Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021 Exécuté par jpb10 (administrateur) sur DESKTOP-JPB (MEDION Akoya P5321 I/C067) (07-01-2022 12:28:38) Exécuté depuis D:\Dossier mail et système\Bureau\bureau Profils chargés: jpb10 Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12> (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (QuestSoft) [Fichier non signé] D:\Dossier JPB\Download\Qtranslate\QTranslate.6.8.0.1\QTranslate.exe (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe (Sebastian Brands und Patrick Dubbert (Dexpot GbR) -> Dexpot GbR) D:\Dossier JPB\Download\Dexpot (Pour les bureaux virtuels)\dexpot.exe (Sebastian Brands und Patrick Dubbert (Dexpot GbR) -> Dexpot GbR) D:\Dossier JPB\Download\Dexpot (Pour les bureaux virtuels)\Dexpot64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16695816 2016-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795704 2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [228568 2015-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-10-21] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> ) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89968 2016-12-30] (CHENGDU AOMEI Tech Co., Ltd. -> ) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\Run: [Dexpot] => D:\Dossier JPB\Download\Dexpot (Pour les bureaux virtuels)\dexpot.exe [1843704 2016-07-19] (Sebastian Brands und Patrick Dubbert (Dexpot GbR) -> Dexpot GbR) HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [65552 2021-12-13] (Lamantine Software a.s. -> Lamantine Software a.s.) HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-default-browser-check --no-displaying-insecure-content --no-first-run --user-data-dir="C:\ProgramData\Kaspersky Lab\SafeBrowser\kis\S- (l'élément de données a 202 caractères en plus). HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\ssy5cPC: C:\Windows\System32\spool\prtprocs\x64\ssy5cpc.dll [43520 2017-07-10] (Windows (R) Codename Longhorn DDK provider) [Fichier non signé] HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\system32\AdobePDF64.dll [35928 2007-03-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [117248 2019-03-16] (pdfforge GmbH) [Fichier non signé] HKLM\...\Print\Monitors\ssy5c Langmon: C:\Windows\system32\ssy5clm.dll [22528 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us013 Langmon: C:\Windows\system32\us013lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC) Startup: C:\Users\jpb10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-05-02] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\jpb10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lancer QTranslate.lnk [2020-10-31] ShortcutTarget: Lancer QTranslate.lnk -> D:\Dossier JPB\Download\Qtranslate\QTranslate.6.8.0.1\QTranslate.exe (QuestSoft) [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1C6C523D-2240-4DE4-8E0F-60C1A2EFCF98} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-08] (Microsoft Corporation -> Microsoft Corporation) Task: {2F8D2EBB-3362-4181-9FE4-911044DFC23A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-05] (Google Inc -> Google Inc.) Task: {41F158ED-74CE-48A6-8A74-FFBC1E434AF1} - System32\Tasks\CCleanerSkipUAC - jpb10 => D:\Dossier JPB\Download\CCleaner portable\Version portable 5.71\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {453625C5-B1C7-4049-808D-52830CAB8FAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-05] (Google Inc -> Google Inc.) Task: {4B5D8624-E8AE-433F-B757-1F36B9637022} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {55187D20-2D4D-4F64-ACB5-27E051EDA911} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {588F6730-3109-4CC6-8EE8-65E932E09CB7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3326691530-1372380808-3353578716-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-08] (Microsoft Corporation -> Microsoft Corporation) Task: {A2E70A37-94AF-4862-AB07-13EFB0FC68C1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {B89D75AC-0DD5-48DF-97F7-102944FB951B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {D36649E3-BE7D-415B-A9CD-5DCB88F8AFF4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D45E9034-13C7-43D4-8662-B6D5DB6B3DAA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {E65DE8D1-2F0E-416C-A00B-A99B3DFA6F23} - System32\Tasks\CCleaner Update => D:\Dossier JPB\Download\CCleaner portable\Version portable 5.71\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform) Task: {F6C2B7B3-983C-42BB-8FE6-8CEA60B09AE2} - System32\Tasks\KpRm-quarantines\KpRm-quarantines-20210517203807 => C:\KPRM\tasks-quarantines\kprm-quarantines.exe quarantines 20210517203807 (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{c1e91334-e9db-47f6-ac5a-350a9b1dfec2}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{e0da4f99-dcd7-4767-bd19-1b98ecabad97}: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\jpb10\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-07] Edge HKU\S-1-5-21-3326691530-1372380808-3353578716-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-11-07] [non signé] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-12-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default [2022-01-07] CHR Notifications: Default -> hxxps://forum.doctsf.com; hxxps://forum.retrotechnique.org CHR HomePage: Default -> hxxps://www.google.ch/ CHR StartupUrls: Default -> "hxxps://www.google.ch/?gws_rd=ssl" CHR Extension: (Google Traduction) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14] CHR Extension: (Slides) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22] CHR Extension: (Kaspersky Protection) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-23] CHR Extension: (Docs) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22] CHR Extension: (Google Drive) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-05] CHR Extension: (Sticky Password gestionnaire de mots de passe) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2021-11-19] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-12-21] CHR Extension: (Sheets) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22] CHR Extension: (Google Docs hors connexion) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Profile: C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-17] CHR Profile: C:\Users\jpb10\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-07] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2016-12-30] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [108248 2015-03-06] (Realtek Semiconductor Corp -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-08] (Microsoft Corporation -> Microsoft Corporation) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-12-12] (Macrovision Europe Ltd.) [Fichier non signé] R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-12-08] (Mixbyte Inc -> Freemake) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2020-12-11] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-08] (Microsoft Corporation -> Microsoft Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH) R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> ) R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2018-03-27] (Samsung Electronics CO., LTD. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Fichier non signé] R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [Fichier non signé] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2021-12-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [276064 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [314040 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [113976 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [225648 2021-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [177880 2014-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [59608 2014-05-23] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [50848 2019-01-09] (WDKTestCert myang,131801675084663740 -> Synaptics Incorporated) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-03-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-03-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-07 12:28 - 2022-01-07 12:28 - 000000000 ____D C:\FRST 2022-01-07 12:19 - 2022-01-07 12:19 - 000000000 ____D C:\Users\jpb10\AppData\Local\ZHP 2021-12-23 15:58 - 2021-12-23 15:58 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2021-12-23 15:57 - 2021-12-23 15:57 - 000002592 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-12-23 15:57 - 2021-12-23 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2021-12-23 15:53 - 2021-12-23 15:53 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-12-23 14:02 - 2021-12-23 15:29 - 000000000 ____D C:\Users\jpb10\AppData\Local\PDF24 2021-12-23 14:01 - 2021-12-23 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2021-12-23 14:01 - 2021-12-23 14:01 - 000000000 ____D C:\Program Files\PDF24 2021-12-23 13:56 - 2021-12-23 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password 2021-12-20 14:39 - 2021-12-20 14:39 - 046026414 _____ C:\Users\jpb10\Downloads\PG_18 2.pdf 2021-12-19 23:59 - 2021-12-19 23:59 - 001005151 _____ C:\Users\jpb10\Downloads\Zopan_PG-19.pdf 2021-12-19 23:55 - 2021-12-19 23:55 - 006916207 _____ C:\Users\jpb10\Downloads\doc_Gamme_facade (1).pdf 2021-12-19 14:47 - 2021-12-19 14:47 - 006916207 _____ C:\Users\jpb10\Downloads\doc_Gamme_facade.pdf 2021-12-17 12:26 - 2021-12-17 12:26 - 000000000 ____D C:\ProgramData\Advance 2021-12-17 01:18 - 2021-12-17 01:18 - 000956837 _____ C:\Users\jpb10\Downloads\Générateur GS-3-B 931R2.pdf 