Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2022 Exécuté par Meldireen (administrateur) sur MELDIREEN-HOME (Micro-Star International Co., Ltd. MS-7C81) (08-11-2022 20:53:02) Exécuté depuis C:\Users\Meldireen\Desktop Profils chargés: Meldireen Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.755 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Intego\IavService.exe ->) (Intego Inc -> Intego Inc) C:\Program Files (x86)\Intego\IavProtection.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe (C:\Program Files\UltraMon\UltraMon.exe ->) (Realtime Soft AG -> Realtime Soft AG) C:\Program Files\UltraMon\UltraMonUiAcc.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe <6> (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <3> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Intego Inc -> Intego Inc) C:\Program Files (x86)\Intego\Intego.exe <3> (explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\Meldireen\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2209.6.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe (explorer.exe ->) (Realtime Soft AG -> Realtime Soft AG) C:\Program Files\UltraMon\UltraMon.exe (explorer.exe ->) (Stéphane Mitermite) [Fichier non signé] C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15> (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Intego\elam_ppl\AMSProtectedService.exe (services.exe ->) (Intego Inc -> Intego Inc) C:\Program Files (x86)\Intego\IavService.exe (services.exe ->) (Intego Inc -> Intego Inc) C:\Program Files (x86)\Intego\IavWebFilter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (services.exe ->) (Minerva Labs Ltd -> Minerva Labs LTD) C:\Program Files (x86)\Intego\Preventions\MVArmorService32.exe (services.exe ->) (Minerva Labs Ltd -> Minerva Labs LTD) C:\Program Files (x86)\Intego\Preventions\MVArmorService64.exe (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe (svchost.exe ->) (Realtime Soft Ltd -> Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe <2> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_03ae49260a64ff68\RtkAudUService64.exe [3495880 2022-06-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [I17B] => C:\Windows\twain_32\Brimi17b\Common\TwDsUiLaunch.exe [85888 2018-10-16] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2021-12-10] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3590656 2021-10-20] (Brother Industries, Ltd.) [Fichier non signé] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Run: [FreeMi UPnP Media Server] => C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe [279552 2016-05-24] (Stéphane Mitermite) [Fichier non signé] HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Run: [Screenpresso] => C:\Users\Meldireen\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [18259976 2022-10-17] (Learnpulse -> Learnpulse) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.) HKU\S-1-5-21-616166568-2873663226-2089266563-1001\...\Run: [MicrosoftEdgeAutoLaunch_DFDCCE3EE145D55AECD4CDC7F1786230] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-07] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2021-03-06] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-03] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-11-08] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intego Antivirus.lnk [2022-10-29] ShortcutTarget: Intego Antivirus.lnk -> C:\Program Files (x86)\Intego\Intego.exe (Intego Inc -> Intego Inc) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2022-06-26] ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{2CB51501-DA86-4216-9C9B-2C52A64BA047}\IcoUltraMon.ico () [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2022-07-04] ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe (D-LINK CORPORATION -> D-Link Corp.) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {0E9397C3-86C5-4619-B119-A1EBA1FB410A} - System32\Tasks\GoogleUpdateTaskMachineCore{FB90BBC6-54D4-450D-8047-8A37C65F855C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-30] (Google LLC -> Google LLC) Task: {102ABCD5-8A5C-4E56-93E2-1E94A5B83360} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5442048 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {1684D385-B73C-430F-BD92-673BEFD663F3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier) Task: {1DD7E923-E561-444E-B9F7-D001BC9C3D41} - System32\Tasks\GoogleUpdateTaskMachineUA{FEE0CB14-E479-4897-A95C-E1903F033D6B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-30] (Google LLC -> Google LLC) Task: {25484441-CDF9-44A3-8AA7-2CD48DC2B4CA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) "C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" n'a