Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023 Exécuté par Administrator (administrateur) sur ANIMIX (ASUS System Product Name) (12-10-2023 18:07:23) Exécuté depuis C:\Users\Administrator\Desktop\FRST64.exe Profils chargés: Administrator Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3570 (X64) Langue: Anglais (États-Unis) -> Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\Administrator\Downloads\ZHPSuite.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-10-11] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana;cortana-language;windowsinsider;windowsinsider-optin;windowsdefender;findmydevice HKLM\...\Policies\Explorer: [DisableThumbnails] 0 HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION HKU\S-1-5-21-2867152896-4197417823-499447609-500\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2655848 2023-10-06] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2867152896-4197417823-499447609-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2867152896-4197417823-499447609-500\...\Policies\Explorer: [DisableThumbnails] 0 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\118.0.5993.71\Installer\chrmstp.exe [2023-10-11] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {5A89902F-6F65-4B82-9F5B-7232EB5FC906} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-10-11] (Avast Software s.r.o. -> AVAST Software) Task: {B9511CD1-9B57-43FC-9A92-68AC0270843A} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294232 2023-10-11] (Avast Software s.r.o. -> AVAST Software) Task: {F3FC9450-3702-4647-BC80-6818349E92EC} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4758936 2023-10-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (l'élément de données a 70 caractères en plus). Task: {DC3113AF-C558-4486-BD21-E2CB2E64C41F} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7212952 2023-07-18] (Avast Software s.r.o. -> Avast Software) Task: {23DE1D74-C2D8-4BBC-A3C0-5D7CCB0C63D3} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4758936 2023-10-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (l'élément de données a 99 caractères en plus). Task: {1D995C86-83ED-4C43-9AB6-7197829DD79A} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7212952 2023-08-02] (Avast Software s.r.o. -> Avast Software) Task: {36D647BF-2543-4D62-8FAD-93E5AE1A79B1} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4759448 2023-10-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus). Task: {3A8CC5C0-2115-460E-8333-7A776DD8934D} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-07-18] (Avast Software s.r.o. -> Avast Software) Task: {7615D71A-EBC4-4BBE-A436-58FFEDBD0FDE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-10-11] (Avast Software s.r.o. -> Avast Software) Task: {6B069188-B7F2-44D0-9072-7808505F586A} - System32\Tasks\GoogleUpdateTaskMachineCore{1366D6D5-397E-4D4E-9C1D-6EBD610FF2A4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-11] (Google LLC -> Google LLC) Task: {A60F75AA-2482-413A-960F-CB52CE85C17C} - System32\Tasks\GoogleUpdateTaskMachineUA{2FEF3853-CD8D-4FE8-8C4D-E10F22920952} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-11] (Google LLC -> Google LLC) Task: {76AF7319-1E53-44D8-9944-258310D8AAE1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60368 2023-10-11] (HP Inc. -> HP Inc.) Task: {CFAF427B-47B0-4AB5-AF35-515C705C499D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60368 2023-10-11] (HP Inc. -> HP Inc.) Task: {559B0F92-63C4-4001-AE5E-A650091C71B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (Pas de fichier) Task: {DB1218E6-F693-4F20-BC36-E62D6CB63AB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup (Pas de fichier) Task: {4680A8DF-7B63-403E-ABB1-3FA7B77DE631} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob (Pas de fichier) Task: {E559FBB0-7370-4985-90DD-5D6B10DFC5F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{03b5722d-0026-4a8f-83a6-432f1a2bccff}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-12] Edge Extension: (Google Docs hors connexion) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-12] Edge Extension: (Edge relevant text