Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2022 Exécuté par Céline (administrateur) sur DESKTOP-280SDP4 (Micro-Star International Co., Ltd. MS-7B23) (09-07-2022 22:53:00) Exécuté depuis C:\Users\Céline\Desktop Profils chargés: Céline Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.1766 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Céline\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9267656 2018-02-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AgentConnectix64] => C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe [3468856 2022-04-13] (Druide informatique inc. -> Druide informatique inc.) HKLM-x32\...\Run: [A6210] => C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE [6211776 2018-02-27] (NETGEAR TAIWAN CO., LTD -> NETGEAR) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11186440 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Olympus DSS UpdateManager] => C:\Program Files (x86)\OLYMPUS\DSSPlayerStandard\UpdateManager.exe [200192 2018-06-13] (OLYMPUS CORPORATION) [Fichier non signé] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5926680 2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-06] (Adobe Inc. -> Adobe Inc.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [HP OfficeJet Pro 8720 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5492504 2022-06-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5492504 2022-06-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.0\kpm.exe [1551872 2022-04-18] (AO Kaspersky Lab -> AO Kaspersky Lab) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (Pas de fichier) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2218409065-412658654-1762571001-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2857248 2022-05-06] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 4.lnk [2020-03-16] ShortcutTarget: Device Detector 4.lnk -> C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe (OLYMPUS CORPORATION) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1239DD34-3287-4C2D-B331-66A422E2A6CF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-22] (Microsoft Corporation -> Microsoft Corporation) Task: {12FD2655-4EEB-4F92-8F6C-7F1501C87710} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {18EA1196-F4AB-4511-9624-056A84DE4A5B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {20BE41DD-BC94-4EEF-859B-5840EDD92D72} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-12-24] (Bluestack Systems, Inc -> BlueStack Systems, Inc.) Task: {30F27992-3067-4D4B-BDB8-79B034FD3764} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {313AFFEC-4EB8-49BF-AB13-259281959973} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-21] (Google LLC -> Google LLC) Task: {37234697-9D71-41CF-AB97-464FAB8C3001} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation) Task: {44E1D739-39B1-4DAC-A4EC-C7F4EE89C990} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 8720 => C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.) Task: {5B8FA3F5-EFCD-4252-BE52-5FF36BFEB993} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {60108F1F-7236-4BD5-B62C-11A34A402AB9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {6B49BAEE-9356-4F18-B952-2BADCC4FD979} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-22] (Microsoft Corporation -> Microsoft Corporation) Task: {6B80AACA-EFC0-4E28-934B-1A9D52BE2FF3} - System32\Tasks\NCH Software\ScribeDowngrade => C:\Program Files (x86)\NCH Software\Scribe\scribe.exe [2118720 2021-08-02] (NCH Software, Inc. -> NCH Software) Task: {9E4AE77F-EB64-4FB4-995E-5E41085E4A89} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-22] (Microsoft Corporation -> Microsoft Corporation) Task: {A09B6C04-FF2F-44C0-9B49-5A64BFA414A7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-22] (Microsoft Corporation -> Microsoft Corporation) Task: {A49C79AF-0513-4995-A90C-B0093FD0179E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (Pas de fichier) Task: {B8AF7BCC-0839-45F4-92ED-B6CB48E12779} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation) Task: {FDE03791-46FE-40E3-807A-0F39379B65C1} - System32\Tasks\Opera scheduled assistant Autoupdate 1634830949 => C:\Users\Céline\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Céline\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {FE086188-95B5-48FC-9C8C-AA13F7FBA93B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-21] (Google LLC -> Google LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{62a3a926-c401-4f52-ac66-972b7d5ba34b}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{bb15fa56-5622-4049-930e-af3e9c129e10}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{df98c738-7353-4151-a170-6fdbbe2986fa}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{fa1203ce-5aaf-4bf7-add3-f0b43a257137}: [DhcpNameServer] 192.168.0.254 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Céline\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-09] Edge Extension: (Kaspersky Protection) - C:\Users\Céline\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-05-18] Edge Extension: (Antidote) - C:\Users\Céline\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2022-05-18] Edge HKU\S-1-5-21-2218409065-412658654-1762571001-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-2218409065-412658654-1762571001-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo] FireFox: ======== FF DefaultProfile: 5l36zcr2.default FF ProfilePath: C:\Users\Céline\AppData\Roaming\Mozilla\Firefox\Profiles\5l36zcr2.default [2022-01-28] FF ProfilePath: C:\Users\Céline\AppData\Roaming\Mozilla\Firefox\Profiles\ktvj17he.default-release [2022-01-28] FF Extension: (ETP Search Volume Study) - C:\Users\Céline\AppData\Roaming\Mozilla\Firefox\Profiles\ktvj17he.default-release\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-27] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-03-05] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-06] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-06] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Céline\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-09] CHR Profile: C:\Users\Céline\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-07-09] CHR HomePage: Profile 1 -> hxxp://astromenda.com/?f=1&a=ast_tele_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytA0FyDyCyDtCyB0C0A0CtN0D0Tzu0StCtDtDzztN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBzz0ByD0DtC0D0AtGtDyDtAyEtG0B0B0E0DtGyEtBtB0EtGyEtDtAtDyBtA0FzztByDyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtDtD0FyDtB0FtAtG0A0F0FtBtGyEyB0CzztG0BtD0DyCtG0FyByB0C0ByCtAyBtByDyByC2Q&cr=1897786782&ir= CHR StartupUrls: Profile 1 -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytA0FyDyCyDtCyB0C0A0CtN0D0Tzu0StCtDtDzztN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBzz0ByD0DtC0D0AtGtDyDtAyEtG0B0B0E0DtGyEtBtB0EtGyEtDtAtDyBtA0FzztByDyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtDtD0FyDtB0FtAtG0A0F0FtBtGyEyB0CzztG0BtD0DyCtG0FyByB0C0ByCtAyBtByDyByC2Q&cr=1897786782&ir=","hxxp://astromenda.com/?f=7&a=ast_ggfc_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytA0FyDyCyDtCyB0C0A0CtN0D0Tzu0StCtDtDzztN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0E0FtBtDtC0CyBtGtB0B0DtBtG0FtDtD0FtG0DyCyByDtGyEtB0F0F0E0E0C0DtByDyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtDtD0FyDtB0FtAtG0A0F0FtBtGyEyB0CzztG0BtD0DyCtG0FyByB0C0ByCtAyBtByDyByC2Q&cr=1684160202&ir=","hxxps://www.google.com/" CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Céline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-09] CHR Extension: (Antidote) - C:\Users\Céline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2022-07-09] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Céline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-09] CHR Profile: C:\Users\Céline\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-09] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-2218409065-412658654-1762571001-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR Profile: C:\Users\Céline\AppData\Roaming\Opera Software\Opera Stable [2022-01-28] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Céline\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-21] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Céline\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-09] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-04-13] (Adobe Inc. -> Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2021-07-28] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9483232 2022-06-03] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46872 2022-07-04] (Dropbox, Inc -> Dropbox, Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-29] (HP Inc. -> HP Inc.) S2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-22] (Intel Corporation) [Fichier non signé] S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 kpm_service_10.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.0\kpm_service.exe [527872 2022-04-18] (AO Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-28] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-27] (Malwarebytes Inc -> Malwarebytes) S2 NetgearSwitchUSB; C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe [192232 2015-09-17] (NETGEAR TAIWAN CO., LTD -> ) S3 Olympus DVR Service; C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [175104 2018-06-13] (OLYMPUS CORPORATION) [Fichier non signé] S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14386160 2022-01-20] (ADLICE -> ) S2 SafeKids1.0.5; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Safe Kids 1.0.5\safekids.exe [606816 2022-06-17] (AO Kaspersky Lab -> AO Kaspersky Lab) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-15] (Microsoft Windows Publisher -> Microsoft Corporation) S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585248 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253520 2021-01-28] (Synology Inc. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 A6210; C:\WINDOWS\system32\DRIVERS\A6210.sys [2259016 2019-07-17] (NETGEAR TAIWAN CO., LTD -> MediaTek Inc.) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-12-24] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-14] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [Fichier non signé] R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klfltks; C:\WINDOWS\system32\DRIVERS\klfltks.sys [546392 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1582672 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [188848 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klifks; C:\WINDOWS\System32\DRIVERS\klifks.sys [1039960 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187200 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [270752 2022-07-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtpks; C:\WINDOWS\system32\DRIVERS\klwtpks.sys [321304 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-30] (Malwarebytes Inc -> Malwarebytes) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-09] (Microsoft Windows -> Microsoft Corporation) U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-07-09 22:53 - 2022-07-09 22:53 - 000032818 _____ C:\Users\Céline\Desktop\FRST.txt 2022-07-09 22:52 - 2022-07-09 22:52 - 000000000 ____D C:\Users\Céline\Desktop\FRST-OlderVersion 2022-07-09 22:51 - 2022-07-09 22:51 - 002369024 _____ (Farbar) C:\Users\Céline\Downloads\FRST64.exe 2022-07-09 22:49 - 2022-07-09 22:49 - 000381657 _____ C:\Users\Céline\Desktop\ZHPDiag.txt 2022-07-09 22:43 - 2022-07-09 22:44 - 003487984 _____ (Nicolas Coolman) C:\Users\Céline\Desktop\ZHPSuite.exe 2022-07-09 20:30 - 2022-07-09 20:31 - 000000000 ____D C:\AdwCleaner 2022-07-09 20:29 - 2022-07-09 20:29 - 008551608 _____ (Malwarebytes) C:\Users\Céline\Desktop\adwcleaner_8.3.2.exe 2022-07-09 19:32 - 2022-07-09 20:02 - 000000876 _____ C:\Users\Céline\Desktop\ZHPCleaner.lnk 2022-07-09 17:14 - 2022-07-09 20:20 - 000010745 _____ C:\Users\Céline\Desktop\ZHPCleaner (R).html 2022-07-09 17:14 - 2022-07-09 20:20 - 000003632 _____ C:\Users\Céline\Desktop\ZHPCleaner (R).txt 2022-07-09 17:12 - 2022-07-09 20:14 - 000010718 _____ C:\Users\Céline\Desktop\ZHPCleaner (S).html 2022-07-09 17:12 - 2022-07-09 20:14 - 000003639 _____ C:\Users\Céline\Desktop\ZHPCleaner (S).txt 2022-07-09 16:57 - 2022-07-09 16:57 - 003301616 _____ (Nicolas Coolman) C:\Users\Céline\Desktop\ZHPCleaner.exe 2022-07-09 12:52 - 2022-07-09 12:52 - 000148560 _____ C:\Users\Céline\Downloads\09-11-10-18-52-51-933138.PDF 2022-07-07 12:55 - 2022-07-07 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-07-05 19:50 - 2022-07-05 19:50 - 000055828 _____ C:\Users\Céline\Downloads\déclaration de CA_06_2022.pdf 2022-07-05 19:48 - 2022-07-05 19:48 - 000199988 _____ C:\Users\Céline\Downloads\document (3).pdf 2022-07-05 19:48 - 2022-07-05 19:48 - 000199976 _____ C:\Users\Céline\Downloads\document (2).pdf 2022-07-05 19:16 - 2022-07-05 19:16 - 000595359 _____ C:\Users\Céline\Downloads\Votre devis.pdf 2022-07-05 18:47 - 2022-07-05 18:47 - 000395469 _____ C:\Users\Céline\Downloads\CA_Devis_Habitation.pdf 2022-07-05 18:13 - 2022-07-05 18:13 - 000007172 _____ C:\Users\Céline\Downloads\CA20220705_181300.xlsx 2022-07-05 16:53 - 2022-07-09 15:23 - 000270752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-07-04 16:42 - 2022-07-04 16:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-07-04 16:42 - 2022-07-04 16:42 - 000046872 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-07-03 18:23 - 2022-07-03 18:23 - 000131260 _____ C:\Users\Céline\Downloads\2022F07-130.pdf 2022-07-03 18:19 - 2022-07-03 18:19 - 000126401 _____ C:\Users\Céline\Downloads\2022F07-129.pdf 2022-07-02 13:35 - 2022-07-02 13:35 - 000004855 _____ C:\Users\Céline\Downloads\CA20220702_133541.xlsx 2022-06-30 09:49 - 2022-06-30 09:50 - 000316823 _____ C:\Users\Céline\Documents\Carte Grise.pdf 2022-06-30 09:49 - 2022-06-30 09:49 - 000290925 _____ C:\Users\Céline\Documents\CNI Jérôme.pdf 2022-06-30 09:44 - 2022-06-30 09:44 - 000747612 _____ C:\Users\Céline\Documents\Livret de famille HENRY - GUILLAUME.pdf 2022-06-29 18:35 - 2022-06-29 18:35 - 000603125 _____ C:\Users\Céline\Downloads\signed_d1af14af-120f-4d1b-8d8e-f90185d8835d-29a61b347dcf_devis (2).pdf 2022-06-29 18:35 - 2022-06-29 18:35 - 000603125 _____ C:\Users\Céline\Downloads\signed_d1af14af-120f-4d1b-8d8e-f90185d8835d-29a61b347dcf_devis (1).pdf 2022-06-29 15:28 - 2022-06-29 