577089755216 FF ProfilePath: C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 [2022-03-13] FF Homepage: Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 -> hxxps://www.startpage.com/?sc=wCTNEZZc9sGh20 FF Notifications: Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216 -> hxxps://www.instagram.com; hxxps://www.gouvernement.fr; hxxps://mail.protonmail.com; hxxps://vk.com; hxxps://www.castorama.fr; hxxps://twitter.com FF Extension: (Facebook Container) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\@contain-facebook.xpi [2021-08-04] FF Extension: (To Google Translate) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23] FF Extension: (clean-facebook) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2021-09-21] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-02-02] FF Extension: (uBlock Origin) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\uBlock0@raymondhill.net.xpi [2022-02-24] FF Extension: (Flagfox) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2022-03-01] FF Extension: (Startpage.com - recherche privé) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2021-10-06] FF Extension: (Video DownloadHelper) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02] FF Extension: (Blue Gradient Contrast) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{e183ff14-bc19-4198-9b3b-cad34dceea60}.xpi [2021-03-09] FF Extension: (Blueprint) - C:\Users\RD\AppData\Roaming\Mozilla\Firefox\Profiles\yi53dg0h.default-1577089755216\Extensions\{f2cd84b1-dd5c-40d8-905c-95a91ef7ae12}.xpi [2022-02-23] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2021-09-29] [non signé] FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default [2022-03-11] CHR Extension: (Docs) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-16] CHR Extension: (Google Drive) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-16] CHR Extension: (YouTube) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-16] CHR Extension: (Google Sheets) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-16] CHR Extension: (SiteAdvisor) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-08-16] CHR Extension: (Google Docs hors connexion) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-16] CHR Extension: (Gmail) - C:\Users\RD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-16] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-07] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-05] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-05-08] (PC-Doctor, Inc. -> PC-Doctor, Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Leader Technologies Inc -> Aviata, Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-27] (HP Inc. -> HP Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> ) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-11] (Malwarebytes Inc -> Malwarebytes) R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-08-13] (Seagate Technology LLC -> Seagate Technology LLC) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (Dell Inc. -> SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6636376 2019-12-04] (TeamViewer GmbH -> TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BthMtpEnum; C:\WINDOWS\System32\drivers\BthMtpEnum.sys [73216 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2020-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-03-11] (Malwarebytes Inc -> Malwarebytes) R2 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [119528 2018-03-20] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-23] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-03-13 18:29 - 2022-03-13 18:30 - 000031496 _____ C:\Users\RD\Desktop\FRST.txt 2022-03-13 18:11 - 2022-03-13 18:11 - 002364928 _____ (Farbar) C:\Users\RD\Desktop\FRST64.exe 