changes) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-12] Chrome: ======= CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2023-10-12] CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=mgn_togoo_16_14¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3DManganese%26cd%3D2XzuyEtN2Y1L1Qzu0FtD0D0E0FtCtD0B0BtDtAzyyD0F0C0DtN0D0Tzu0StCyDyDzztN1L2XzutAtFtCyBtFtCtDtFzytN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyByDtCzytC0EtCyCtGyCtCyC0EtG0E0AyE0BtGtDtAtAyEtGyE0ByC0AtAyCtA0CyCtAtCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0FtBzzyD0BtDtGtDyDyDyEtGyEyDyEyCtG0AyC0C0CtGyE0AtC0AtDtB0BzztByC0FyD2QtN0A0LzuyE%26cr%3D1243871185%26a%3Dmgn_togoo_16_14%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm","hxxp://iron-start.com/","hxxps://www.google.com/" CHR DefaultSearchKeyword: Default -> google.com_ CHR Extension: (uBlock Origin) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-10-11] CHR Extension: (Manga Shonen Gratuit) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjccdgegdlbcdhliofbnjepoklmpdje [2023-10-11] CHR Extension: (WooCommerce AliExpress Dropshipping Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egamhjcccjiflajhhinondgonlldjgba [2023-10-11] CHR Extension: (Cloud SWF Player with Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2023-10-11] CHR Extension: (Google Docs hors connexion) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-11] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-10-11] CHR Extension: (Antidote) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2023-10-11] CHR Extension: (Poulpeo : cashback, réductions et codes promo) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelehponoadknmgbnmgkcniabpopckme [2023-10-11] CHR Extension: (Connecteur Antidote) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2023-10-11] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-11] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [842128 2023-10-11] (ASUSTeK Computer Inc. -> ) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2304920 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17765272 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9697688 2023-10-11] (Avast Software s.r.o. -> AVAST Software) R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11126376 2023-10-06] (Electronic Arts, Inc. -> Electronic Arts) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-10-11] (HP Inc. -> HP Inc.) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10781080 2023-10-11] (Avast Software s.r.o. -> AVAST Software) S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2023-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) U3 cbdhsvc_59ed3; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-12 18:07 - 2023-10-12 18:08 - 000018914 _____ C:\Users\Administrator\Desktop\FRST.txt 2023-10-12 18:05 - 2023-10-12 18:07 - 000000000 ____D C:\FRST 2023-10-12 18:05 - 2023-10-12 18:05 - 002383360 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe 2023-10-12 18:02 - 2023-10-12 18:02 - 000236877 _____ C:\Users\Administrator\Desktop\ZHPDiag.txt 2023-10-12 17:57 - 2023-10-12 18:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ZHP 2023-10-12 17:57 - 2023-10-12 17:57 - 003511968 _____ (Nicolas Coolman) C:\Users\Administrator\Downloads\ZHPSuite.exe 2023-10-12 17:57 - 2023-10-12 17:57 - 000000873 _____ C:\Users\Administrator\Desktop\ZHPSuite.lnk 2023-10-12 17:57 - 2023-10-12 17:57 - 000000000 ____D C:\Users\Administrator\AppData\Local\ZHP 2023-10-12 14:44 - 2023-10-12 14:52 - 000000000 ____D C:\Users\Administrator\AppData\Local\Origin 2023-10-12 14:44 - 2023-10-12 14:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\EADesktop 2023-10-12 14:44 - 2023-10-12 14:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache 2023-10-12 14:43 - 2023-10-12 14:52 - 000000000 ____D C:\ProgramData\EA Desktop 2023-10-12 14:43 - 2023-10-12 14:43 - 000002098 _____ C:\Users\Public\Desktop\EA.lnk 2023-10-12 14:43 - 2023-10-12 14:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\Electronic Arts 2023-10-12 14:43 - 2023-10-12 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2023-10-12 14:43 - 2023-10-12 14:43 - 000000000 ____D C:\Program