15:28 - 000095812 _____ C:\Users\Céline\Downloads\ticket (2).pdf 2022-06-29 15:25 - 2022-06-29 15:25 - 000603125 _____ C:\Users\Céline\Downloads\signed_d1af14af-120f-4d1b-8d8e-f90185d8835d-29a61b347dcf_devis.pdf 2022-06-28 21:32 - 2022-06-28 21:32 - 000147264 _____ C:\Users\Céline\Downloads\bilan-periodique-SCHÜHMANN-Lubin-2021-2022-S1.pdf 2022-06-28 21:30 - 2022-06-28 21:30 - 000148114 _____ C:\Users\Céline\Downloads\bilan-periodique-SCHÜHMANN-Lubin-2021-2022-S2.pdf 2022-06-28 20:31 - 2022-06-28 20:31 - 000032768 _____ C:\Users\Céline\Desktop\Re_ Renseignements sur achat bois.msg 2022-06-28 20:30 - 2022-06-28 20:30 - 000112640 _____ C:\Users\Céline\Desktop\Votre demande via WHAT'S APP.msg 2022-06-28 20:29 - 2022-06-28 20:29 - 000030720 _____ C:\Users\Céline\Desktop\Re_ Votre maison à Aiserey.msg 2022-06-26 16:43 - 2022-06-26 16:43 - 000239901 _____ C:\Users\Céline\Downloads\A10158109402_CR.pdf 2022-06-26 16:39 - 2022-06-26 16:39 - 000237026 _____ C:\Users\Céline\Downloads\A10156356749_CR.pdf 2022-06-22 18:50 - 2022-06-22 18:50 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2022-06-20 18:37 - 2022-06-20 18:37 - 000001470 _____ C:\Users\Céline\Downloads\Feuille lignee.pdf 2022-06-17 07:53 - 2022-06-17 07:53 - 000089332 _____ C:\Users\Céline\Downloads\facture_freemobile_20220418.pdf 2022-06-17 07:11 - 2022-06-17 07:11 - 000491148 _____ C:\Users\Céline\Downloads\paiement_TVA_20220617_071128.pdf 2022-06-17 06:52 - 2022-06-17 06:52 - 000006122 _____ C:\Users\Céline\Downloads\CA20220617_065224.xlsx 2022-06-17 06:51 - 2022-06-17 06:51 - 000004337 _____ C:\Users\Céline\Downloads\CA20220617_065123.xlsx 2022-06-17 06:47 - 2022-06-17 06:47 - 000121718 _____ C:\Users\Céline\Downloads\Releve_n_004_du_30_04_2022_351631401_Q27FvwqH.pdf 2022-06-17 06:47 - 2022-06-17 06:47 - 000119920 _____ C:\Users\Céline\Downloads\Releve_n_005_du_31_05_2022_353483595_RnAjRuYc.pdf 2022-06-17 01:16 - 2022-06-17 01:16 - 000001512 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk 2022-06-17 01:16 - 2022-06-17 01:16 - 000001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk 2022-06-16 22:11 - 2022-06-16 22:11 - 000000000 ____D C:\Users\Céline\.ms-ad 2022-06-16 21:51 - 2022-06-16 21:51 - 000128367 _____ C:\Users\Céline\Downloads\2021F11-081.pdf 2022-06-16 18:03 - 2022-06-16 18:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2022-06-16 08:24 - 2022-06-16 08:24 - 000000000 ____D C:\Program Files (x86)\Samsung 2022-06-15 16:21 - 2022-06-15 16:21 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2022-06-15 15:29 - 2022-06-15 15:29 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-15 15:29 - 2022-06-15 15:29 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2022-06-15 15:29 - 2022-06-15 15:29 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-15 15:29 - 2022-06-15 15:29 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2022-06-15 15:29 - 2022-06-15 15:29 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-06-15 15:28 - 2022-06-15 15:28 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-06-15 15:28 - 2022-06-15 15:28 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-15 15:24 - 2022-06-15 15:24 - 000000000 ___HD C:\$WinREAgent 2022-06-15 14:21 - 2022-06-17 00:02 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2022-06-15 14:20 - 2022-06-15 14:20 - 000187200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2022-06-14 23:39 - 2022-06-14 23:39 - 000070628 _____ C:\Users\Céline\Downloads\DEF_Festival_song_.pdf 2022-06-12 22:06 - 2022-06-12 22:06 - 000089670 _____ C:\Users\Céline\Downloads\SCHUHMANN CELINE DEVOIR 4.pdf 2022-06-12 15:33 - 2022-06-12 15:33 - 000000000 ____D C:\Users\Céline\AppData\Roaming\com.nesbox.tic 2022-06-08 14:48 - 2022-06-08 14:48 - 000634490 _____ C:\Users\Céline\Desktop\SCHÜHMANN Céline MAI.pdf 2022-06-08 14:31 - 2022-07-09 20:22 - 000000000 ____D C:\Users\Céline\AppData\Roaming\DropboxElectron 2022-06-05 15:52 - 2022-06-05 15:52 - 000132967 _____ C:\Users\Céline\Downloads\DownloadFile (8).pdf 2022-06-05 15:52 - 2022-06-05 15:52 - 000132451 _____ C:\Users\Céline\Downloads\DownloadFile (6).pdf 2022-06-05 15:52 - 2022-06-05 15:52 - 000126723 _____ C:\Users\Céline\Downloads\DownloadFile (7).pdf 2022-06-05 14:05 - 2022-06-05 14:05 - 000184296 _____ C:\Users\Céline\Downloads\confirmation.pdf 2022-06-01 18:45 - 2022-06-01 18:46 - 000055644 _____ C:\Users\Céline\Downloads\déclaration de CA_05_2022.pdf 2022-06-01 17:19 - 2022-06-01 17:19 - 000179478 _____ C:\Users\Céline\Documents\Enveloppe MMA.pdf 2022-06-01 17:17 - 2022-06-01 17:17 - 001117002 _____ C:\Users\Céline\Documents\Courriers MMA.pdf 2022-06-01 16:34 - 2022-06-01 16:34 - 000166975 _____ C:\Users\Céline\Downloads\facture_freemobile_20220519.pdf 2022-06-01 16:12 - 2022-06-01 16:12 - 000468695 _____ C:\Users\Céline\Downloads\SCHÜHMANN CÉLINE Devoir 3.pdf 2022-05-31 22:34 - 2022-05-31 22:34 - 000000000 ____D C:\Users\Céline\AppData\Roaming\Neos Eureka S.r.l 2022-05-31 22:33 - 2022-05-31 22:33 - 000000000 ____D C:\ProgramData\Recisio 2022-05-31 22:33 - 2022-05-31 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2 2022-05-31 22:33 - 2022-05-31 22:33 - 000000000 ____D C:\Program Files (x86)\KaraFun Player 2 2022-05-31 22:28 - 2022-05-31 22:33 - 046220048 _____ (Recisio ) C:\Users\Céline\Downloads\karafunplayer_2.6.2.0.exe 2022-05-31 22:05 - 2022-05-31 22:05 - 000000557 _____ C:\Users\Céline\Downloads\RDV Crédit Agricole avec Aurelie FERRERO.ics 2022-05-30 19:57 - 2022-05-30 19:57 - 000090914 _____ C:\Users\Céline\Downloads\CalendrierPaiement.pdf 2022-05-25 20:51 - 2022-05-25 21:12 - 3672055363 _____ C:\Users\Céline\Downloads\Superman II (1980) MULTi TrueFrench 1080p HDLight x264 ac3.Wawacity.work.mkv 2022-05-25 17:56 - 2022-05-25 17:56 - 000031653 _____ C:\Users\Céline\Downloads\les-chroniques-de-veronique-decker-2639.pdf 2022-05-25 13:13 - 2022-05-25 13:13 - 001773059 _____ C:\Users\Céline\Downloads\ilovepdf_split (5).zip 2022-05-18 19:07 - 2022-05-18 19:07 - 000012039 _____ C:\Users\Céline\Downloads\Fichier gérants.xlsx 2022-05-18 19:06 - 2022-05-18 19:07 - 000012039 _____ C:\Users\Céline\Documents\Fichier gérants.xlsx 2022-05-18 18:47 - 2022-05-18 19:14 - 000021657 _____ C:\Users\Céline\Documents\Connections - fichier qualifié.xlsx 2022-05-17 21:32 - 2022-05-17 21:32 - 000034025 _____ C:\Users\Céline\Downloads\17052022_COMMANDE_C2E844584O107143.pdf 2022-05-14 12:37 - 2022-05-14 12:37 - 000491145 _____ C:\Users\Céline\Downloads\paiement_TVA_20220514_123741.pdf 2022-05-12 17:29 - 2022-05-12 17:29 - 000000000 ____D C:\Users\Céline\AppData\Local\SolidDocuments 2022-05-11 03:41 - 2022-05-11 03:41 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-05-11 03:41 - 2022-05-11 03:41 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-05-11 03:41 - 2022-05-11 03:41 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-05-10 07:22 - 2022-05-12 14:23 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo 2022-05-06 15:36 - 2022-05-06 15:36 - 002980354 _____ C:\Users\Céline\Downloads\ilovepdf_split (4).zip 2022-05-06 15:35 - 2022-05-06 15:35 - 003437791 _____ C:\Users\Céline\Documents\Scan_0001.pdf 2022-05-06 09:59 - 2022-05-06 09:59 - 000045576 _____ C:\Users\Céline\Downloads\20220506095945-k1O9r2.pdf 2022-05-06 09:10 - 2022-05-06 09:10 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-05-05 12:15 - 2022-05-05 12:15 - 000163041 _____ C:\Users\Céline\Downloads\Avis_d_impot_2021_sur_les_revenus_2020.pdf 2022-05-05 12:15 - 2022-05-05 12:15 - 000148444 _____ C:\Users\Céline\Downloads\Avis_d_impot_2020_sur_les_revenus_2019.pdf 2022-05-05 12:15 - 2022-05-05 12:15 - 000113576 _____ C:\Users\Céline\Downloads\Declaration_en_ligne_des_revenus_2021_le_01_05_2022_a_16_49_.pdf 2022-05-05 12:14 - 2022-05-05 12:14 - 000088524 _____ C:\Users\Céline\Downloads\49a2a60e-4949-4b11-bbe4-9098053d4609.pdf 2022-05-05 12:12 - 2022-05-05 12:12 - 001663246 _____ C:\Users\Céline\Desktop\Vaccins Lubin.pdf 2022-05-05 12:12 - 2022-05-05 12:12 - 000032746 _____ C:\Users\Céline\Downloads\Attestation d assurance scolaire (1).pdf 2022-05-05 10:57 - 2022-05-05 10:57 - 002051189 _____ C:\Users\Céline\Downloads\conditions générales.pdf 2022-05-02 19:09 - 2022-05-02 19:09 - 000305074 _____ C:\Users\Céline\Documents\Feuille émargement régularisée.pdf 2022-05-01 17:48 - 2022-05-01 17:48 - 000042033 _____ C:\Users\Céline\Downloads\Horaires_des_4_jours_de_reinscriptions_.pdf 2022-05-01 17:15 - 2022-05-01 17:15 - 000722125 _____ C:\Users\Céline\Downloads\27501-Fiche-FR-BD_tcm808-210041.pdf 2022-05-01 16:51 - 2022-05-01 16:51 - 000004329 _____ C:\Users\Céline\Downloads\CA20220501_165108.xlsx 2022-05-01 16:45 - 2022-05-01 16:45 - 000078130 _____ C:\Users\Céline\Downloads\VERSEMENTS_REGULIERS_ASSURANCE_VIE_I47T3JLEHRI_xlqqrPpd.pdf 2022-05-01 16:44 - 2022-05-01 16:44 - 000119858 _____ C:\Users\Céline\Downloads\RELEVE_IMPOT_SUR_LA_FORTUNE_IMMOBILIERE_I47TOPA75MU_zy9W4ZPR.pdf 2022-05-01 16:40 - 2022-05-01 16:40 - 000050284 _____ C:\Users\Céline\Downloads\5XzyerKrZzZD (1).pdf 2022-05-01 16:22 - 2022-05-01 16:22 - 000055451 _____ C:\Users\Céline\Downloads\déclaration de CA_04_2022.pdf 2022-05-01 16:17 - 2022-05-01 16:17 - 000127815 _____ C:\Users\Céline\Downloads\2022F05-124.pdf 2022-05-01 16:15 - 2022-05-01 16:15 - 000131431 _____ C:\Users\Céline\Downloads\2022F05-123.pdf 2022-05-01 16:13 - 2022-05-01 16:13 - 000131029 _____ C:\Users\Céline\Downloads\2022F05-122.pdf 2022-05-01 16:11 - 2022-05-01 16:11 - 000132124 _____ C:\Users\Céline\Downloads\2022F05-121.pdf 2022-04-30 10:31 - 2022-04-30 10:31 - 000460750 _____ C:\Users\Céline\Downloads\SCHÜHMANN CÉLINE Devoir 1.pdf 2022-04-30 10:29 - 2022-04-30 10:29 - 010425352 _____ C:\Users\Céline\Downloads\video.webm 2022-04-29 17:32 - 2022-04-29 17:32 - 000834520 _____ C:\Users\Céline\Downloads\kit du chanteur FINAL corrigé word.pdf 2022-04-29 09:53 - 2022-04-29 09:53 - 000053011 _____ C:\Users\Céline\Downloads\Thom FB.jpeg 2022-04-27 21:59 - 2022-04-27 21:59 - 000019179 _____ C:\Users\Céline\Documents\Classeur2avocats.xlsx 2022-04-27 19:18 - 2022-04-27 19:18 - 000011038 _____ C:\Users\Céline\Documents\Classeur1avocats.xlsx 2022-04-27 07:16 - 2022-04-27 07:16 - 000000000 ____D C:\Users\Céline\AppData\Roaming\Zoom 2022-04-27 07:16 - 2022-04-27 07:16 - 000000000 ____D C:\Users\Céline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-04-27 07:16 - 2022-04-27 07:16 - 000000000 ____D C:\Users\Céline\AppData\Local\Zoom 2022-04-26 18:03 - 2022-04-26 18:03 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk 2022-04-26 11:11 - 2022-04-26 11:11 - 000026909 _____ C:\Users\Céline\Documents\Avocats.xlsx 2022-04-22 22:08 - 2022-04-22 22:08 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-22 17:29 - 2022-04-22 17:29 - 000791891 _____ C:\Users\Céline\Downloads\ilovepdf_split (3).zip 2022-04-22 17:26 - 2022-04-22 17:26 - 000927475 _____ C:\Users\Céline\Documents\Scan.pdf 2022-04-22 12:37 - 2022-04-22 13:51 - 000043894 _____ C:\Users\Céline\Documents\Connections.xlsx 2022-04-22 12:36 - 2022-04-22 12:36 - 000056564 _____ C:\Users\Céline\Documents\Connections.csv 2022-04-22 12:32 - 2022-04-22 13:55 - 000030072 _____ C:\Users\Céline\Downloads\Basic_LinkedInDataExport_04-21-2022.zip 2022-04-21 12:14 - 2022-04-21 12:14 - 000475594 _____ C:\Users\Céline\Downloads\CONTRAT DE CRÉDIT IMMOBILIER (1).pdf 2022-04-21 12:12 - 2022-07-09 20:22 - 000000000 ____D C:\Users\Céline\Downloads\Druide_Téléchargement 2022-04-20 16:21 - 2022-04-20 16:21 - 000157239 _____ C:\Users\Céline\Downloads\FA2007-0091.pdf 2022-04-20 16:18 - 2022-04-20 16:18 - 001567473 _____ C:\Users\Céline\Downloads\Scan20200901_160706.pdf 2022-04-20 16:18 - 2022-04-20 16:18 - 001567473 _____ C:\Users\Céline\Downloads\Scan20200901_160706 (1).pdf 2022-04-20 16:18 - 2022-04-20 16:18 - 000121310 _____ C:\Users\Céline\Downloads\Scan20200722_082102.pdf 2022-04-20 16:16 - 2022-04-20 16:16 - 000108778 _____ C:\Users\Céline\Downloads\n°2366 Webapp - 2020 serveurPHPnet Serenity (1).pdf 2022-04-20 16:10 - 2022-04-20 16:10 - 000176631 _____ C:\Users\Céline\Downloads\001-2021 Conseil Eurl Web Ap.pdf 2022-04-20 16:09 - 2022-04-20 16:09 - 000053452 _____ C:\Users\Céline\Downloads\facture202521255027.pdf 2022-04-20 16:08 - 2022-04-20 16:08 - 000053472 _____ C:\Users\Céline\Downloads\facture202522798964.pdf 2022-04-20 16:07 - 2022-04-20 16:07 - 000156364 _____ C:\Users\Céline\Downloads\facture202523486390 (1).pdf 2022-04-20 16:07 - 2022-04-20 16:07 - 000053626 _____ C:\Users\Céline\Downloads\facture202522455005.pdf 2022-04-19 21:17 - 2022-04-19 21:17 - 000009083 _____ C:\Users\Céline\Downloads\CongeLogement.pdf 2022-04-15 15:27 - 2022-04-15 15:27 - 000079665 _____ C:\Users\Céline\Downloads\sfr-facture-B522-004710709.pdf 2022-04-15 15:26 - 2022-04-15 15:27 - 000079739 _____ C:\Users\Céline\Downloads\sfr-facture-B522-002519355.pdf 2022-04-15 15:26 - 2022-04-15 15:26 - 000079703 _____ C:\Users\Céline\Downloads\sfr-facture-B522-000289839.pdf 2022-04-15 15:20 - 2022-04-15 15:20 - 000156271 _____ C:\Users\Céline\Downloads\facture202524549690 (1).pdf 2022-04-15 14:24 - 2022-04-20 16:23 - 000000000 ____D C:\Users\Céline\Desktop\webap 2022-04-14 10:31 - 2022-04-14 10:31 - 000491146 _____ C:\Users\Céline\Downloads\paiement_TVA_20220414_103135.pdf 2022-04-14 10:16 - 2022-04-14 10:16 - 000097861 _____ C:\Users\Céline\Downloads\AmazonGiftReceipt.pdf 2022-04-14 09:24 - 2022-04-14 09:24 - 000703373 _____ C:\Users\Céline\Downloads\FINAL-Details_formules_Saison_17_.pdf 2022-04-13 09:00 - 2022-04-13 09:00 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-13 09:00 - 2022-04-13 09:00 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-13 09:00 - 2022-04-13 09:00 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-07-09 22:53 - 2022-01-28 16:19 - 000000000 ____D C:\FRST 2022-07-09 22:53 - 2019-07-01 13:22 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-09 22:52 - 2022-01-28 16:06 - 002369024 _____ (Farbar) C:\Users\Céline\Desktop\FRST64.exe 2022-07-09 22:49 - 2021-11-18 20:29 - 000000000 ____D C:\Users\Céline\AppData\Roaming\ZHP 2022-07-09 22:42 - 2020-09-10 12:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-09 22:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-09 20:32 - 2019-06-22 09:42 - 000000000 ____D C:\ProgramData\NVIDIA 2022-07-09 20:28 - 2020-09-10 12:39 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-09 