2022-03-13 18:11 - 2022-03-13 18:11 - 000000000 ____D C:\Users\RD\Downloads\FRST-OlderVersion 2022-03-13 18:06 - 2022-03-13 18:06 - 000331720 _____ C:\Users\RD\Desktop\ZHPDiag.txt 2022-03-13 17:54 - 2022-03-13 17:54 - 000000902 _____ C:\Users\RD\Desktop\ZHPSuite.lnk 2022-03-13 16:59 - 2022-03-13 16:59 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-03-12 11:03 - 2022-03-12 11:03 - 000011761 _____ C:\Users\RD\Desktop\AdwCleaner[C101].txt 2022-03-11 16:48 - 2022-03-11 16:49 - 000000000 ____D C:\Users\RD\Documents\Rapports du 11.03.2022 2022-03-11 15:38 - 2022-03-11 15:38 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-03-11 15:38 - 2022-03-11 15:38 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-03-11 15:37 - 2022-03-11 15:37 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-03-11 15:37 - 2022-03-11 15:35 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-03-11 15:28 - 2022-03-11 15:28 - 002443448 _____ (Malwarebytes) C:\Users\RD\Downloads\MBSetup.exe 2022-03-11 15:03 - 2022-03-11 15:03 - 008540344 _____ (Malwarebytes) C:\Users\RD\Downloads\adwcleaner_8.3.1(1).exe 2022-03-11 14:28 - 2022-03-11 14:28 - 000000914 _____ C:\Users\RD\Downloads\ZHPCleaner.lnk 2022-03-11 14:27 - 2022-03-11 14:27 - 000001081 _____ C:\Users\RD\Downloads\ZHPCleaner.exe - Raccourci.lnk 2022-03-11 14:26 - 2022-03-11 14:26 - 003293848 _____ (Nicolas Coolman) C:\Users\RD\Downloads\ZHPCleaner.exe 2022-03-11 10:03 - 2022-03-11 10:03 - 000094962 _____ C:\ProgramData\1646989278.bdinstall.bin 2022-03-11 10:01 - 2022-03-11 10:01 - 000037485 _____ C:\ProgramData\1646989267.bdinstall.bin 2022-03-11 06:02 - 2022-03-11 10:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-03-10 15:47 - 2022-03-10 15:47 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1514058905-1561428195-4176855323-1001 2022-03-10 15:47 - 2022-03-10 15:47 - 000002452 _____ C:\Users\RD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-03-10 14:53 - 2022-03-10 14:53 - 000000000 ____D C:\Users\RD\Downloads\Wub 2022-03-10 14:47 - 2022-03-10 14:48 - 001035972 _____ C:\Users\RD\Downloads\Wub.zip 2022-03-09 16:33 - 2022-03-09 16:33 - 002885802 _____ C:\Users\RD\Desktop\Bit.pdf 2022-03-09 10:36 - 2022-03-09 10:36 - 000503436 _____ C:\Users\RD\Desktop\bookmarks-2022-03-09.json 2022-03-09 05:34 - 2022-03-09 05:34 - 000000000 ___HD C:\$WinREAgent 2022-03-08 18:09 - 2022-03-08 18:10 - 000000000 ____D C:\Users\RD\Documents\Rapports du 8.03.2022 2022-03-08 16:51 - 2022-03-13 18:30 - 000000000 ____D C:\FRST 2022-03-08 16:21 - 2022-03-13 18:06 - 000000000 ____D C:\Users\RD\AppData\Roaming\ZHP 2022-03-08 16:21 - 2022-03-11 11:21 - 000000000 ____D C:\Users\RD\AppData\Local\ZHP 2022-03-08 16:09 - 2022-03-08 16:09 - 003480216 _____ (Nicolas Coolman) C:\Users\RD\Downloads\ZHPSuite.exe 2022-03-07 17:23 - 2022-03-07 17:23 - 000000000 ____D C:\Users\RD\AppData\Local\mbam 2022-03-07 17:01 - 2022-03-08 15:04 - 000015155 _____ C:\Users\RD\Desktop\PCAstuce.odt 2022-03-07 10:55 - 2022-03-07 10:55 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-03-06 11:11 - 2022-03-06 11:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-03-06 11:10 - 2022-03-07 11:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-03-04 10:31 - 2022-03-04 10:58 - 500681017 _____ C:\Users\RD\Downloads\DONBASS - Anne-Laure Bonnel.mp4 2022-03-04 08:09 - 2022-03-04 08:09 - 000008731 _____ C:\Users\RD\Downloads\listeOperations(6).pdf 2022-02-28 07:44 - 2022-02-28 07:44 - 000003626 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask 2022-02-27 15:12 - 2022-03-01 15:55 - 000000000 ____D C:\Users\RD\Documents\Dicchi.Casalta 2022-02-26 05:49 - 2022-02-26 05:49 - 000000000 _____ C:\WINDOWS\system32\lic2.xml5151 2022-02-24 06:06 - 2022-02-24 