2021-12-16 00:52 - 2021-12-16 00:52 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-12-15 17:37 - 2021-12-15 17:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-12-15 17:37 - 2021-12-15 17:37 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-12-15 17:36 - 2021-12-15 17:36 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-12-15 17:36 - 2021-12-15 17:36 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-12-15 17:25 - 2021-12-15 17:25 - 000000000 ___HD C:\$WinREAgent 2021-12-14 00:42 - 2021-12-14 00:42 - 001290602 _____ C:\Users\jpb10\Downloads\p92b.pdf 2021-12-14 00:30 - 2021-12-14 00:30 - 001497331 _____ C:\Users\jpb10\Downloads\Module Tx AM - 8 fréquences - Mesures - v1.1.pdf 2021-12-10 23:44 - 2021-12-10 23:44 - 000703208 _____ C:\Users\jpb10\Downloads\Alignement des étages HF ou MF - PHILIPS (3).pdf 2021-12-10 23:28 - 2021-12-10 23:28 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3326691530-1372380808-3353578716-1003 2021-12-10 15:59 - 2021-12-10 15:59 - 000065662 _____ C:\Users\jpb10\Downloads\philips-dial-lamps.pdf 2021-12-05 16:54 - 2021-12-16 00:25 - 000000000 ____D C:\MC12 2021-12-05 16:54 - 2021-12-05 16:54 - 000000057 _____ C:\WINDOWS\MC12.INI 2021-12-04 23:31 - 2021-12-04 23:31 - 018951675 _____ C:\Users\jpb10\Downloads\FRANCE-RADIO N°12 Octobre 1925.pdf 2021-12-01 00:24 - 2021-12-01 00:24 - 014404369 _____ C:\Users\jpb10\Downloads\Manuel Technique - HUSQVARNA 320 330X.pdf 2021-12-01 00:24 - 2021-12-01 00:24 - 014404369 _____ C:\Users\jpb10\Downloads\Manuel Technique - HUSQVARNA 320 330X (1).pdf 2021-11-24 01:08 - 2021-11-24 01:08 - 000076690 _____ C:\Users\jpb10\Downloads\Emetteur Jojo.pdf 2021-11-23 00:25 - 2021-11-23 00:25 - 001215002 _____ C:\Users\jpb10\Downloads\Brochure-Produits-couverture-importateurs.pdf 2021-11-22 11:47 - 2021-11-22 11:47 - 000314040 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2021-11-22 11:46 - 2021-11-23 11:02 - 000225648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2021-11-22 11:46 - 2021-11-22 11:46 - 000276064 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2021-11-22 11:46 - 2021-11-22 11:46 - 000113976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2021-11-21 00:14 - 2021-11-21 00:14 - 000123579 _____ C:\Users\jpb10\Downloads\jjen_abv.pdf 2021-11-20 18:38 - 2021-11-20 18:38 - 000961486 _____ C:\Users\jpb10\Downloads\philips_lx434ab_portable_radio_1953_sm.pdf 2021-11-20 18:33 - 2021-11-20 18:33 - 000498920 _____ C:\Users\jpb10\Downloads\LX 434 AB.pdf 2021-11-20 18:32 - 2021-11-20 18:32 - 011873354 _____ C:\Users\jpb10\Downloads\Schéma (1).pdf 2021-11-17 16:33 - 2021-11-17 16:33 - 000201292 _____ C:\Users\jpb10\Downloads\000000000609530476913112021.pdf 2021-11-15 13:43 - 2021-11-15 13:43 - 000178016 _____ C:\Users\jpb10\Downloads\7C5 (1).pdf 2021-11-15 13:23 - 2021-11-15 13:23 - 001642576 _____ C:\Users\jpb10\Downloads\Caractéristiques (2).pdf 2021-11-15 13:23 - 2021-11-15 13:23 - 001642576 _____ C:\Users\jpb10\Downloads\Caractéristiques (1).pdf 2021-11-15 13:22 - 2021-11-15 13:22 - 000080268 _____ C:\Users\jpb10\Downloads\Caractéristiques.pdf 2021-11-15 13:18 - 2021-11-15 13:18 - 000178016 _____ C:\Users\jpb10\Downloads\7C5.pdf 2021-11-15 13:16 - 2021-11-15 13:16 - 000036540 _____ C:\Users\jpb10\Downloads\Lampes pour TSF.pdf 2021-11-09 22:39 - 2021-11-09 22:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-07 00:04 - 2021-11-07 00:04 - 014361872 _____ C:\Users\jpb10\Downloads\FRANCE-RADIO N°394 Fevrier 1933.pdf 2021-11-06 11:22 - 2021-11-06 11:22 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-06 11:22 - 2021-11-06 11:22 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-06 00:06 - 2021-11-06 00:06 - 004338491 _____ C:\Users\jpb10\Downloads\Schéma.pdf 2021-11-05 00:37 - 2021-11-05 00:37 - 019503719 _____ C:\Users\jpb10\Downloads\DOCS PHILIPS CONDOS TRANSFOS POTARS REGLAGES.pdf 2021-10-31 14:58 - 2021-10-31 14:58 - 001098078 _____ C:\Users\jpb10\Downloads\Serviceunterlagen.pdf 2021-10-30 23:36 - 2021-10-30 23:36 - 000065998 _____ C:\Users\jpb10\Downloads\siemens_23w_telefunken_122w_ac_radio_sm.pdf 2021-10-30 23:32 - 2021-10-30 23:32 - 000135163 _____ C:\Users\jpb10\Downloads\siemens_23wl_ac_receiver_1932_sm.pdf 2021-10-23 22:46 - 2021-10-23 22:46 - 000181915 _____ C:\Users\jpb10\Downloads\Notice précautions d'usage v0.1.pdf 2021-10-21 23:20 - 2021-10-21 23:20 - 004012187 _____ C:\Users\jpb10\Downloads\Antenne C.119 (1).pdf 2021-10-16 22:25 - 2021-10-16 22:25 - 034552156 _____ C:\Users\jpb10\Downloads\PHILIPS AUTO RADIO INSTALLATION PART1.pdf 2021-10-15 23:46 - 2021-10-15 23:46 - 004012187 _____ C:\Users\jpb10\Downloads\Antenne C.119.pdf 2021-10-12 23:16 - 2021-10-12 23:16 - 004052842 _____ C:\Users\jpb10\Downloads\MOBILOPHONE