Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2022 Exécuté par Boris (administrateur) sur BORIS (Micro-Star International Co., Ltd. GL62M 7RDX) (03-04-2022 11:09:54) Exécuté depuis C:\Users\Boris\Desktop Profils chargés: Boris Plate-forme: Microsoft Windows 10 Éducation Version 20H2 19042.1586 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe (D:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> ) D:\Riot Games\League of Legends\LeagueCrashHandler.exe (D:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Riot Games\League of Legends\LeagueClientUx.exe (D:\Riot Games\League of Legends\LeagueClientUx.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Riot Games\League of Legends\LeagueClientUxRender.exe <5> (D:\Riot Games\Riot Client\RiotClientServices.exe ->) () [Fichier non signé] D:\Riot Games\Riot Client\RiotClientCrashHandler.exe (D:\Riot Games\Riot Client\RiotClientServices.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Riot Games\League of Legends\LeagueClient.exe (DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxEM.exe (explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP OfficeJet 7510 series\Bin\ScanToPCActivationApp.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Riot Games\Riot Client\RiotClientServices.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <27> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Hi-Rez Studios) [Fichier non signé] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577475639d32bfed\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dbe5409d82f02c3f\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dbe5409d82f02c3f\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_1cacf25fc4e8a006\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP OfficeJet 7510 series\Bin\HPNetworkCommunicatorCom.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe (SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKU\S-1-5-21-1239015781-1633601583-440821419-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1239015781-1633601583-440821419-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1239015781-1633601583-440821419-1001\...\Run: [HP OfficeJet 7510 series (NET)] => C:\Program Files\HP\HP OfficeJet 7510 series\Bin\ScanToPCActivationApp.exe [3558408 2015-05-12] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKU\S-1-5-21-1239015781-1633601583-440821419-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Boris\AppData\Local\Microsoft\Teams\Update.exe [2492128 2022-03-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1239015781-1633601583-440821419-1001\...\Run: [ZAR App] => "C:\Users\Boris\AppData\Local\Programs\zar-app\ZAR App.exe" --hidden (Pas de fichier) HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP 7F12 Status Monitor: C:\Windows\system32\hpinksts7F12LM.dll [380424 2015-05-02] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 7510 series): C:\Windows\system32\HPDiscoPM7F12.dll [803848 2015-05-12] (Hewlett Packard -> Hewlett-Packard Development Company, LP) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0F176413-6E22-4C95-9F11-8AA7C725BDC1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1A98CDD1-12C1-42EC-8B6D-D82064ACB628} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1F5A1B81-F3D6-4092-BF51-03BFB7D77EDC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {387AC3CB-205D-4ABC-AC3F-EB15F6D74B8F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {44644234-7A22-4644-B262-4CDA657EF9DC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {48EB09F1-DD92-4CC1-8523-FE6BFD7C35ED} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-M7TFLD6-Boris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (Pas de fichier) Task: {50978691-1B71-453F-B8F0-5E3B64697333} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {58558FC7-DD7C-4AC4-968A-C35A8DED09D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {59CF5D6B-85F5-47B8-96E2-53691AD150D2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5ABA6A1C-4D01-452F-AB75-B8A8E49ACAE0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {62F0E2DE-2649-4D86-969E-0A9F9B9AA08D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {67E70375-DE16-495E-9C84-5671FA2711F2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.217\WatchDog.exe repair (Pas de fichier) Task: {780AEDD3-7D11-45D1-936A-ECF715EF8C6E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {8529CD29-E380-4EEC-B75B-ABF7EE49BF44} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {884E4D3D-8EB0-4EE6-8632-0F6F66F848A1} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset => {2755524D-68F2-4B39-A816-9DB31839C897} Task: {8963515E-8ED6-4A64-863D-E00E2ECDD7E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9F0B0041-93DA-4937-A33A-4F147533EF1D} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Pas de fichier) Task: {A933CEE2-5296-4766-A8AD-9288AD311633} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {AA71560F-B44A-4478-9ACF-F6576FEA43A2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CFE71BA7-A475-4F92-A009-6A2D7F77FE03} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D974A870-426F-4751-A310-27DE9312294B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E9A400BD-241A-4995-B4DC-D37565A2071D} - System32\Tasks\eteindre => shutdown /S Task: {FA186F57-13E5-450E-85C5-84CC7ADB091F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2022-02-10] (Adobe Inc. -> Adobe Inc.) Task: {FB292A1F-8189-45ED-A4FD-E7A622601BC4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{7ef3395d-defe-4e31-9009-16674f8c9d0e}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{dfd7fca2-d7ca-485b-8e4e-0aa8016cd5b8}: [DhcpNameServer] 10.1.3.253 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Profile: C:\Users\Boris\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-02] Edge Extension: (360 Viewer) - C:\Users\Boris\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmglcbnpblebkmcllnfcgamdelbbekge [2022-03-10] FireFox: ======== FF DefaultProfile: iq5ccz0u.default-1576137204758 FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\iq5ccz0u.default-1576137204758 [2022-04-03] FF Notifications: Mozilla\Firefox\Profiles\iq5ccz0u.default-1576137204758 -> hxxps://photos.google.com FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\iq5ccz0u.default-1576137204758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24] FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-04] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-04] <==== ATTENTION ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-30] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-12] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [Fichier non signé] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-02] (Malwarebytes Inc -> Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-31] (Microsoft Windows Publisher -> Microsoft Corporation) S2 bdredline_agent; "C:\Program Files\Bitdefender Agent\redline\bdredline.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_1cacf25fc4e8a006\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_1cacf25fc4e8a006\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-29] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-29] (Disc Soft Ltd -> Disc Soft Ltd) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-02] (Malwarebytes Inc -> Malwarebytes) R3 MpKsl88417424; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBAEABF9-8151-4725-87DE-F4480DD4A811}\MpKslDrv.sys [137464 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-31] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-31] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-03 11:09 - 2022-04-03 11:10 - 000022244 ____C C:\Users\Boris\Desktop\FRST.txt 2022-04-03 11:09 - 2022-04-03 11:09 - 000000000 ___DC C:\Users\Boris\Desktop\FRST-OlderVersion 2022-04-03 10:53 - 2022-04-03 10:53 - 000446548 ____C C:\Users\Boris\Desktop\ZHPDiag.html 2022-04-03 10:53 - 2022-04-03 10:53 - 000360435 ____C C:\Users\Boris\Desktop\ZHPDiag.txt 2022-04-03 10:44 - 2022-04-03 10:44 - 003481240 _____ (Nicolas Coolman) C:\Users\Boris\ZHPSuite.exe 2022-04-02 10:52 - 2022-04-02 10:52 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-04-02 10:52 - 2022-04-02 10:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-04-02 10:52 - 2022-04-02 10:52 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-04-02 10:52 - 2022-04-02 10:52 - 000000000 ____D C:\Users\Boris\AppData\Local\mbam 2022-04-02 10:52 - 2022-04-02 10:51 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-04-02 10:52 - 2022-04-02 10:51 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-04-02 