06:08 - 010750390 _____ C:\Users\RD\Desktop\Vigilance.mp4 2022-02-22 10:30 - 2022-03-12 10:53 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-13 19:31 - 2022-03-13 17:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-02-11 06:33 - 2022-02-11 06:33 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-02-11 06:32 - 2022-02-11 06:32 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-02-11 06:31 - 2022-02-11 06:31 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-11 06:31 - 2022-02-11 06:31 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-02-11 06:31 - 2022-02-11 06:31 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-02-08 10:15 - 2022-02-08 10:15 - 000285440 _____ C:\Users\RD\Documents\J'ai subit le piratage de mon PC - Rolandin13 (rolandin13@free.fr) - 2022-02-05 1049.eml 2022-02-04 10:46 - 2022-02-04 10:46 - 000024677 _____ C:\Users\RD\Documents\Attestation appartement 2022.pdf 2022-02-01 06:25 - 2022-02-01 06:26 - 001829150 _____ C:\Users\RD\Desktop\La joie.mp4 2022-01-19 07:18 - 2022-01-19 07:18 - 000022496 _____ C:\Users\RD\Downloads\attestation-inscription-liste-electorale_DR.pdf 2022-01-14 06:26 - 2022-01-14 06:26 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 06:26 - 2022-01-14 06:26 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-06 09:43 - 2022-01-06 09:44 - 000008893 _____ C:\Users\RD\Downloads\listeOperations(5).pdf 2021-12-29 07:46 - 2021-12-29 07:49 - 048355143 _____ C:\Users\RD\Downloads\JYS.mp4 2021-12-28 10:28 - 2021-12-28 10:28 - 000003804 _____ C:\Users\RD\Downloads\0514146U0291640683729497.tsv 2021-12-28 10:20 - 2021-12-28 10:20 - 000003804 _____ C:\Users\RD\Downloads\0514146U0291640683222343.tsv 2021-12-21 05:42 - 2021-12-21 05:42 - 000108239 _____ C:\Users\RD\Downloads\calendrier-paiements-2022(1).pdf 2021-12-21 05:41 - 2021-12-21 05:41 - 000108239 _____ C:\Users\RD\Downloads\calendrier-paiements-2022.pdf 2021-12-20 17:52 - 2021-12-20 17:52 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-12-20 07:27 - 2021-12-20 07:27 - 000000945 _____ C:\Users\RD\Desktop\Windows Phone - Raccourci.lnk 2021-12-13 05:31 - 2022-03-10 15:47 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1514058905-1561428195-4176855323-1001 ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-03-13 17:54 - 2016-11-16 08:09 - 000000000 ____D C:\Users\RD\AppData\LocalLow\Mozilla 2022-03-13 17:44 - 2014-10-25 14:45 - 000000000 ____D C:\Program Files (x86)\Google 2022-03-13 17:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-03-13 17:27 - 2017-10-28 09:24 - 000000000 ____D C:\Program Files\CCleaner 2022-03-13 17:04 - 2014-08-04 23:16 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2022-03-13 17:01 - 2014-10-24 05:33 - 000000000 ____D C:\ProgramData\Mozilla 2022-03-13 16:59 - 2016-01-20 19:18 - 000000000 __SHD C:\Users\RD\IntelGraphicsProfiles 2022-03-13 10:39 - 2020-08-03 11:49 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-03-13 10:39 - 2019-12-07 15:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2022-03-13 10:39 - 2019-12-07 15:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2022-03-13 10:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-03-13 10:37 - 2018-10-20 15:12 - 000000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-03-13 08:37 - 2021-04-29 15:47 - 000000000 ___RD C:\Users\RD\Documents\CIQ 2022-03-13 08:16 - 2020-08-03 11:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-03-12 19:43 - 2020-07-21 05:14 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-03-12 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-03-12 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-03-12 10:53 - 2020-08-03 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-03-12 10:53 