PHILIPS.pdf 2021-10-12 22:40 - 2021-10-12 22:40 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-12 22:40 - 2021-10-12 22:40 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-12 22:40 - 2021-10-12 22:40 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-12 22:39 - 2021-10-12 22:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-09 14:43 - 2021-10-09 14:43 - 002758792 _____ C:\Users\jpb10\Downloads\Catalogue des haut-parleurs Philips.pdf 2021-10-09 14:42 - 2021-10-09 14:42 - 003532288 _____ C:\Users\jpb10\Downloads\Au service de l'industrie électronique.pdf 2021-10-09 14:42 - 2021-10-09 14:42 - 000825068 _____ C:\Users\jpb10\Downloads\C'est le moment de dépanner vos vieux poste à transistors.pdf 2021-10-09 14:42 - 2021-10-09 14:42 - 000825068 _____ C:\Users\jpb10\Downloads\C'est le moment de dépanner vos vieux poste à transistors (1).pdf 2021-10-09 14:41 - 2021-10-09 14:41 - 000703208 _____ C:\Users\jpb10\Downloads\Alignement des étages HF ou MF - PHILIPS (2).pdf 2021-10-09 14:41 - 2021-10-09 14:41 - 000703208 _____ C:\Users\jpb10\Downloads\Alignement des étages HF ou MF - PHILIPS (1).pdf 2021-10-09 14:37 - 2021-10-09 14:37 - 000703208 _____ C:\Users\jpb10\Downloads\Alignement des étages HF ou MF - PHILIPS.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-07 12:23 - 2020-02-29 18:20 - 000000000 ____D C:\Users\jpb10\AppData\Roaming\ZHP 2022-01-07 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-07 12:11 - 2016-10-07 16:58 - 000000000 ____D C:\ProgramData\AomeiBR 2022-01-07 11:55 - 2017-02-04 16:56 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2022-01-07 11:55 - 2016-10-07 16:58 - 000001024 ____H C:\SYSTAG.BIN 2022-01-07 11:55 - 2016-10-07 16:58 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2022-01-07 11:52 - 2020-10-31 02:50 - 002654916 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-01-07 11:52 - 2020-10-31 02:23 - 000732278 _____ C:\WINDOWS\system32\perfh007.dat 2022-01-07 11:52 - 2020-10-31 02:23 - 000149678 _____ C:\WINDOWS\system32\perfc007.dat 2022-01-07 11:52 - 2019-12-07 15:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2022-01-07 11:52 - 2019-12-07 15:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2022-01-07 11:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-01-07 11:50 - 2016-09-05 23:29 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-07 11:47 - 2020-10-31 02:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-01-07 11:47 - 2020-10-31 02:43 - 000000000 ____D C:\Users\jpb10 2022-01-07 11:47 - 2020-10-31 02:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-01-07 11:47 - 2017-08-21 17:24 - 000000000 ____D C:\ProgramData\NVIDIA 2022-01-07 11:39 - 2021-05-17 19:30 - 000004012 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-01-07 11:39 - 2016-10-11 00:37 - 000000000 ____D C:\Users\jpb10\AppData\Local\CrashDumps 2022-01-07 00:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-01-06 16:58 - 2021-06-11 23:40 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-01-06 12:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-06 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-30 00:33 - 2018-01-17 18:47 - 000000000 ____D C:\Users\jpb10\AppData\Local\Packages 2021-12-29 00:51 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-12-24 11:50 - 2019-04-21 17:30 - 000000000 ____D C:\Users\jpb10\AppData\Roaming\WhatsApp 2021-12-24 11:42 - 2019-04-21 17:30 - 000000000 ____D C:\Users\jpb10\AppData\Local\WhatsApp 2021-12-23 18:35 - 2016-08-30 23:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-12-23 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-12-23 13:56 - 2021-05-20 16:50 - 000000000 ____D C:\Program Files (x86)\Sticky Password 2021-12-19 12:20 - 2020-07-26 11:57 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-18 14:12 - 2020-12-15 16:47 - 000000000 ____D C:\Users\jpb10\AppData\Roaming\iMazing 2021-12-18 14:09 - 2020-12-15 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing 2021-12-17 16:43 - 2020-11-11 18:51 - 000000000 ____D C:\Users\jpb10\AppData\Roaming\Advance 2021-12-17 16:41 - 2018-05-25 00:04 - 000000000 ____D C:\Users\jpb10\AppData\Local\D3DSCache 2021-12-17 12:26 - 2020-11-11 18:51 - 000000000 ____D C:\Program Files (x86)\Advance 2021-12-16 00:53 - 2020-10-31 02:40 - 000467040 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-12-16 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-12-15 17:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-12-15 17:25 - 2016-08-28 15:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-12-15 17:23 - 2016-08-28 15:22 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-12-14 23:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-12-11 15:22 - 2018-03-27 