10:51 - 2022-04-02 10:51 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-04-02 10:51 - 2022-04-02 10:51 - 000000000 ____D C:\Program Files\Malwarebytes 2022-04-02 10:40 - 2022-04-02 10:42 - 000000000 ____D C:\AdwCleaner 2022-04-02 10:40 - 2022-04-02 10:40 - 008540344 _____ (Malwarebytes) C:\Users\Boris\Desktop\adwcleaner_8.3.1.exe 2022-04-02 08:19 - 2022-04-02 08:19 - 003295944 _____ (Nicolas Coolman) C:\Users\Boris\Desktop\ZHPCleaner.exe 2022-04-02 08:19 - 2022-04-02 08:19 - 000000875 ____C C:\Users\Boris\Desktop\ZHPCleaner.lnk 2022-04-01 19:41 - 2022-04-01 19:41 - 000191552 ____C C:\Users\Boris\Desktop\D160ApplicationB.pdf 2022-04-01 19:40 - 2022-04-01 19:40 - 000169445 ____C C:\Users\Boris\Desktop\d160B.pdf 2022-04-01 17:15 - 2022-04-01 17:15 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2022-03-31 14:18 - 2022-03-31 14:18 - 000000000 ___DC C:\Users\Boris\Documents\Python Scripts 2022-03-31 13:31 - 2022-03-31 13:31 - 000111794 _____ C:\ProgramData\uninstalltool.1648726233.bdinstall.bin 2022-03-31 13:30 - 2022-03-31 13:30 - 019587152 _____ C:\Users\Boris\Desktop\Bitdefender_2020_Uninstall_Tool.exe 2022-03-31 13:26 - 2022-03-31 13:26 - 000000000 ___DC C:\Users\Boris\Desktop\Wub 2022-03-31 13:20 - 2022-03-31 13:20 - 006187327 _____ C:\Users\Boris\Desktop\crystaldiskinfo-portable-8-16-0.zip 2022-03-31 13:09 - 2022-03-31 13:09 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Nippon Ichi Software, Inc 2022-03-31 12:25 - 2022-04-03 11:10 - 000000000 ____D C:\FRST 2022-03-31 12:25 - 2022-04-03 11:09 - 002365440 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe 2022-03-31 12:04 - 2022-04-03 10:53 - 000000000 ____D C:\Users\Boris\AppData\Roaming\ZHP 2022-03-31 12:04 - 2022-04-03 10:44 - 000000724 ____C C:\Users\Boris\Desktop\ZHPSuite.lnk 2022-03-31 12:04 - 2022-04-02 08:19 - 000000000 ____D C:\Users\Boris\AppData\Local\ZHP 2022-03-31 12:03 - 2022-03-31 12:03 - 003480728 _____ (Nicolas Coolman) C:\Users\Boris\Desktop\ZHPSuite.exe 2022-03-25 09:44 - 2022-03-27 21:43 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-03-25 09:38 - 2022-03-25 09:38 - 000100260 _____ C:\ProgramData\agent.update.1648193892.bdinstall.v2.bin 2022-03-11 17:14 - 2022-03-11 17:14 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-03-11 17:13 - 2022-03-11 17:13 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-03-11 17:13 - 2022-03-11 17:13 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-03-11 17:13 - 2022-03-11 17:13 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-03-11 17:13 - 2022-03-11 17:13 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-03-11 17:13 - 2022-03-11 17:13 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-03-11 17:05 - 2022-03-11 17:05 - 000000000 ___HD C:\$WinREAgent 2022-03-05 20:57 - 2022-03-05 20:57 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-03-05 20:53 - 2022-02-10 20:42 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-03-05 20:53 - 2022-02-10 20:42 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-03-05 20:53 - 2022-02-10 20:42 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-03-05 20:53 - 2022-02-10 20:42 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-03-05 20:53 - 2022-02-10 20:42 - 001467840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-03-05 20:53 - 2022-02-10 20:42 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-03-05 20:53 - 2022-02-10 20:42 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-03-05 20:53 - 2022-02-10 20:42 - 001209280 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-03-05 20:53 - 2022-02-10 20:42 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-03-05 20:53 - 2022-02-10 20:42 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-03-05 20:53 - 2022-02-10 20:39 - 001531872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-03-05 20:53 - 2022-02-10 20:39 - 001176704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-03-05 20:53 - 2022-02-10 20:39 - 000797112 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-03-05 20:53 - 2022-02-10 20:39 - 000717760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-03-05 20:53 - 2022-02-10 20:39 - 000636032 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-03-05 20:53 - 2022-02-10 20:38 - 