pas pu être déverrouillé. <==== ATTENTION Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask Task: {469CDCCC-D11C-4886-8B94-7C9EF344B925} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5442048 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {54E4B594-6E04-477B-953B-F1393B0B603F} - System32\Tasks\PowerToys\Autorun for Meldireen => C:\Program Files\PowerToys\PowerToys.exe [1105344 2022-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {55D1FED8-4D77-4A0B-B8D0-5ABD8023C9E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation) Task: {575DF81E-437A-446A-975F-7F13495E6DC0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation) Task: {65302FD3-7CE6-4E03-80D9-52279AF7CA0B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck Task: {6DFFE507-F149-483E-A56F-640EDC0903B4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier) Task: {B9A1F327-45D3-417F-B453-519271EA1C1D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {CC48564A-F5FB-4F93-BBDF-00F13B6EF707} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115632 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Pas de fichier) Task: {EB8F8217-418D-4648-A789-F7F7BE133F08} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-11-01] (Microsoft Windows -> ) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Pas de fichier Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{0e37fa64-0104-450d-a9f7-a041abb823d2}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{74fc8e43-939b-45ce-9cf9-4569d399a919}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{74fc8e43-939b-45ce-9cf9-4569d399a919}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\Meldireen\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-08] FireFox: ======== FF DefaultProfile: jh5dpzql.default FF ProfilePath: C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\jh5dpzql.default [2022-07-20] FF ProfilePath: C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 [2022-11-08] FF Homepage: Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 -> www.google.fr FF NetworkProxy: Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 -> hxxps://drive.google.com FF NewTabOverride: Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 -> Enabled: newtaboverride@agenedia.com FF NewTabOverride: Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333 -> Enabled: jetpack-extension@dashlane.com FF Extension: (Facebook Container) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\@contain-facebook.xpi [2022-11-04] FF Extension: (Better Image Viewer) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\betterimageviewer@darktrojan.net.xpi [2022-07-23] FF Extension: (Traduisez des sites web dans votre navigateur sans avoir recours au cloud.) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\firefox-translations-addon@mozilla.org.xpi [2022-08-25] FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\firefox@ghostery.com.xpi [2022-07-23] FF Extension: (Grammalecte [fr]) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\French-GC@grammalecte.net.xpi [2022-07-23] FF Extension: (Dashlane) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\jetpack-extension@dashlane.com.xpi [2022-11-07] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=] FF Extension: (Country Flag +) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\jid1-s7swGsO2vJBPMv@jetpack.xpi [2022-07-23] FF Extension: (Correcteur orthographique & grammatical — LanguageTool) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\languagetool-webextension@languagetool.org.xpi [2022-11-07] FF Extension: (Decodex) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\lemonde-decodex@lemonde.fr.xpi [2022-07-23] FF Extension: (New Tab Override) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\newtaboverride@agenedia.com.xpi [2022-07-23] FF Extension: (Firefox Relay) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\private-relay@firefox.com.xpi [2022-10-27] FF Extension: (OldWood) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{1268dd7d-073e-4bf1-81dc-f1bb0f4f0c2e}.xpi [2022-07-23] FF Extension: (Bitwarden) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-10-20] FF Extension: (Old Layout for Facebook) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{8792af17-0df8-40ab-81d3-6cc777171564}.xpi [2022-07-23] FF Extension: (Video DownloadHelper) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-07-23] FF Extension: (Passky - Password Manager) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{c27461c5-20e7-47b4-9e82-9f48e8d5e005}.xpi [2022-09-26] FF Extension: (FranceVerif) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{cac6293f-5570-4186-a217-c8985fd59228}.xpi [2022-10-04] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30] FF Extension: (Buster: Captcha Solver for Humans) - C:\Users\Meldireen\AppData\Roaming\Mozilla\Firefox\Profiles\30m24wjv.default-release-1658569328333\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2022-09-01] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-03-05] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Meldireen\AppData\Local\Google\Chrome\User Data\Default [2022-08-19] CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Meldireen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-28] CHR Extension: (Google Docs hors connexion) - C:\Users\Meldireen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-28] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Meldireen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-08-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Meldireen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-30] CHR HKU\S-1-5-21-616166568-2873663226-2089266563-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AMSProtectedService; C:\Program Files (x86)\Intego\elam_ppl\amsprotectedservice.exe [639304 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3999808 2022-11-08] (philandro Software GmbH -> AnyDesk Software GmbH) S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-12-06] (Brother Industries, Ltd.) [Fichier non signé] S4 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [281256 2019-08-14] (508 Software LLC -> CleverFiles) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-09-05] (Microsoft Corporation -> Microsoft Corporation) S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [806912 2022-11-01] (Microsoft Windows -> Microsoft Corporation) S4 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9844328 2022-10-24] (Electronic Arts, Inc. -> Electronic Arts) S4 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-02-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] R2 IntegoPreventions; C:\Program Files (x86)\Intego\Preventions\MVArmorService32.exe [3765528 2022-03-10] (Minerva Labs Ltd -> Minerva Labs LTD) R2 IntegoPreventions64; C:\Program Files (x86)\Intego\Preventions\MVArmorService64.exe [2486496 2022-03-10] (Minerva Labs Ltd -> Minerva Labs LTD) R2 IntegoService; C:\Program Files (x86)\Intego\IavService.exe [6708400 2022-05-09] (Intego Inc -> Intego Inc) R2 IntegoWebfilter; C:\Program Files (x86)\Intego\IavWebfilter.exe [6051568 2022-03-10] (Intego Inc -> Intego Inc) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-02] (Microsoft Windows -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S4 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> ) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-02] (Microsoft Windows -> Microsoft Corporation) R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-05-24] (Microsoft) [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19968 2022-05-24] (Microsoft) [Fichier non signé] S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2209.40000.26.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [269312 2022-11-04] () [Fichier non signé] S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-11-01] (Microsoft Windows -> Microsoft Corporation) S3 Browser; %SystemRoot%\System32\browser.dll [X] S4 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_246e95e4066041ad\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_246e95e4066041ad\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S4 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Meldireen\AppData\Roaming\Zoom" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [210400 2022-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2022-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2021-11-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-02] (Microsoft Windows -> Microsoft Corporation) R1 cbfilter20-0; C:\Program Files (x86)\Intego\cbfilter20.sys [434208 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbprocess20-0; C:\Program Files (x86)\Intego\cbprocess20.sys [77344 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbregistry20-0; C:\Program Files (x86)\Intego\cbregistry20.sys [112672 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218496 2022-11-01] (Microsoft Windows -> Microsoft Corporation) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-28] (Intel Corporation -> Intel Corporation) S3 iwf; C:\WINDOWS\system32\DRIVERS\iwf.sys [106328 2022-03-10] (Intego Inc -> Windows (R) Win 7 DDK provider) R0 mtinvme; C:\WINDOWS\System32\drivers\mtinvme.sys [184768 2021-09-01] (Micron Technology, Inc. -> Micron Technology, Inc.) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-09-22] (Microsoft Windows -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WinRing0_1_2_0; C:\Users\Meldireen\AppData\Local\Temp\tmpDAA6.tmp [14544 2022-11-07] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-02] (Microsoft Windows -> Microsoft Corporation) S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2021\WNt600x64\Sandra.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-11-08 20:53 - 2022-11-08 20:53 - 000031503 _____ C:\Users\Meldireen\Desktop\FRST.txt 2022-11-08 20:51 - 2022-11-08 20:51 - 002374656 _____ (Farbar) C:\Users\Meldireen\Desktop\FRST64.exe 2022-11-08 20:43 - 2022-11-08 20:43 - 003509960 _____ (Nicolas Coolman) C:\Users\Meldireen\Downloads\ZHPSuite.exe 2022-11-08 20:43 - 2022-11-08 20:43 - 000000869 _____ C:\Users\Meldireen\Desktop\ZHPSuite.lnk 2022-11-08 19:31 - 2022-11-08 20:48 - 000379294 _____ C:\Users\Meldireen\Desktop\ZHPDiag.txt 2022-11-08 19:27 - 2022-11-08 19:27 - 003311304 _____ (Nicolas Coolman) C:\Users\Meldireen\Downloads\ZHPDiag3.exe 2022-11-08 19:27 - 2022-11-08 19:27 - 000794284 _____ C:\WINDOWS\system32\perfh00C.dat 2022-11-08 19:27 - 2022-11-08 19:27 - 000151932 _____ C:\WINDOWS\system32\perfc00C.dat 2022-11-08 19:27 - 2022-11-08 19:27 - 000000869 _____ C:\Users\Meldireen\Desktop\ZHPDiag.lnk 2022-11-08 19:25 - 2022-11-08 19:25 - 000050295 _____ C:\Users\Meldireen\Downloads\shadowhammercheck.zip 2022-11-08 19:21 - 2022-11-08 19:22 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2022-11-08 19:21 - 2022-11-08 19:21 - 000001957 _____ C:\Users\Public\Desktop\AnyDesk.lnk 2022-11-08 19:21 - 2022-11-08 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk 2022-11-08 19:21 - 2022-11-08 19:21 - 000000000 ____D C:\ProgramData\AnyDesk 2022-11-08 19:20 - 2022-11-08 19:21 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\AnyDesk 2022-11-08 19:20 - 2022-11-08 19:20 - 003999808 _____ (AnyDesk Software GmbH) C:\Users\Meldireen\Downloads\AnyDesk.exe 2022-11-08 19:20 - 2022-11-08 19:20 - 000394240 _____ (Google Inc.) C:\Users\Meldireen\Downloads\gcapi.dll 2022-11-07 21:49 - 2022-11-07 21:49 - 000000000 ____D C:\ProgramData\BSD 2022-11-07 21:42 - 2022-11-07 21:42 - 000000000 ____D C:\Users\Meldireen\Documents\PowerToys 2022-11-07 21:41 - 2022-11-08 19:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys 2022-11-06 18:38 - 2022-11-06 18:38 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{376CE37A-C83F-4C68-AD31-68083ACCA482} 2022-11-06 18:38 - 2022-11-06 18:38 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C5C42878-FFB6-49E2-A817-E44BE19AB231} 2022-11-06 18:28 - 2022-11-06 18:29 - 000000526 _____ C:\siw_debug.txt 2022-11-06 18:13 - 2022-11-06 18:13 - 000000000 ____D C:\Users\Meldireen\Desktop\SDIO_1.12.8.748 2022-11-05 19:47 - 2022-11-05 19:47 - 003305160 _____ (Nicolas Coolman) C:\Users\Meldireen\ZHPCleaner.exe 2022-11-05 19:42 - 2022-11-08 20:53 - 000000000 ____D C:\FRST 2022-11-05 19:17 - 2022-11-05 19:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-11-05 19:08 - 2022-11-05 19:08 - 000000000 _____ C:\Users\Meldireen\Desktop\Nouveau Document texte.txt 2022-11-04 22:21 - 2022-11-04 22:21 - 000000112 ___SH C:\bootTel.dat 2022-11-04 22:21 - 2022-11-04 22:21 - 000000000 ____D C:\WINDOWS\Panther 2022-11-04 21:19 - 2022-11-04 21:19 - 000007605 _____ C:\Users\Meldireen\AppData\Local\Resmon.ResmonCfg 2022-11-04 21:10 - 2022-11-04 21:18 - 000000000 ____D C:\ProgramData\SecTaskMan 2022-11-04 20:55 - 2022-11-06 17:43 - 000000000 ____D C:\KVRT2020_Data 2022-11-04 20:34 - 2022-11-04 20:34 - 000000000 ____D C:\Users\Meldireen\AppData\Local\mbam 2022-11-04 20:33 - 2022-11-04 20:33 - 000000000 ____D C:\Program Files\Malwarebytes 2022-11-01 11:42 - 2022-11-01 11:42 - 000016521 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-11-01 11:41 - 2022-11-01 11:41 - 000094208 _____ C:\WINDOWS\system32\SecureBootEncodeUEFI.exe 2022-11-01 11:41 - 2022-11-01 11:41 - 000062832 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe 2022-11-01 11:39 - 2022-11-01 11:39 - 000000000 ___HD C:\$WinREAgent 2022-10-31 11:57 - 2022-10-31 11:57 - 000000000 ____D C:\Users\Meldireen\AppData\Local\curiosity-updater 2022-10-31 11:57 - 2022-10-31 11:57 - 000000000 ____D C:\Users\Meldireen\AppData\Local\ASP.NET 2022-10-29 18:00 - 2020-12-24 07:31 - 000011528 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbregistryevtmsg.dll 2022-10-29 18:00 - 2020-12-24 07:31 - 000011528 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbprocessevtmsg.dll 2022-10-29 18:00 - 2020-12-24 07:31 - 000011528 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfilterevtmsg.dll 2022-10-29 17:59 - 2022-11-08 19:23 