20:28 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2022-07-09 20:28 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2022-07-09 20:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-07-09 20:22 - 2021-05-10 17:36 - 000000000 ___RD C:\Users\Céline\Creative Cloud Files 2022-07-09 20:22 - 2019-09-18 14:44 - 000000000 ____D C:\Users\Céline\AppData\Local\Dropbox 2022-07-09 20:21 - 2020-09-10 12:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-09 20:21 - 2020-08-14 16:58 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-09 20:21 - 2020-05-19 19:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-07-09 20:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-07-09 17:52 - 2021-05-10 17:35 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-07-09 10:04 - 2022-01-28 17:58 - 000000000 ____D C:\Users\Céline\Desktop\maison Aiserey 2022-07-08 10:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-08 10:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-08 10:37 - 2020-07-09 11:28 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-07 12:55 - 2019-09-18 14:44 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-07-05 20:06 - 2019-06-22 09:35 - 000000000 ____D C:\Users\Céline\AppData\Local\Packages 2022-07-04 20:58 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-07-04 16:43 - 2019-07-03 20:31 - 000000000 ____D C:\Users\Céline\AppData\Local\D3DSCache 2022-06-30 21:52 - 2021-12-13 18:16 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2218409065-412658654-1762571001-1001 2022-06-30 21:52 - 2020-09-10 12:35 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2218409065-412658654-1762571001-1001 2022-06-30 21:52 - 2020-09-10 12:31 - 000002420 _____ C:\Users\Céline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-06-30 16:54 - 2021-11-19 13:43 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-06-30 16:54 - 2021-09-01 21:14 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk 2022-06-30 16:54 - 2021-09-01 21:14 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2022-06-30 16:54 - 2021-09-01 21:14 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk 2022-06-30 10:12 - 2021-11-16 15:50 - 000000000 ____D C:\Users\Céline\Desktop\Dictée 2022-06-29 15:40 - 2021-05-18 13:49 - 000000000 ____D C:\Users\Céline\AppData\Local\CrashDumps 2022-06-25 16:47 - 2019-06-22 11:55 - 000000000 ____D C:\ProgramData\Packages 2022-06-23 10:21 - 2021-05-10 17:41 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2022-06-23 10:21 - 2021-05-10 17:41 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-06-22 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-06-22 18:50 - 2019-06-22 10:09 - 000000000 ____D C:\Program Files\Microsoft Office 2022-06-22 16:39 - 2021-05-10 17:34 - 000000000 ____D C:\Program Files\Adobe 2022-06-22 16:39 - 2019-07-01 14:48 - 000000000 ____D C:\Users\Céline\AppData\Local\Adobe 2022-06-17 01:16 - 2021-07-28 17:40 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-06-17 00:07 - 2021-07-28 17:44 - 001039960 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klifks.sys 2022-06-17 00:07 - 2021-07-28 17:44 - 000546392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klfltks.sys 2022-06-17 00:07 - 2021-05-14 16:32 - 000321304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtpks.sys 2022-06-16 23:52 - 2020-09-10 12:31 - 000480624 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-06-16 23:51 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-06-16 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-16 23:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-06-16 22:11 - 2020-09-10 12:31 - 000000000 ____D C:\Users\Céline 2022-06-16 18:03 - 2020-09-10 12:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-06-16 18:03 - 2019-07-01 14:50 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-06-16 08:24 - 2020-09-21 14:12 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk 2022-06-16 08:24 - 2019-06-22 09:38 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-15 15:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-15 15:28 - 2020-09-10 12:32 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-06-15 15:23 - 2019-06-22 09:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-06-15 15:21 - 2019-06-22 09:56 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-06-12 21:56 - 2022-04-04 19:20 - 000000000 ____D C:\Users\Céline\Desktop\COURS EFLC 2022-06-12 19:23 - 2020-09-13 10:54 - 000000000 ____D C:\Users\Céline\Desktop\Dossier Amstrad 2022-06-12 19:23 - 2019-06-22 09:35 - 000000000 ____D C:\Users\Céline\AppData\Local\VirtualStore 2022-06-11 09:41 - 2020-09-10 12:35 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-11 09:41 - 2020-09-10 12:35 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-06-09 