Files\Electronic Arts 2023-10-12 14:43 - 2023-10-12 14:43 - 000000000 ____D C:\Program Files\EA Games 2023-10-12 14:42 - 2023-10-12 14:43 - 000000000 ____D C:\ProgramData\Package Cache 2023-10-12 14:42 - 2023-10-12 14:42 - 002488392 _____ (Electronic Arts) C:\Users\Administrator\Downloads\EAappInstaller.exe 2023-10-12 13:40 - 2023-10-12 13:40 - 000012214 _____ C:\Users\Administrator\Downloads\yyh.webp 2023-10-12 10:59 - 2023-10-12 10:59 - 000000000 ____D C:\ProgramData\PLUG 2023-10-11 23:02 - 2023-10-11 23:03 - 000297344 _____ C:\Windows\system32\FNTCACHE.DAT 2023-10-11 22:52 - 2023-10-11 22:52 - 000000000 ____D C:\Program Files\RUXIM 2023-10-11 22:35 - 2023-10-11 22:35 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Avast Software 2023-10-11 22:35 - 2023-10-11 22:35 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF 2023-10-11 22:35 - 2023-10-11 22:35 - 000000000 ____D C:\Users\Administrator\AppData\Local\Avast Software 2023-10-11 22:34 - 2023-10-11 22:34 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk 2023-10-11 22:34 - 2023-10-11 22:34 - 000002098 _____ C:\Users\Public\Desktop\Avast One.lnk 2023-10-11 22:26 - 2023-10-11 22:22 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2023-10-11 22:23 - 2023-10-12 11:13 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2023-10-11 22:23 - 2023-10-11 22:23 - 000040344 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe 2023-10-11 22:23 - 2023-10-11 22:23 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2023-10-11 22:23 - 2023-10-11 14:24 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update 2023-10-11 22:22 - 2023-10-11 22:23 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2023-10-11 22:22 - 2023-10-11 22:23 - 000000000 ____D C:\Program Files\Avast Software 2023-10-11 22:22 - 2023-10-11 22:22 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll 2023-10-11 22:22 - 2023-10-11 22:22 - 000263576 _____ (AVAST Software) C:\Users\Administrator\Downloads\avast_one_setup_online.exe 2023-10-11 22:22 - 2023-10-11 14:24 - 000000000 ____D C:\ProgramData\Avast Software 2023-10-11 22:10 - 2023-10-11 22:10 - 013988688 _____ C:\Users\Administrator\Downloads\bitdefender_avfree (1).exe 2023-10-11 22:09 - 2023-10-11 22:09 - 013988688 _____ C:\Users\Administrator\Downloads\bitdefender_avfree.exe 2023-10-11 22:06 - 2023-10-11 22:06 - 000000000 ____D C:\Windows\system32\Tasks\HP 2023-10-11 22:05 - 2023-10-11 22:05 - 000000000 ____D C:\Windows\CSC 2023-10-11 22:04 - 2023-10-11 22:04 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2023-10-11 21:31 - 2023-10-11 21:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\wget 2023-10-11 21:25 - 2023-10-11 21:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-10-11 21:25 - 2023-10-11 21:33 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-10-11 21:25 - 2023-10-11 21:26 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-11 21:25 - 2023-10-11 21:26 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-10-11 21:16 - 2023-10-12 17:56 - 000000000 ____D C:\Windows\SystemTemp 2023-10-11 21:16 - 2023-10-11 21:16 - 000000000 ____D C:\Windows\system32\Drivers\mde 2023-10-11 21:11 - 2023-10-11 21:11 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2023-10-11 20:34 - 2023-10-11 20:34 - 000000000 ____D C:\Program Files\chrome_BITS_6708_2016941425 2023-10-11 19:26 - 2023-10-11 19:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA 2023-10-11 19:25 - 2023-10-11 22:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp 2023-10-11 19:25 - 2023-10-11 22:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Discord 2023-10-11 19:25 - 2023-10-11 22:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\discord 2023-10-11 19:25 - 2023-10-11 19:25 - 095778080 _____ (Discord Inc.) C:\Users\Administrator\Downloads\DiscordSetup.exe 2023-10-11 19:25 - 2023-10-11 19:25 - 095778080 _____ (Discord Inc.) C:\Users\Administrator\Downloads\DiscordSetup (1).exe 2023-10-11 19:25 - 2023-10-11 19:25 - 000002267 _____ C:\Users\Administrator\Desktop\Discord.lnk 2023-10-11 19:25 - 2023-10-11 19:25 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2023-10-11 19:18 - 2023-10-11 