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2022-03-11 15:37 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-03-11 15:31 - 2017-10-12 09:41 - 000000000 ____D C:\Program Files\Malwarebytes 2022-03-11 15:31 - 2014-10-27 16:16 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-03-11 11:06 - 2014-10-24 05:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-03-11 11:06 - 2014-08-04 23:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-03-11 11:04 - 2014-08-04 23:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2022-03-11 11:04 - 2014-08-04 23:04 - 000000000 ____D C:\ProgramData\CLSK 2022-03-11 11:04 - 2014-08-04 23:04 - 000000000 ____D C:\Program Files (x86)\CyberLink 2022-03-11 09:55 - 2014-10-30 10:06 - 000000000 ____D C:\Users\RD\AppData\Local\CrashDumps 2022-03-10 14:54 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2022-03-10 05:35 - 2020-08-03 12:05 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-03-10 05:35 - 2020-08-03 12:05 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-03-09 07:34 - 2020-11-01 08:31 - 000000000 ____D C:\Users\RD\AppData\Roaming\Telegram Desktop 2022-03-08 17:44 - 2014-10-24 15:48 - 000000000 ____D C:\Users\RD\dwhelper 2022-03-07 17:55 - 2018-10-04 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-03-07 11:34 - 2018-12-25 06:31 - 000000000 ____D C:\Users\RD\Documents\C.Clean 2022-03-07 11:15 - 2016-06-14 10:16 - 000000000 ____D C:\Program Files (x86)\USB-set 2022-03-07 11:07 - 2020-09-05 09:43 - 000000000 ____D C:\WINDOWS\Minidump 2022-03-06 11:10 - 2017-08-11 09:53 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-03-05 10:45 - 2014-08-04 23:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-03-01 06:47 - 2017-07-12 15:46 - 000000000 ____D C:\ProgramData\Garmin 2022-02-28 07:44 - 2018-06-12 05:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2022-02-28 07:44 - 2017-07-12 15:46 - 000000000 ____D C:\Program Files (x86)\Garmin 2022-02-28 07:44 - 2014-10-30 16:16 - 000000000 ____D C:\ProgramData\Package Cache 2022-02-25 17:52 - 2014-10-24 15:46 - 000000000 ____D C:\Users\RD\AppData\Roaming\vlc 2022-02-23 11:54 - 2020-08-03 11:36 - 000000000 ____D C:\Users\RD 2022-02-23 10:05 - 2014-12-06 08:05 - 000000000 ___RD C:\Users\RD\Identité 2022-02-23 05:32 - 2018-05-07 20:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-02-21 16:37 - 2018-01-25 18:05 - 000000000 ____D C:\Users\RD\AppData\Local\PlaceholderTileLogoFolder 2022-02-20 05:42 - 2021-01-23 05:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-02-17 17:25 - 2021-01-09 10:51 - 000001416 _____ C:\Users\RD\Desktop\Icones - Raccourci.lnk 2022-02-17 17:25 - 2014-10-27 09:52 - 000000000 ___RD C:\Users\RD\Documents\Icones 2022-02-17 17:15 - 2019-01-02 15:24 - 000001110 _____ C:\Users\RD\Desktop\QTranslate.lnk 2022-02-15 05:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-02-14 14:59 - 2014-10-30 08:36 - 000000000 ____D C:\Users\RD\AppData\Local\adslTV 2022-02-11 11:21 - 2020-08-03 11:33 - 000486224 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-02-11 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-02-11 11:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-02-11 06:31 - 2020-08-03 11:37 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-02-11 05:50 - 2014-10-25 13:00 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-02-11 05:44 - 2014-10-25 13:00 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2014-11-13 10:21 - 2014-11-13 10:22 - 000000236 _____ () C:\Users\RD\AppData\Roaming\burnaware.ini 2015-05-10 09:44 - 2021-08-08 16:21 - 000008192 _____ () C:\Users\RD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-17 11:08 - 2015-03-17 11:08 - 000000017 _____ () C:\Users\RD\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2013-08-22 