12:13 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-12-11 00:14 - 2020-10-31 05:33 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6af27c8b652b4 2021-12-11 00:14 - 2020-10-31 02:51 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-08 23:28 - 2020-10-31 02:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-12-08 23:28 - 2019-09-27 10:21 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Fichiers à la racine de certains dossiers ======== 2016-12-17 17:39 - 2018-06-08 16:14 - 003232128 _____ () C:\Users\jpb10\ZHPCleaner.exe 2021-10-03 11:44 - 2021-10-03 11:56 - 000000003 _____ () C:\Users\jpb10\AppData\Roaming\.ptbt 2021-05-17 11:36 - 2021-07-04 12:53 - 000051362 _____ () C:\Users\jpb10\AppData\Roaming\Valeurs séparées par une virgule.ADR 2021-05-17 16:49 - 2022-01-07 11:48 - 000747048 _____ () C:\Users\jpb10\AppData\Local\BTServer.log 2017-01-16 15:36 - 2020-12-15 14:36 - 000007656 _____ () C:\Users\jpb10\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2019-03-19 05:45 - 2019-03-19 05:45 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionMgr.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2020-02-12 19:30 - 2020-02-12 19:30 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-03-19 05:44 - 2019-03-19 05:44 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\canonurl.dll 2014-09-08 13:37 - 2014-09-08 13:37 - 000072192 _____ C:\WINDOWS\system32\CDASpl.dll 2015-07-10 12:00 - 2015-07-10 12:00 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2019-03-19 05:45 - 2019-03-19 05:45 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll 2015-07-10 12:01 - 2015-07-10 12:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-09-29 14:42 - 2017-09-29 14:42 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcComImplementations.dll 2017-04-11 22:53 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2018-03-27 12:01 - 2016-08-10 12:07 - 002847744 _____ C:\WINDOWS\system32\DlgSearchEngine.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dml.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2018-03-27 12:00 - 2017-07-10 13:08 - 001848320 _____ C:\WINDOWS\system32\eed_ec.dll 2018-07-10 23:01 - 2018-06-15 18:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemonitor.dll 2019-09-27 10:30 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2017-05-11 23:03 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPPMon.dll 2018-07-10 23:01 - 2018-07-06 08:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Core.dll 2018-04-10 23:06 - 2018-03-30 04:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mitigationscanner.exe 2018-01-03 23:59 - 2019-03-16 18:33 - 000117248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000049664 _____ C:\WINDOWS\system32\PerceptionSimulationInput.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneDataSync.dll 2015-10-08 22:16 - 2015-01-26 17:35 - 000040516 _____ C:\WINDOWS\system32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll 2015-10-08 22:16 - 2015-03-19 16:26 - 000048116 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-10-08 22:16 - 2015-02-03 10:55 - 000048276 _____ C:\WINDOWS\system32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll 2015-10-08 22:16 - 2015-02-03 10:55 - 000048276 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll 2015-10-08 22:16 - 2015-02-03 10:55 - 000048192 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll 2015-10-08 22:16 - 2015-02-03 10:55 - 000049088 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll 2015-10-08 22:16 - 2015-02-03 10:56 - 000045868 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-10-08 22:16 - 2015-04-02 16:25 - 000034840 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2019-03-19 05:45 - 2019-03-19 05:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2015-07-10 12:00 - 2015-07-10 12:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmClientApi.dll 2018-05-17 09:07 - 2018-05-17 09:07 - 000087552 _____ C:\WINDOWS\system32\ssdevm64.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2017-09-29 14:41 - 2017-09-29 14:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedic.exe 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2019-03-19 05:44 - 2019-03-19 05:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.ShellPosition.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Sets.dll 2016-08-29 22:45 - 2015-12-11 08:57 - 001920624 _____ C:\WINDOWS\ampa.exe 2003-10-17 11:44 - 2003-10-17 11:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2019-03-19 05:45 - 2019-03-19 05:45 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\canonurl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cflapi.