19:18 - 000113258 _____ C:\Users\Administrator\Downloads\s2-a754256496052fa6eb6f89969e510afa.webp 2023-10-11 19:05 - 2023-10-11 19:18 - 000000000 ____D C:\Users\Administrator\Documents\fanzine 2023-10-11 19:01 - 2023-10-11 19:01 - 008045763 _____ C:\Users\Administrator\Downloads\Association-Animix.rar 2023-10-11 19:01 - 2023-10-11 19:01 - 000001092 _____ C:\Users\Public\Desktop\OpenOffice 4.1.14.lnk 2023-10-11 19:01 - 2023-10-11 19:01 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14 2023-10-11 19:01 - 2023-10-11 19:01 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2023-10-11 19:01 - 2023-02-16 21:44 - 000000000 ____D C:\Users\Administrator\Desktop\Association Animix 2023-10-11 18:54 - 2023-10-11 18:54 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\MMC 2023-10-11 18:50 - 2023-10-11 18:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoFiltre 7 2023-10-11 18:50 - 2023-10-11 18:50 - 005202180 _____ C:\Users\Administrator\Downloads\pf7-setup-fr-7.2.1.exe 2023-10-11 18:50 - 2023-10-11 18:50 - 000001131 _____ C:\Users\Administrator\Desktop\PhotoFiltre 7.lnk 2023-10-11 18:50 - 2023-10-11 18:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 2023-10-11 18:50 - 2023-10-11 18:50 - 000000000 ____D C:\Program Files (x86)\PhotoFiltre 7 2023-10-11 18:48 - 2023-10-11 18:48 - 133800728 _____ (Apache Software Foundation) C:\Users\Administrator\Downloads\Apache_OpenOffice_4.1.14_Win_x86_install_fr.exe 2023-10-11 18:48 - 2023-10-11 18:48 - 000000000 ____D C:\Users\Administrator\Documents\OpenOffice 4.1.14 (fr) Installation Files 2023-10-11 18:45 - 2023-10-11 18:45 - 005276091 _____ C:\Users\Administrator\Downloads\pf7-fr-7.2.1.zip 2023-10-11 18:32 - 2023-10-11 18:32 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\InputMethod 2023-10-11 18:19 - 2023-10-11 18:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms 2023-10-11 16:30 - 2023-10-11 16:30 - 000016059 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2023-10-11 16:30 - 2023-10-11 16:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR 2023-10-11 16:11 - 2023-10-11 16:11 - 000001100 _____ C:\Users\Administrator\Desktop\WinRAR.lnk 2023-10-11 16:10 - 2023-10-11 16:10 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2023-10-11 16:10 - 2023-10-11 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2023-10-11 16:10 - 2023-10-11 16:10 - 000000000 ____D C:\Program Files\WinRAR 2023-10-11 16:03 - 2023-10-11 16:03 - 000000000 ___HD C:\$WinREAgent 2023-10-11 16:01 - 2023-10-11 22:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-10-11 15:59 - 2023-10-11 15:59 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2023-10-11 15:59 - 2023-10-11 15:59 - 000000000 ____D C:\Program Files\PCHealthCheck 2023-10-11 15:35 - 2023-10-12 15:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache 2023-10-11 15:33 - 2023-10-12 17:56 - 000000000 ____D C:\Program Files (x86)\Google 2023-10-11 15:33 - 2023-10-11 21:23 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-10-11 15:33 - 2023-10-11 21:23 - 000002164 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-10-11 15:33 - 2023-10-11 15:33 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{2FEF3853-CD8D-4FE8-8C4D-E10F22920952} 2023-10-11 15:33 - 2023-10-11 15:33 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{1366D6D5-397E-4D4E-9C1D-6EBD610FF2A4} 2023-10-11 15:33 - 2023-10-11 15:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google 2023-10-11 15:33 - 2023-10-11 15:33 - 000000000 ____D C:\Program Files\Google 2023-10-11 15:33 - 2023-10-11 15:33 - 000000000 ____D C:\Program Files\Crashpad 2023-10-11 15:29 - 2023-10-12 11:14 - 000753392 _____ C:\Windows\system32\perfh00C.dat 2023-10-11 15:29 - 2023-10-12 11:14 - 000141548 _____ C:\Windows\system32\perfc00C.dat 2023-10-11 15:29 - 2023-10-11 21:17 - 000000000 ____D C:\Windows\SysWOW64\fr 2023-10-11 15:29 - 2023-10-11 21:16 - 000000000 ____D C:\Windows\system32\fr 2023-10-11 15:29 - 2023-10-11 21:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-10-11 15:29 - 2023-10-11 21:16 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-11 15:29 - 2023-10-11 21:16 