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\Intego 2022-10-29 17:59 - 2022-11-08 19:03 - 000000000 ____D C:\ProgramData\Intego 2022-10-29 17:59 - 2022-10-29 18:00 - 000000000 ____D C:\Program Files (x86)\Intego 2022-10-29 17:59 - 2022-10-29 17:59 - 000001940 _____ C:\Users\Public\Desktop\Intego Antivirus.lnk 2022-10-29 17:59 - 2022-03-10 14:20 - 000106328 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\iwf.sys 2022-10-29 17:59 - 2022-02-02 17:22 - 000210400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2022-10-29 17:59 - 2022-02-02 17:22 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2022-10-29 17:59 - 2021-11-02 10:51 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2022-10-29 17:59 - 2021-11-02 10:51 - 000021976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\amselam.sys 2022-10-27 20:47 - 2022-10-27 20:47 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\dvdcss 2022-10-26 20:15 - 2022-10-26 20:15 - 001133568 _____ C:\Users\Meldireen\Documents\Recepissé La Crapahute 2022.pdf 2022-10-21 21:02 - 2022-10-21 21:02 - 000000000 ____D C:\Users\Meldireen\AppData\Local\MediaHuman 2022-10-21 21:01 - 2022-10-21 21:04 - 000001340 _____ C:\Users\Meldireen\Desktop\MediaHuman YouTube Downloader.lnk 2022-10-21 21:01 - 2022-10-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman 2022-10-21 21:01 - 2022-10-21 21:01 - 000000000 ____D C:\Program Files (x86)\MediaHuman 2022-10-21 20:47 - 2022-10-21 20:47 - 000002020 _____ C:\Users\Public\Desktop\Disk Drill.lnk 2022-10-21 20:47 - 2022-10-21 20:47 - 000000000 ____D C:\Program Files\Dokan 2022-10-21 20:47 - 2022-10-21 20:47 - 000000000 ____D C:\Program Files\CleverFiles 2022-10-21 20:46 - 2022-10-21 20:46 - 000000000 ____D C:\ProgramData\SystemAcCrux 2022-10-21 20:46 - 2022-10-21 20:46 - 000000000 ____D C:\NasCacheDirectory 2022-10-21 20:45 - 2022-10-21 20:45 - 000001074 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk 2022-10-21 20:45 - 2022-10-21 20:45 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\EaseUS 2022-10-21 20:45 - 2022-10-21 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS 2022-10-21 20:45 - 2022-10-21 20:45 - 000000000 ____D C:\Program Files\EaseUS 2022-10-21 20:45 - 2022-10-21 20:45 - 000000000 ____D C:\Program Files (x86)\EaseUS 2022-10-19 07:08 - 2022-10-19 07:08 - 000002228 _____ C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-10-18 20:02 - 2022-10-18 20:02 - 000000000 ____D C:\Users\Meldireen\AppData\LocalLow\Brother 2022-10-12 18:48 - 2022-10-12 18:48 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-10-12 18:48 - 2022-10-12 18:48 - 000000000 ____D C:\Program Files\MSBuild 2022-10-12 18:48 - 2022-10-12 18:48 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-10-12 18:48 - 2022-10-12 18:48 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-10-12 18:45 - 2022-10-12 19:40 - 000000000 ____D C:\Users\Meldireen\Desktop\RatioMaster-1.9.1 2022-10-10 16:36 - 2022-10-10 16:36 - 000000000 ____D C:\Users\Meldireen\Documents\SimCity 2022-10-10 16:36 - 2022-10-10 16:36 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\SimCity 2022-10-10 16:36 - 2022-10-10 16:36 - 000000000 ____D C:\Users\Meldireen\AppData\Local\EALaunchHelper 2022-10-10 16:36 - 2022-10-10 16:36 - 000000000 ____D C:\ProgramData\Origin 2022-10-10 16:16 - 2022-10-10 16:16 - 000001098 _____ C:\Users\Public\Desktop\SimCity™.lnk 2022-10-10 16:16 - 2022-10-10 16:16 - 000000000 ____D C:\ProgramData\Electronic Arts 2022-10-10 16:13 - 2022-10-10 16:16 - 000000000 ____D C:\ProgramData\EA Desktop 2022-10-10 16:13 - 2022-10-10 16:16 - 000000000 ____D C:\Program Files\EA Games 2022-10-10 16:13 - 2022-10-10 16:14 - 000000000 ____D C:\Users\Meldireen\AppData\Local\Origin 2022-10-10 16:13 - 2022-10-10 16:13 - 000002138 _____ C:\Users\Public\Desktop\EA.lnk 2022-10-10 16:13 - 2022-10-10 16:13 - 000000000 ____D C:\Users\Meldireen\AppData\Local\Electronic Arts 2022-10-10 16:13 - 2022-10-10 16:13 - 000000000 ____D C:\Users\Meldireen\AppData\Local\EADesktop 2022-10-10 16:13 - 2022-10-10 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2022-10-10 16:13 - 2022-10-10 16:13 - 000000000 ____D C:\Program Files\Electronic Arts 2022-10-10 10:34 - 2022-10-10 10:37 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\ExifCleaner 2022-10-02 21:02 - 2022-10-02 21:02 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 000157008 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 000105312 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll 2022-10-02 21:01 - 2022-10-02 21:01 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll 2022-10-01 19:05 - 2022-10-01 19:13 