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2017-09-29 14:42 - 2017-09-29 14:42 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreShellExtFramework.dll 2015-07-10 12:01 - 2015-07-10 12:01 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2017-03-05 15:38 - 1999-01-20 05:01 - 000210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL 2016-09-05 11:06 - 2016-08-10 12:07 - 002094592 _____ C:\WINDOWS\SysWOW64\DlgSearchEngine.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001161216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dml.dll 1999-04-08 14:47 - 1999-04-08 14:47 - 000036864 _____ C:\WINDOWS\SysWOW64\FViGxDS1.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamemonitor.dll 1998-11-23 12:57 - 1998-11-23 12:57 - 000940304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Igx42.dll 1998-06-16 20:00 - 1998-06-16 20:00 - 000995383 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Igx43.dll 2000-05-17 10:13 - 2000-05-17 10:13 - 000339968 _____ (Micrografx, Inc.) C:\WINDOWS\SysWOW64\Igxbm40.dll 1999-05-03 11:12 - 1999-05-03 11:12 - 000038400 _____ (Micrografx, Inc.) C:\WINDOWS\SysWOW64\Igxfrm2x.dll 2001-03-07 16:10 - 2001-03-07 16:10 - 000139264 _____ (Micrografx, Inc.) C:\WINDOWS\SysWOW64\IGXFRM40.dll 2001-04-18 16:41 - 2001-04-18 16:41 - 001015808 _____ (Micrografx, Inc.) C:\WINDOWS\SysWOW64\igxSpud.dll 2000-06-02 07:57 - 2000-06-02 07:57 - 000049152 _____ (Micrografx) C:\WINDOWS\SysWOW64\igxwlcm2.dll 2017-03-15 10:43 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2015-10-01 17:05 - 2010-12-01 10:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2015-05-22 02:00 - 2015-05-22 02:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000034304 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfbmp10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000027136 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfcal10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000266752 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfcmp10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000077824 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lffax10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000100352 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lffpx10n.dll 1997-11-21 17:03 - 1997-11-21 17:03 - 000338944 _____ () C:\WINDOWS\SysWOW64\Lffpx7.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000041472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfgif10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000046592 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfica10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000027136 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfimg10n.dll 1997-09-30 13:30 - 1997-09-30 13:30 - 000122880 _____ () C:\WINDOWS\SysWOW64\Lfkodak.dll 1998-11-30 12:52 - 1998-11-30 12:52 - 000031744 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lflmb10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000025600 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfmac10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfmsp10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpcd10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpct10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpcx10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000134144 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpng10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpsd10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfras10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lftga10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000122368 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lftif10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000027136 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfwfx10n.dll 1998-12-01 12:58 - 1998-12-01 12:58 - 000257024 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Ltann10n.dll 1999-03-29 11:04 - 1999-03-29 11:04 - 000231424 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Ltdis10n.dll 1998-12-01 12:58 - 1998-12-01 12:58 - 000103424 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Ltfil10n.dll 1998-11-30 12:09 - 1998-11-30 12:09 - 000114176 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Ltimg10n.dll 1998-12-01 12:58 - 1998-12-01 12:58 - 000297472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Ltkrn10n.