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-11 15:23 - 2023-10-11 15:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder 2023-10-11 15:22 - 2023-10-11 15:32 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling 2023-10-11 15:09 - 2023-10-11 15:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA 2023-10-11 15:09 - 2023-10-11 15:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\DBG 2023-10-11 15:08 - 2023-10-11 22:01 - 000000000 ____D C:\ProgramData\Packages 2023-10-11 15:08 - 2023-10-11 15:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-10-11 15:07 - 2023-10-11 17:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-10-11 15:07 - 2023-10-11 15:07 - 000000000 ____D C:\Windows\system32\lxss 2023-10-11 15:07 - 2023-10-11 15:07 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2023-10-11 15:07 - 2023-10-11 14:23 - 000000000 ____D C:\ProgramData\NVIDIA 2023-10-11 15:06 - 2023-06-21 11:50 - 001487856 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2023-10-11 15:06 - 2023-06-21 11:50 - 001227248 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2023-10-11 15:06 - 2023-06-21 11:50 - 000848936 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2023-10-11 15:06 - 2023-06-21 11:50 - 000848936 _____ C:\Windows\system32\vulkaninfo.exe 2023-10-11 15:06 - 2023-06-21 11:50 - 000713768 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-10-11 15:06 - 2023-06-21 11:50 - 000713768 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2023-10-11 15:06 - 2023-06-21 11:50 - 000653352 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2023-10-11 15:06 - 2023-06-21 11:50 - 000653352 _____ C:\Windows\system32\vulkan-1.dll 2023-10-11 15:06 - 2023-06-21 11:50 - 000636968 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2023-10-11 15:06 - 2023-06-21 11:50 - 000636968 _____ C:\Windows\SysWOW64\vulkan-1.dll 2023-10-11 15:06 - 2023-06-21 11:46 - 000933896 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2023-10-11 15:06 - 2023-06-21 11:46 - 000668688 _____ C:\Windows\system32\nvofapi64.dll 2023-10-11 15:06 - 2023-06-21 11:46 - 000504352 _____ C:\Windows\SysWOW64\nvofapi.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 002167824 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 001621520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 001537504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 001195024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 000992272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 000777200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2023-10-11 15:06 - 2023-06-21 11:45 - 000768520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2023-10-11 15:06 - 2023-06-21 11:45 - 000131560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2023-10-11 15:06 - 2023-06-21 11:44 - 014520288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 012066800 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 006190088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 005844496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 005550624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 003482592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2023-10-11 15:06 - 2023-06-21 11:44 - 000853536 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2023-10-11 15:06 - 2023-06-21 11:44 - 000459760 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2023-10-11 15:06 - 2023-06-21 11:43 - 007858112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2023-10-11 15:06 - 2023-06-21 11:43 - 006736984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2023-10-11 15:06 - 2023-06-21 11:12 - 000107938 _____ C:\Windows\system32\nvinfo.pb 2023-10-06 16:58 - 2023-10-06 16:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub 2023-09-13 03:16 - 2023-09-13 03:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2023-09-13 03:15 - 2023-10-11 14:23 - 000880672 _____ C:\Windows\system32\wpbbin.exe 2023-09-13 03:15 - 2023-10-11 14:23 - 000842128 _____ C:\Windows\system32\AsusUpdateCheck.exe 2023-09-13 03:15 - 2023-10-11 14:23 - 000008192 ___SH C:\DumpStack.log.tmp 2023-09-13 03:15 - 2023-09-13 03:15 - 000000000 ____D C:\ProgramData\ASUS 