22:54 - 2021-02-19 21:09 - 001582672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2022-06-09 22:54 - 2021-02-19 21:09 - 000703056 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys 2022-06-09 22:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== SigCheckExt ========================= 2018-01-22 15:10 - 2018-01-22 15:10 - 002271232 _____ (Intel(R) Corporation) C:\WINDOWS\system32\accesor.dll 2019-03-19 06:45 - 2019-03-19 06:45 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionMgr.dll 2020-02-14 20:05 - 2020-02-14 20:05 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-03-19 06:44 - 2019-03-19 06:44 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\canonurl.dll 2019-03-19 06:45 - 2019-03-19 06:45 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll 2019-03-19 06:43 - 2019-03-19 06:43 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2019-03-19 06:43 - 2019-03-19 06:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2018-01-22 15:13 - 2018-01-22 15:13 - 000505856 _____ (Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe 2019-03-19 06:43 - 2019-03-19 06:43 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mitigationscanner.exe 2018-01-22 15:11 - 2018-01-22 15:11 - 001568256 _____ (Intel(R) Corporation) C:\WINDOWS\system32\ncs2dmix.dll 2018-01-22 15:08 - 2018-01-22 15:08 - 000671232 _____ (Intel(R) Corporation) C:\WINDOWS\system32\ncs2instutility.dll 2018-01-22 15:44 - 2018-01-22 15:44 - 000349696 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Ncs2Setp.dll 2018-01-22 15:06 - 2018-01-22 15:06 - 004811264 _____ (Intel(R) Corporation) C:\WINDOWS\system32\ncscolib.dll 2019-03-19 06:45 - 2019-03-19 06:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll 2019-03-19 06:44 - 2019-03-19 06:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.ShellPosition.dll 2019-03-19 06:45 - 2019-03-19 06:45 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\canonurl.dll 2003-04-18 17:46 - 2003-04-18 17:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2003-04-18 17:29 - 2003-04-18 17:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2020-05-25 15:21 - 1998-07-13 00:00 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXFR.DLL 2020-05-25 15:21 - 2004-08-05 14:00 - 000024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnfr.dll 2020-05-25 15:21 - 2000-10-02 00:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb6fr.dll 2022-01-28 16:06 - 2022-07-09 22:52 - 002369024 _____ (Farbar) C:\Users\Céline\Desktop\FRST64.exe 2022-07-09 16:57 - 2022-07-09 16:57 - 003301616 _____ (Nicolas Coolman) C:\Users\Céline\Desktop\ZHPCleaner.exe 2022-07-09 22:43 - 2022-07-09 22:44 - 003487984 _____ (Nicolas Coolman) C:\Users\Céline\Desktop\ZHPSuite.exe 2021-10-22 17:10 - 2021-10-22 17:10 - 001799999 _____ ( ) C:\Users\Céline\Downloads\AZ-Launcher_Installer (1).exe 2021-10-22 17:10 - 2021-10-22 17:10 - 001799999 _____ ( ) C:\Users\Céline\Downloads\AZ-Launcher_Installer.exe 2022-07-09 22:51 - 2022-07-09 22:51 - 002369024 _____ (Farbar) C:\Users\Céline\Downloads\FRST64.exe 2021-09-10 17:53 - 2021-09-10 17:53 - 072861878 _____ (Paladium) C:\Users\Céline\Downloads\Paladium.exe 2022-01-29 16:56 - 2022-01-29 16:56 - 003292824 _____ (Nicolas Coolman) C:\Users\Céline\Downloads\zhpcleaner_2022-1-27-9_fr_433513.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {5fca2845-b26a-11ec-806f-309c23d8c63f} {5fca2846-b26a-11ec-806f-309c23d8c63f} {5fca2847-b26a-11ec-806f-309c23d8c63f} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume4 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {1203800d-f359-11ea-96d3-db9cfd791e85} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {5fca2845-b26a-11ec-806f-309c23d8c63f} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {5fca2846-b26a-11ec-806f-309c23d8c63f} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {5fca2847-b26a-11ec-806f-309c23d8c63f} description UEFI:Network Device Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {1203800f-f359-11ea-96d3-db9cfd791e85} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {1203800d-f359-11ea-96d3-db9cfd791e85} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {1203800f-f359-11ea-96d3-db9cfd791e85} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{12038010-f359-11ea-96d3-db9cfd791e85} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{12038010-f359-11ea-96d3-db9cfd791e85} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {1203800d-f359-11ea-96d3-db9cfd791e85} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {1203800f-f359-11ea-96d3-db9cfd791e85} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume4 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {12038010-f359-11ea-96d3-db9cfd791e85} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================