12:45 - 2013-08-22 12:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 12:43 - 2013-08-22 12:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll 2017-01-23 16:26 - 2014-05-13 21:06 - 000440320 _____ (Atheros) C:\WINDOWS\system32\athihvs.dll 2017-01-23 16:26 - 2014-05-13 21:07 - 000060416 _____ (Atheros) C:\WINDOWS\system32\athihvui.dll 2016-07-13 10:38 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-04-14 05:46 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2015-04-17 05:57 - 2014-10-29 02:59 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe 2015-04-17 06:02 - 2014-10-29 02:54 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2017-05-10 09:39 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2014-10-25 12:51 - 2014-07-10 05:08 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2015-09-09 05:08 - 2015-07-22 15:19 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2015-04-15 05:23 - 2015-03-14 02:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-01-29 17:01 - 2015-01-29 17:05 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\Setup1.exe 2015-01-29 17:01 - 2015-01-29 17:05 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE 2013-08-22 05:17 - 2013-08-22 05:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll 2013-08-22 05:14 - 2013-08-22 05:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll 2017-03-15 07:06 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL 2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2013-08-27 22:00 - 2013-08-27 22:00 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-10-30 08:19 - 2016-09-14 05:25 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 08:19 - 2016-09-14 05:25 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2FR.DLL 2004-02-22 23:00 - 2004-02-22 23:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 1998-07-12 23:00 - 1998-07-12 23:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCCLPFR.DLL 1998-07-12 22:00 - 1998-07-12 22:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL 1998-07-12 23:00 - 1998-07-12 23:00 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STDFTFR.DLL 2000-10-02 08:40 - 2000-10-02 08:40 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 1998-07-12 22:00 - 1998-07-12 22:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL 2022-03-13 18:11 - 2022-03-13 18:11 - 002364928 _____ (Farbar) C:\Users\RD\Desktop\FRST64.exe 2017-02-13 10:47 - 2017-02-13 10:48 - 001381582 _____ (Igor Pavlov) C:\Users\RD\Downloads\7z1604-x64.exe 2014-10-31 17:03 - 2014-10-31 17:03 - 001110476 _____ C:\Users\RD\Downloads\7z920.exe 2018-08-03 13:28 - 2018-08-03 13:32 - 061576084 _____ (Garmin Ltd or its subsidiaries) C:\Users\RD\Downloads\BaseCamp_470.exe 2019-01-13 16:14 - 2019-01-13 16:14 - 010961644 _____ (Oleg N. Scherbakov) C:\Users\RD\Downloads\captvty-2.7.9-autoextract.exe 2017-02-22 10:59 - 2017-02-09 15:48 - 002401792 _____ () C:\Users\RD\Downloads\Captvty.exe 2014-12-10 10:01 - 2014-12-10 10:01 - 003782822 _____ (DownloadHelper ) C:\Users\RD\Downloads\ConvertHelperSetup.exe 2015-04-28 15:52 - 2015-04-28 15:52 - 000417064 _____ () C:\Users\RD\Downloads\DellSystemDetectLauncher.exe 2014-10-25 15:01 - 2014-10-25 15:02 - 020032561 _____ (Circitor ) C:\Users\RD\Downloads\e-verbe_Setup.exe 2016-08-18 00:24 - 2016-08-18 00:26 - 005261690 _____ C:\Users\RD\Downloads\Emoticon.sfx.exe 2014-10-31 17:05 - 2014-10-31 17:05 - 004179293 _____ (Lavalys, Inc. ) C:\Users\RD\Downloads\everesthome220.exe 2014-11-03 11:32 - 2014-11-03 11:32 - 005816666 _____ ( ) C:\Users\RD\Downloads\La_Marmite_du_Chef_6.6.33.exe 2014-10-27 16:19 - 2014-10-27 16:20 - 029874045 _____ (Murielle Descerisiers ) C:\Users\RD\Downloads\Littre-windows-2.0.exe 