2023-09-12 18:29 - 2023-10-12 11:14 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI 2023-09-12 18:21 - 2023-09-12 18:21 - 000000874 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2023-09-12 18:21 - 2023-09-12 18:21 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2023-09-12 18:21 - 2023-09-12 18:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf 2023-09-12 18:21 - 2023-09-12 18:21 - 000000000 ____D C:\Windows\AMDTAs 2023-09-12 18:21 - 2023-09-12 18:21 - 000000000 ____D C:\Program Files\CPUID 2023-09-12 18:20 - 2023-10-11 22:43 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2023-09-12 18:20 - 2023-10-11 22:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages 2023-09-12 18:20 - 2023-10-11 21:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform 2023-09-12 18:20 - 2023-10-11 20:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows 2023-09-12 18:20 - 2023-10-06 16:48 - 000000000 ____D C:\Users\Administrator 2023-09-12 18:20 - 2023-09-12 18:20 - 000338272 _____ () C:\Windows\system32\AsusDownLoadLicense.exe 2023-09-12 18:20 - 2023-09-12 18:20 - 000000020 ___SH C:\Users\Administrator\ntuser.ini 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ___RD C:\Users\Administrator\3D Objects 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault 2023-09-12 18:20 - 2023-09-12 18:20 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-12 14:02 - 2021-03-28 14:39 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-10-12 13:22 - 2021-03-27 23:28 - 000000000 ____D C:\Program Files\WindowsApps 2023-10-12 13:22 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness 2023-10-12 13:19 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-10-12 11:14 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF 2023-10-11 23:01 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp 2023-10-11 22:49 - 2021-03-28 14:41 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-10-11 22:43 - 2021-03-27 23:27 - 000000000 ____D C:\Program Files\7-Zip 2023-10-11 22:39 - 2021-03-28 15:39 - 000000000 ____D C:\Windows\Panther 2023-10-11 22:26 - 2019-12-07 09:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-10-11 22:05 - 2019-12-07 09:51 - 000000000 ____D C:\Windows\system32\FxsTmp 2023-10-11 22:05 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\spool 2023-10-11 21:50 - 2021-03-27 23:27 - 000000000 ____D C:\Ghost Toolbox 2023-10-11 21:27 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Sysprep 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\migwiz 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lv-LV 2023-10-11 21:17 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lt-LT 2023-10-11 21:16 - 2019-12-07 09:54 - 000000000 ___SD C:\Windows\system32\AppV 2023-10-11 21:16 - 2019-12-07 09:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-11 21:16 - 2019-12-07 09:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\F12 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemApps 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\et-EE 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Dism 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\DDFs 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Com 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\appraiser 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellComponents 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\Provisioning 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\IME 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\DiagTrack 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\appcompat 2023-10-11 21:16 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-11 21:16 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\servicing 2023-10-11 18:48 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-10-11 16:46 - 2019-12-07 09:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2023-10-11 16:46 - 2019-12-07 09:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-10-11 16:46 - 2019-12-07 09:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\SysWOW64\winrm 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\SysWOW64\WCN 