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsTelemetry.dll 2003-10-17 11:44 - 2003-10-17 11:44 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2004-02-20 15:15 - 2004-02-20 15:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2003-10-17 11:44 - 2003-10-17 11:44 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2004-02-20 15:15 - 2004-02-20 15:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2004-02-20 15:47 - 2004-02-20 15:47 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2015-07-10 12:01 - 2016-09-18 14:12 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2016-09-18 14:09 - 2016-09-07 05:08 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-07-10 12:01 - 2016-09-18 14:12 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2003-10-17 11:44 - 2003-10-17 11:44 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2003-10-17 11:44 - 2003-10-17 11:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 1998-02-25 10:45 - 1998-02-25 10:45 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PcdLib32.dll 2015-10-01 17:05 - 2012-02-14 20:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll 2018-05-17 09:07 - 2018-05-17 09:07 - 000094208 _____ C:\WINDOWS\SysWOW64\Ssdevm.dll 2017-09-29 14:42 - 2017-09-29 14:42 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2017-09-29 14:42 - 2017-09-29 14:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tier2punctuations.dll 2016-12-17 17:39 - 2018-06-08 16:14 - 003232128 _____ C:\Users\jpb10\ZHPCleaner.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {9856ccfd-c191-11eb-a5cc-806e6f6e6963} {bootmgr} {99cd2857-63f8-11ec-a6cf-806e6f6e6963} {99cd2858-63f8-11ec-a6cf-806e6f6e6963} {99cd2859-63f8-11ec-a6cf-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume4 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {06a7dbf5-1b1a-11eb-b991-ea69155be80a} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {9856ccfd-c191-11eb-a5cc-806e6f6e6963} device partition=\Device\HarddiskVolume4 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Application logicielle (101fffff) -------------------------------- identificateur {99cd2857-63f8-11ec-a6cf-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {99cd2858-63f8-11ec-a6cf-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {99cd2859-63f8-11ec-a6cf-806e6f6e6963} description UEFI:Network Device Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {06a7dbf7-1b1a-11eb-b991-ea69155be80a} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {06a7dbf5-1b1a-11eb-b991-ea69155be80a} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {06a7dbf7-1b1a-11eb-b991-ea69155be80a} device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{06a7dbf8-1b1a-11eb-b991-ea69155be80a} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{06a7dbf8-1b1a-11eb-b991-ea69155be80a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {4e1c06bb-0c0f-4156-9949-e0f4fcaa16e0} device ramdisk=[unknown]\Aomei\AomeiBoot.wim,{ea94d232-c61b-4a61-9287-45f9790d404b} description Aomei PE osdevice ramdisk=[unknown]\Aomei\AomeiBoot.wim,{ea94d232-c61b-4a61-9287-45f9790d404b} systemroot \Windows nx OptIn detecthal Yes winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {7236fdc6-a755-11e6-8469-9ad89f94e757} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7236fdc7-a755-11e6-8469-9ad89f94e757} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7236fdc7-a755-11e6-8469-9ad89f94e757} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {8d7f0cc6-879e-47f6-a767-0ed8fd3b0659} device ramdisk=[\Device\HarddiskVolume8]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d} path \windows\system32\winload.efi description MEDION Recovery Environment osdevice ramdisk=[\Device\HarddiskVolume8]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d} systemroot \windows nx OptIn winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {ccd76c08-b477-11e5-9bd8-b8aeedfb3989} device unknown path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice unknown systemroot \WINDOWS resumeobject {ccd76c07-b477-11e5-9bd8-b8aeedfb3989} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {06a7dbf5-1b1a-11eb-b991-ea69155be80a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {06a7dbf7-1b1a-11eb-b991-ea69155be80a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {4a338979-6889-11e5-a27d-b48d5be9d7c7} device unknown path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {ccd76c04-b477-11e5-9bd8-b8aeedfb3989} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice unknown filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume4 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {06a7dbf8-1b1a-11eb-b991-ea69155be80a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume7 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {572bcd56-ffa7-11d9-aae0-0007e994107d} description Ramdisk Options ramdisksdidevice partition=\Device\HarddiskVolume8 ramdisksdipath \boot\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {ea94d232-c61b-4a61-9287-45f9790d404b} ramdisksdidevice unknown ramdisksdipath \Aomei\AomeiBoot.sdi ==================== Fin de FRST.txt ========================