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2022-10-01 19:04 - 2022-10-01 19:04 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-MELDIREEN-HOME-Windows-10-Pro-(64-bit).dat 2022-09-30 20:48 - 2022-09-30 20:56 - 000000032 _____ C:\Users\Meldireen\Desktop\LISTE LIVRES.txt 2022-09-25 13:46 - 2022-09-25 13:46 - 000003564 _____ C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kings.lnk 2022-09-25 11:43 - 2022-09-29 21:07 - 000001864 _____ C:\Users\Meldireen\Desktop\Photomatix Pro 6.0.3 (64-bit).lnk 2022-09-25 11:43 - 2022-09-25 11:43 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\HDRsoft 2022-09-25 11:43 - 2022-09-25 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 6.0 2022-09-25 11:43 - 2022-09-25 11:43 - 000000000 ____D C:\Program Files\PhotomatixPro6 2022-09-23 18:25 - 2022-09-23 18:26 - 000000000 ____D C:\ProgramData\Etiam 2022-09-22 19:39 - 2022-09-22 19:39 - 000000000 ____D C:\Users\Meldireen\AppData\Local\OneDrive 2022-09-22 18:14 - 2022-10-22 19:09 - 000000441 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-09-22 18:14 - 2022-09-22 18:14 - 000003524 _____ C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Appstore.lnk 2022-09-22 18:14 - 2022-09-22 18:14 - 000000000 ___HD C:\OneDriveTemp 2022-09-22 18:13 - 2022-11-06 20:20 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2022-09-21 20:04 - 2022-11-08 19:27 - 001801674 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-21 20:02 - 2022-11-08 19:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-09-21 20:02 - 2022-09-21 20:02 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2022-09-21 20:02 - 2022-09-21 20:02 - 000011433 _____ C:\WINDOWS\diagerr.xml 2022-09-21 20:02 - 2022-09-21 20:02 - 000003594 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FEE0CB14-E479-4897-A95C-E1903F033D6B} 2022-09-21 20:02 - 2022-09-21 20:02 - 000003370 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{FB90BBC6-54D4-450D-8047-8A37C65F855C} 2022-09-21 20:02 - 2022-09-21 20:02 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2022-09-21 20:02 - 2022-09-21 20:02 - 000000020 ___SH C:\Users\Meldireen\ntuser.ini 2022-09-21 20:02 - 2022-09-21 20:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software 2022-09-21 20:02 - 2022-09-21 20:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-09-21 20:00 - 2022-11-07 21:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-09-21 20:00 - 2022-11-01 14:26 - 000486560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-09-21 20:00 - 2022-09-21 20:00 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2022-09-21 19:54 - 2022-11-05 19:47 - 000000000 ____D C:\Users\Meldireen 2022-09-21 19:54 - 2022-09-21 20:00 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Voisinage réseau 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Voisinage d'impression 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Modèles 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Mes documents 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Menu Démarrer 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Documents\Mes vidéos 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Documents\Mes images 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\Documents\Ma musique 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-09-21 19:54 - 2022-09-21 19:54 - 000000000 _SHDL C:\Users\Meldireen\AppData\Local\Historique 2022-09-21 19:54 - 2022-05-07 06:19 - 000001281 _____ C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2022-09-21 19:54 - 2022-05-07 06:19 - 000000407 _____ C:\Users\Meldireen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2022-09-21 19:53 - 2022-09-21 19:54 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-09-21 19:49 - 2022-09-21 19:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-09-12 19:36 - 2022-09-12 19:36 - 000000000 ____D C:\Users\Meldireen\Documents\Projets Photostage 2022-09-12 18:58 - 2022-09-21 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite NCH Software 2022-09-12 18:58 - 2022-09-12 18:58 - 000001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoStage - Créateur de diaporamas.lnk 2022-09-12 18:58 - 2022-09-12 18:58 - 000001255 _____ C:\Users\Public\Desktop\PhotoStage - Créateur de diaporamas.lnk 2022-09-12 18:58 - 2022-09-12 18:58 - 000000000 ____D C:\ProgramData\NCH Software 2022-09-12 18:58 - 2022-09-12 18:58 - 000000000 ____D C:\Program Files (x86)\NCH Software 2022-09-12 10:21 - 2022-09-12 10:21 - 000000000 ____D C:\Users\Meldireen\AppData\Local\cache 2022-09-03 17:59 - 2022-09-03 17:59 - 000000000 ____D C:\Users\Meldireen\AppData\Local\InPixio 2022-09-03 17:38 - 2022-09-03 10:44 - 411723559 _____ (InPixio) C:\Users\Meldireen\Desktop\LauncherIP10.exe 2022-09-03 12:39 - 2022-10-21 21:34 - 000000000 ____D C:\Users\Meldireen\.fontconfig 2022-08-22 14:21 - 2022-10-21 22:08 - 000000000 ____D C:\Users\Meldireen\dwhelper 2022-08-22 14:21 - 2022-08-22 14:21 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp 2022-08-19 11:20 - 2022-11-08 20:48 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\ZHP 2022-08-19 11:20 - 2022-11-08 20:43 - 000000000 ____D C:\Users\Meldireen\AppData\Local\ZHP 2022-08-19 11:20 - 2022-11-05 19:47 - 000000738 _____ C:\Users\Meldireen\Desktop\ZHPCleaner.lnk 2022-08-19 11:17 - 2022-08-19 11:19 - 000000000 ____D C:\AdwCleaner 2022-08-17 18:38 - 2022-08-17 18:38 - 000000000 ____D C:\Users\Meldireen\AppData\Local\CEWE 2022-08-17 18:37 - 2022-08-18 21:05 - 000000000 ____D C:\Program Files\PHOTO E Leclerc 2022-08-17 18:30 - 2022-08-17 18:32 - 000001141 _____ C:\WINDOWS\Active Setup Log.txt 2022-08-17 18:30 - 2022-08-17 18:31 - 000001141 _____ C:\WINDOWS\Active Setup Log.BAK 2022-08-11 14:34 - 2022-08-11 14:34 - 000000000 ____D C:\Users\Meldireen\AppData\Local\SolidDocuments ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-11-08 20:52 - 2022-06-26 20:16 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\TeraCopy 2022-11-08 20:08 - 2022-06-30 18:58 - 000000000 ____D C:\Program Files (x86)\Google 2022-11-08 19:27 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2022-11-08 19:26 - 2022-06-26 20:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-11-08 19:25 - 2022-06-26 20:17 - 000000000 ____D C:\Users\Meldireen\AppData\LocalLow\Mozilla 2022-11-08 19:24 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2022-11-08 19:24 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-11-08 19:22 - 2022-06-26 20:02 - 000012288 ___SH C:\DumpStack.log.tmp 2022-11-08 19:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-11-08 19:22 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-11-07 22:06 - 2022-06-27 09:22 - 000000000 ____D C:\Users\Meldireen\AppData\Local\D3DSCache 2022-11-07 21:49 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-11-07 21:49 - 2019-12-07 10:14 - 000000155 _____ C:\WINDOWS\win.ini 2022-11-07 21:41 - 2022-07-11 07:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview) 2022-11-07 21:41 - 2022-07-11 07:58 - 000000000 ____D C:\Program Files\PowerToys 2022-11-07 21:41 - 2022-06-26 20:08 - 000000000 ____D C:\ProgramData\Package Cache 2022-11-07 21:41 - 2022-06-26 20:04 - 000000000 ____D C:\Users\Meldireen\AppData\Local\Packages 2022-11-07 21:41 - 2022-06-26 20:04 - 000000000 ____D C:\ProgramData\Packages 2022-11-07 21:36 - 2022-08-01 19:54 - 000000000 ____D C:\Users\Meldireen\AppData\Local\CrashDumps 2022-11-07 20:43 - 2021-12-03 18:13 - 000000000 ____D C:\Users\Meldireen\Documents\Fichiers Outlook 2022-11-07 15:12 - 2022-08-04 07:21 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-11-07 15:12 - 2022-08-04 07:21 - 000001863 _____ C:\Users\Meldireen\Desktop\Google Drive.lnk 2022-11-06 17:43 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-11-06 12:00 - 2022-07-06 19:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-11-06 12:00 - 2022-06-26 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-11-05 19:17 - 2022-06-26 20:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-11-05 19:17 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-11-05 19:16 - 2022-07-20 18:15 - 000000000 ____D C:\Program Files (x86)\IObit 2022-11-05 19:14 - 2022-06-26 20:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-11-04 21:36 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-11-04 21:07 - 2022-07-11 08:31 - 000000000 ____D C:\ProgramData\NVIDIA 2022-11-03 08:12 - 2022-06-30 18:58 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-11-03 08:12 - 2022-06-30 18:58 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-11-02 21:46 - 2022-06-26 20:31 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\vlc 2022-11-01 17:10 - 2022-06-26 13:42 - 000000000 ___RD C:\Users\Meldireen\Desktop\Mairie 2022-11-01 16:37 - 2022-06-26 20:12 - 000000000 ____D C:\Users\Meldireen\AppData\Local\Comms 2022-11-01 14:25 - 2022-05-07 11:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-11-01 14:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-29 18:02 - 2022-07-11 08:31 - 000000000 ____D C:\Users\Meldireen\AppData\Local\NVIDIA 2022-10-24 17:48 - 2022-06-26 13:43 - 000000000 ___RD C:\Users\Meldireen\Desktop\Numérisations 2022-10-22 19:16 - 2022-06-26 20:06 - 000000000 ___RD C:\Users\Meldireen\OneDrive 2022-10-22 19:12 - 2022-06-26 20:16 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2022-10-22 19:12 - 2022-06-26 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-10-21 22:18 - 2022-06-26 12:25 - 000000000 ____D C:\Users\Meldireen\Desktop\Bibliographie James Rollins 2022-10-21 21:48 - 2022-06-30 18:58 - 000000000 ____D C:\Program Files\Google 2022-10-21 20:48 - 2022-06-26 13:00 - 000000000 ____D C:\Users\Meldireen\Desktop\Logiciels 2022-10-19 07:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-10-19 07:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-10-18 20:02 - 2022-06-29 18:13 - 000000000 ____D C:\Users\Meldireen\AppData\Roaming\Brother 2022-10-14 07:18 - 2022-06-26 20:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-10-11 20:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-10-11 20:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-11 19:24 - 2022-07-11 07:57 - 000000000 ____D C:\Program Files\dotnet 2022-10-11 19:24 - 2022-06-26 20:15 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-11 19:22 - 2022-06-26 20:15 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-10 17:07 - 2022-06-26 13:42 - 000000000 ___RD C:\Users\Meldireen\Desktop\Caisses à Savon 2022-10-10 17:07 - 2022-06-26 12:25 - 000000000 ___RD C:\Users\Meldireen\Desktop\Famille ==================== Fichiers à la racine de certains dossiers ======== 2022-11-05 19:47 - 2022-11-05 19:47 - 003305160 _____ (Nicolas Coolman) C:\Users\Meldireen\ZHPCleaner.exe 2022-06-26 20:55 - 2022-06-26 20:55 - 000000410 _____ () C:\Users\Meldireen\AppData\Local\oobelibMkey.log 2022-11-04 21:19 - 2022-11-04 21:19 - 000007605 _____ () C:\Users\Meldireen\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2022-06-27 09:32 - 2017-02-20 17:43 - 000317952 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll 2016-11-15 11:18 - 2016-11-15 11:18 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2016-11-15 11:18 - 2016-11-15 11:18 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2016-11-15 11:19 - 2016-11-15 11:19 - 000004608 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2016-11-15 11:18 - 2016-11-15 11:18 - 000216064 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2022-11-05 19:47 - 2022-11-05 19:47 - 003305160 _____ (Nicolas Coolman) C:\Users\Meldireen\ZHPCleaner.exe 2022-11-08 20:51 - 2022-11-08 20:51 - 002374656 _____ (Farbar) C:\Users\Meldireen\Desktop\FRST64.exe 2022-09-03 17:38 - 2022-09-03 10:44 - 411723559 _____ (InPixio) C:\Users\Meldireen\Desktop\LauncherIP10.exe 2022-06-26 12:41 - 2022-01-02 12:46 - 036852224 _____ C:\Users\Meldireen\Desktop\MKV FIX - DTS TO AC3.exe 2022-06-27 09:07 - 2022-01-18 17:46 - 012725248 _____ (Veridium Software) C:\Users\Meldireen\Desktop\WinDataReflector.exe 2022-11-08 19:20 - 2022-11-08 19:20 - 000394240 _____ (Google Inc.) C:\Users\Meldireen\Downloads\gcapi.dll 2022-11-08 19:27 - 2022-11-08 19:27 - 003311304 _____ (Nicolas Coolman) C:\Users\Meldireen\Downloads\ZHPDiag3.exe 2022-11-08 20:43 - 2022-11-08 20:43 - 003509960 _____ (Nicolas Coolman) C:\Users\Meldireen\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {c3186c00-5e7f-11ed-8110-806e6f6e6963} {c3186c01-5e7f-11ed-8110-806e6f6e6963} {c3186c02-5e7f-11ed-8110-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {78e1f3b7-f58a-11ec-998e-a5eabb2ab292} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {c3186c00-5e7f-11ed-8110-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {c3186c01-5e7f-11ed-8110-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {c3186c02-5e7f-11ed-8110-806e6f6e6963} description UEFI:Network Device Chargeur de d‚marrage Windows ----------------------------- identificateur {78e1f3b0-f58a-11ec-998e-a5eabb2ab292} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{78e1f3b1-f58a-11ec-998e-a5eabb2ab292} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{78e1f3b1-f58a-11ec-998e-a5eabb2ab292} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {78e1f3ba-f58a-11ec-998e-a5eabb2ab292} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {78e1f3b7-f58a-11ec-998e-a5eabb2ab292} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de d‚marrage Windows ----------------------------- identificateur {78e1f3ba-f58a-11ec-998e-a5eabb2ab292} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{78e1f3bb-f58a-11ec-998e-a5eabb2ab292} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{78e1f3bb-f58a-11ec-998e-a5eabb2ab292} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {78e1f3b7-f58a-11ec-998e-a5eabb2ab292} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {78e1f3ba-f58a-11ec-998e-a5eabb2ab292} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {78e1f3bb-f58a-11ec-998e-a5eabb2ab292} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================