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\SysWOW64\slmgr 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\system32\winrm 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\system32\WCN 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\system32\slmgr 2023-10-11 15:29 - 2019-12-07 09:50 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2023-10-11 15:29 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\dsc 2023-10-11 15:24 - 2019-12-07 09:52 - 000000000 ____D C:\Windows\OCR 2023-10-11 14:23 - 2021-03-28 14:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-10-11 14:20 - 2019-12-07 09:03 - 000262144 _____ C:\Windows\system32\config\BBI 2023-09-13 04:14 - 2019-12-07 09:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2023-09-13 03:22 - 2019-12-07 09:54 - 000005678 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2023-09-12 18:27 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-09-12 18:21 - 2019-12-07 09:18 - 000000000 ____D C:\Windows\Setup 2023-09-12 18:20 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\USOPrivate ==================== SigCheckExt ========================= 2021-03-27 23:27 - 2019-12-07 09:08 - 000231424 _____ (nhutils) C:\Windows\system32\nhcolor.exe 2021-03-27 23:27 - 2019-12-07 09:08 - 000121344 _____ (M2-Team) C:\Windows\system32\NSudoLG.exe 2021-03-27 23:27 - 2019-12-07 09:08 - 000697856 _____ (Microsoft Corporation) C:\Windows\system32\win32calc.exe 2023-10-12 18:05 - 2023-10-12 18:05 - 002383360 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe 2023-10-11 18:50 - 2023-10-11 18:50 - 005202180 _____ C:\Users\Administrator\Downloads\pf7-setup-fr-7.2.1.exe 2023-10-12 17:57 - 2023-10-12 17:57 - 003511968 _____ (Nicolas Coolman) C:\Users\Administrator\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {343f9d2c-0c4e-11ee-9480-806e6f6e6963} {bd931d93-6841-11ee-adbc-806e6f6e6963} {bd931d94-6841-11ee-adbc-806e6f6e6963} {bd931d95-6841-11ee-adbc-806e6f6e6963} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume5 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {3bfd7967-51eb-11ee-90dd-c887f2a7b47d} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {343f9d2c-0c4e-11ee-9480-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\kali\grubx64.efi description kali Application logicielle (101fffff) -------------------------------- identificateur {bd931d93-6841-11ee-adbc-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {bd931d94-6841-11ee-adbc-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {bd931d95-6841-11ee-adbc-806e6f6e6963} description UEFI:Network Device Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale en-US inherit {bootloadersettings} recoverysequence {3bfd7969-51eb-11ee-90dd-c887f2a7b47d} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {3bfd7967-51eb-11ee-90dd-c887f2a7b47d} nx OptOut bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {3bfd7969-51eb-11ee-90dd-c887f2a7b47d} device ramdisk=[\Device\HarddiskVolume9]\Recovery\WindowsRE\Winre.wim,{3bfd796a-51eb-11ee-90dd-c887f2a7b47d} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume9]\Recovery\WindowsRE\Winre.wim,{3bfd796a-51eb-11ee-90dd-c887f2a7b47d} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {c200799d-b741-11ed-b223-9e5a0c8ff806} device ramdisk=[\Device\HarddiskVolume9]\Recovery\WindowsRE\Winre.wim,{c200799e-b741-11ed-b223-9e5a0c8ff806} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume9]\Recovery\WindowsRE\Winre.wim,{c200799e-b741-11ed-b223-9e5a0c8ff806} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {3bfd7967-51eb-11ee-90dd-c887f2a7b47d} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {3bfd7969-51eb-11ee-90dd-c887f2a7b47d} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume5 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {3bfd796a-51eb-11ee-90dd-c887f2a7b47d} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume9 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de périphérique ----------------------- identificateur {c200799e-b741-11ed-b223-9e5a0c8ff806} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume9 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================