002120320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-03-05 20:53 - 2022-02-10 20:38 - 001602728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-03-05 20:53 - 2022-02-10 20:38 - 000983992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-03-05 20:53 - 2022-02-10 20:38 - 000795584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-03-05 20:53 - 2022-02-10 20:38 - 000711608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-03-05 20:53 - 2022-02-10 20:37 - 008612496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-03-05 20:53 - 2022-02-10 20:37 - 007714960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-03-05 20:53 - 2022-02-10 20:37 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-03-05 20:53 - 2022-02-10 20:37 - 005099152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-03-05 20:53 - 2022-02-10 20:37 - 002935744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-03-05 20:53 - 2022-02-10 20:37 - 000456848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-03-05 20:53 - 2022-02-10 20:35 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-03-05 20:53 - 2022-02-10 20:34 - 006461040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-03-05 20:53 - 2022-02-10 08:18 - 000089251 _____ C:\WINDOWS\system32\nvinfo.pb 2022-03-05 20:49 - 2021-06-03 15:56 - 000043408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys 2022-02-28 12:39 - 2022-02-28 12:39 - 000000000 ____D C:\Users\Boris\AppData\Local\Bitdefender 2022-02-21 16:59 - 2022-02-21 16:59 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\Die of Death Games 2022-02-20 18:21 - 2022-02-20 18:21 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\11BitStudios 2022-02-20 09:57 - 2022-02-20 09:57 - 000238801 ____C C:\Users\Boris\Desktop\SOILIHI_Harmia CHFapp.odt 2022-02-18 18:06 - 2022-02-18 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grim Dawn [GOG.com] 2022-02-11 10:23 - 2022-04-03 10:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-02-10 17:01 - 2022-02-13 19:03 - 000000008 _____ C:\Users\Boris\AppData\Roaming\DofusAppId0_3 2022-02-10 17:01 - 2022-02-10 17:01 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Dofus-3 2022-02-10 15:37 - 2022-02-10 15:37 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-10 15:37 - 2022-02-10 15:37 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-02-10 12:10 - 2022-02-14 19:01 - 000000008 _____ C:\Users\Boris\AppData\Roaming\DofusAppId0_2 2022-02-10 12:10 - 2022-02-10 12:10 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Dofus-2 2022-02-10 11:55 - 2022-02-10 11:55 - 000000000 ____D C:\Users\Boris\AppData\Roaming\AnkamaCertificates 2022-02-10 11:54 - 2022-02-14 19:41 - 000000008 _____ C:\Users\Boris\AppData\Roaming\DofusAppId0_1 2022-02-10 11:54 - 2022-02-14 19:32 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Dofus 2022-02-10 11:54 - 2022-02-14 17:32 - 000000117 _____ C:\Users\Boris\AppData\Roaming\D2Info0 2022-02-10 11:54 - 2022-02-10 11:54 - 000000000 ____D C:\Users\Boris\AppData\Roaming\[Worker].null 2022-02-10 11:43 - 2022-02-11 12:40 - 000000000 ____D C:\Users\Boris\AppData\Roaming\zaap 2022-02-10 11:43 - 2022-02-11 12:40 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Ankama Launcher 2022-02-10 11:43 - 2022-02-10 11:43 - 000000000 ____D C:\Users\Boris\AppData\Local\zaap-updater 2022-02-10 11:43 - 2022-02-10 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ankama 2022-02-10 11:42 - 2022-02-10 11:42 - 000000000 ____D C:\Program Files\Ankama 2022-02-07 18:13 - 2022-02-07 18:57 - 000000000 ____D C:\Users\Boris\AppData\Local\Teardown 2022-02-04 18:12 - 2022-02-04 18:12 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\Shiny Shoe 2022-02-04 18:11 - 2022-02-04 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monster Train [GOG.com] 2022-02-04 18:01 - 2022-02-04 18:01 - 000188769 _____ C:\Users\Boris\Desktop\justifDomiPierre.pdf 2022-02-01 18:55 - 2022-02-01 18:55 - 000000000 ____D C:\Users\Boris\AppData\Local\NovaDrift 2022-02-01 11:25 - 2022-02-01 14:52 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Vampire_Survivors 2022-01-12 10:40 - 2022-01-12 10:40 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-12 10:40 - 2022-01-12 10:40 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-11 16:51 - 2022-01-11 16:51 - 000003424 _____ C:\WINDOWS\system32\Tasks\eteindre 2022-01-10 17:04 - 2022-01-10 17:04 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\Weather Factory 2022-01-03 17:03 - 2022-01-03 17:03 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\Daniel Mullins Games ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-03 11:10 - 2017-11-04 21:33 - 000000000 ____D C:\Program Files (x86)\Steam 2022-04-03 11:03 - 2019-10-10 13:02 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-04-03 10:51 - 2021-07-15 19:01 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-03 10:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-03 10:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-04-03 10:50 - 2021-07-15 19:10 - 001772722 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-03 10:50 - 2019-12-07 16:50 - 000792988 _____ C:\WINDOWS\system32\perfh00C.dat 2022-04-03 10:50 - 2019-12-07 16:50 - 000150118 _____ C:\WINDOWS\system32\perfc00C.dat 2022-04-03 10:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-04-03 10:50 - 2017-11-03 12:04 - 000000000 ___DC C:\Users\Boris\AppData\LocalLow\Mozilla 2022-04-03 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-03 10:45 - 2017-11-03 12:05 - 000000000 ____D C:\ProgramData\Riot Games 2022-04-03 10:45 - 2017-11-03 12:03 - 000000000 ____D C:\ProgramData\NVIDIA 2022-04-03 10:44 - 2021-07-15 19:02 - 000000000 ____D C:\Users\Boris 2022-04-03 10:43 - 2021-07-15 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-03 10:43 - 2021-07-15 19:00 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-03 10:43 - 2017-12-29 16:14 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2022-04-03 10:43 - 2017-11-03 01:23 - 000000000 __SHD C:\Users\Boris\IntelGraphicsProfiles 2022-04-02 12:48 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-04-02 10:52 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-04-02 10:31 - 2018-05-16 06:51 - 000000000 ___DC C:\Users\Boris\AppData\Local\D3DSCache 2022-04-02 08:16 - 2017-11-03 12:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-04-01 18:51 - 2021-07-15 19:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-04-01 17:14 - 2017-11-30 23:52 - 000000000 ____D C:\ProgramData\Epic 2022-04-01 16:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-03-31 14:25 - 2018-04-03 16:50 - 000000000 ___DC C:\Users\Boris\AppData\Local\Ubisoft Game Launcher 2022-03-31 14:25 - 2018-04-03 16:50 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2022-03-31 14:24 - 2017-11-03 01:23 - 000000000 ___DC C:\Users\Boris\AppData\Local\Packages 2022-03-31 14:23 - 2018-08-11 15:37 - 000000000 ____D C:\Program Files (x86)\Battle.net 2022-03-31 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2022-03-31 13:41 - 2018-05-14 06:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-31 13:30 - 2019-12-07 11:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2022-03-31 13:19 - 2018-08-14 17:27 - 000000000 ___DC C:\Users\Boris\AppData\Roaming\discord 2022-03-31 13:15 - 2018-08-14 17:27 - 000000000 ___DC C:\Users\Boris\AppData\Local\Discord 2022-03-31 10:45 - 2020-09-17 12:34 - 000002364 ____C C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-03-31 10:45 - 2020-09-17 12:34 - 000002356 ____C C:\Users\Boris\Desktop\Microsoft Teams.lnk 2022-03-27 21:43 - 2021-07-15 19:00 - 000295032 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-03-27 21:41 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV 2022-03-27 21:41 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-03-27 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-03-27 21:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-03-27 19:03 - 2021-07-15 19:12 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1239015781-1633601583-440821419-1001 2022-03-27 19:03 - 2021-07-15 19:02 - 000002417 ____C C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-03-27 18:56 - 2021-10-06 14:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-03-27 18:56 - 2017-11-03 12:04 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-03-25 09:38 - 2021-07-15 19:12 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2022-03-23 10:32 - 2017-11-08 13:45 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-03-19 01:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-03-13 15:54 - 2021-12-13 15:22 