2016-11-20 17:06 - 2016-11-20 17:11 - 072119403 _____ (Mediatronic Pty Ltd) C:\Users\RD\Downloads\MediaCoder-x64-0.8.47.5872.exe 2014-11-01 10:00 - 2014-11-01 10:00 - 000593160 _____ (Pierre TORRIS ) C:\Users\RD\Downloads\melquote.exe 2014-10-25 15:13 - 2014-10-25 15:13 - 005200936 _____ C:\Users\RD\Downloads\pf7-setup-fr.exe 2019-07-23 10:14 - 2019-07-23 10:14 - 000991903 _____ C:\Users\RD\Downloads\QTranslate.6.7.3.exe 2017-11-20 10:10 - 2017-11-20 10:10 - 002857749 _____ C:\Users\RD\Downloads\Radio_Fr_solo-Install.exe 2014-08-13 10:16 - 2014-08-13 10:16 - 000478720 _____ C:\Users\RD\Downloads\setup.exe 2016-06-14 10:14 - 2016-06-14 10:15 - 000551103 _____ (Infoadom 38 ) C:\Users\RD\Downloads\setup_USB-set.exe 2019-05-01 15:08 - 2019-05-01 15:10 - 039926376 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.2.4.exe 2019-12-23 15:21 - 2019-12-23 15:23 - 042548424 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.3.0(1).exe 2019-09-06 09:14 - 2019-09-06 09:16 - 042548424 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.3.0.exe 2020-05-11 08:58 - 2020-05-11 09:00 - 043467824 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.5.0.exe 2020-12-17 07:31 - 2020-12-17 07:33 - 044757608 _____ (DownloadHelper ) C:\Users\RD\Downloads\VdhCoAppSetup-1.6.0.exe 2022-03-11 14:26 - 2022-03-11 14:26 - 003293848 _____ (Nicolas Coolman) C:\Users\RD\Downloads\ZHPCleaner.exe 2022-03-08 16:09 - 2022-03-08 16:09 - 003480216 _____ (Nicolas Coolman) C:\Users\RD\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {de184c8e-1c34-11e4-adc1-f8bc128429dc} {de184c89-1c34-11e4-adc1-f8bc128429dc} {de184c8a-1c34-11e4-adc1-f8bc128429dc} {de184c8b-1c34-11e4-adc1-f8bc128429dc} {8a49b5ac-17ff-11e4-8e61-90b11c82c2f8} {8a49b5ad-17ff-11e4-8e61-90b11c82c2f8} {92156eef-1c22-11e4-8251-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {8a49b5ac-17ff-11e4-8e61-90b11c82c2f8} description P0: WDC WD10EZEX-75M2NA0 Application logicielle (101fffff) -------------------------------- identificateur {8a49b5ad-17ff-11e4-8e61-90b11c82c2f8} description P4: PLDS DVD+/-RW DH-16AES Application logicielle (101fffff) -------------------------------- identificateur {92156eef-1c22-11e4-8251-806e6f6e6963} description Realtek PXE B03 D00 Application logicielle (101fffff) -------------------------------- identificateur {de184c89-1c34-11e4-adc1-f8bc128429dc} description Realtek PXE B03 D00 Application logicielle (101fffff) -------------------------------- identificateur {de184c8a-1c34-11e4-adc1-f8bc128429dc} description P0: WDC WD10EZEX-75M2NA0 Application logicielle (101fffff) -------------------------------- identificateur {de184c8b-1c34-11e4-adc1-f8bc128429dc} description P4: PLDS DVD+/-RW DH-16AES Application logicielle (101fffff) -------------------------------- identificateur {de184c8e-1c34-11e4-adc1-f8bc128429dc} device partition=\Device\HarddiskVolume1 path \EFI\BOOT\BOOTX64.EFI description UEFI OS Chargeur de d‚marrage Windows ----------------------------- identificateur {c1cb4eef-522a-11e8-8e2a-c0dd76be284c} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c1cb4ef0-522a-11e8-8e2a-c0dd76be284c} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c1cb4ef0-522a-11e8-8e2a-c0dd76be284c} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{eec617ea-d57c-11ea-977e-b2a25f2b7ee0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{eec617ea-d57c-11ea-977e-b2a25f2b7ee0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {eec617e7-d57c-11ea-977e-b2a25f2b7ee0} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {eec617e9-d57c-11ea-977e-b2a25f2b7ee0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {eec617ea-d57c-11ea-977e-b2a25f2b7ee0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================