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1239015781-1633601583-440821419-1001 2022-03-11 17:16 - 2021-07-19 12:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-03-11 17:13 - 2021-07-15 19:01 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-03-11 17:05 - 2017-11-04 20:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-11 17:02 - 2017-11-04 20:51 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-03-10 11:11 - 2021-07-19 12:05 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-03-10 11:11 - 2021-07-19 12:05 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7799beb482ecb 2022-03-09 23:47 - 2017-11-10 15:57 - 000000000 ___DC C:\Users\Boris\AppData\Local\CrashDumps 2022-03-07 13:08 - 2018-12-07 22:29 - 000000000 ___DC C:\Users\Boris\AppData\Local\NVIDIA 2022-03-05 20:57 - 2021-01-04 16:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-03-05 20:54 - 2017-11-03 12:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-03-05 20:50 - 2021-07-15 19:12 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:50 - 2021-07-15 19:12 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:50 - 2017-11-04 22:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-03-05 20:49 - 2021-07-15 19:12 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2021-07-15 19:12 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-03-05 20:49 - 2017-11-03 12:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-03-05 20:45 - 2018-01-03 22:40 - 000000000 ___DC C:\Users\Boris\AppData\Roaming\vlc 2022-03-05 20:41 - 2017-11-10 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks ==================== Fichiers à la racine de certains dossiers ======== 2022-04-03 10:44 - 2022-04-03 10:44 - 003481240 _____ (Nicolas Coolman) C:\Users\Boris\ZHPSuite.exe 2021-05-18 10:21 - 2021-07-24 13:29 - 000000032 ____C () C:\Users\Boris\AppData\Roaming\.machineId 2018-01-18 12:10 - 2018-10-04 13:44 - 000000033 ____C () C:\Users\Boris\AppData\Roaming\AdobeWLCMCache.dat 2022-02-10 11:54 - 2022-02-14 17:32 - 000000117 _____ () C:\Users\Boris\AppData\Roaming\D2Info0 2022-02-10 11:54 - 2022-02-14 19:41 - 000000008 _____ () C:\Users\Boris\AppData\Roaming\DofusAppId0_1 2022-02-10 12:10 - 2022-02-14 19:01 - 000000008 _____ () C:\Users\Boris\AppData\Roaming\DofusAppId0_2 2022-02-10 17:01 - 2022-02-13 19:03 - 000000008 _____ () C:\Users\Boris\AppData\Roaming\DofusAppId0_3 2018-10-01 18:09 - 2018-10-01 18:09 - 000000000 ____C () C:\Users\Boris\AppData\Local\oobelibMkey.log 2018-09-13 18:23 - 2018-09-13 18:23 - 000353118 ____C () C:\Users\Boris\AppData\Local\SquareClock.Production_Home_Ixina_WebIcon.ico 2018-11-07 12:09 - 2018-11-07 12:09 - 000070340 ____C () C:\Users\Boris\AppData\Local\TempF6A781A7B81F6DDD6A8A5C103ADBD459_S_Dump_4lx2snst.zip ==================== SigCheckExt ========================= 2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2022-04-03 10:44 - 2022-04-03 10:44 - 003481240 _____ (Nicolas Coolman) C:\Users\Boris\ZHPSuite.exe 2022-03-31 12:25 - 2022-04-03 11:09 - 002365440 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe 2022-04-02 08:19 - 2022-04-02 08:19 - 003295944 _____ (Nicolas Coolman) C:\Users\Boris\Desktop\ZHPCleaner.exe 2022-03-31 12:03 - 2022-03-31 12:03 - 003480728 _____ (Nicolas Coolman) C:\Users\Boris\Desktop\ZHPSuite.exe 2017-12-05 14:55 - 2017-12-05 14:55 - 000086528 _____ (MinGW.org Project) C:\Users\Boris\Downloads\mingw-get-setup.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {741e946f-e596-11eb-ab04-ad371e83fec9} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {398552c2-e58e-11eb-98a1-d45bbed95e25} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{398552c3-e58e-11eb-98a1-d45bbed95e25} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{398552c3-e58e-11eb-98a1-d45bbed95e25} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {398552c2-e58e-11eb-98a1-d45bbed95e25} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {741e946f-e596-11eb-ab04-ad371e83fec9} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {741e946f-e596-11eb-ab04-ad371e83fec9} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {398552c2-e58e-11eb-98a1-d45bbed95e25} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {398552c3-e58e-11eb-98a1-d45bbed95e25} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================