Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01 Exécuté par Jack (administrateur) sur DESKTOP-25PU7KJ (ASUSTeK COMPUTER INC. X550JX) (15-02-2023 21:22:55) Exécuté depuis C:\Users\Jack\Downloads Profils chargés: Jack Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2604 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE (ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <4> (C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe ->) () [Fichier non signé] C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\HTSRecover.exe (C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe (C:\Users\Jack\AppData\Local\Apps\2.0\NK5H5NXD.WDV\7ZWPNMR7.39M\scre..tion_2c2536e5112611c9_0006.0003_5f62dade1237aee5\ScreenConnect.ClientService.exe ->) (ScreenConnect Software -> ScreenConnect Software) C:\Users\Jack\AppData\Local\Apps\2.0\NK5H5NXD.WDV\7ZWPNMR7.39M\scre..tion_2c2536e5112611c9_0006.0003_5f62dade1237aee5\ScreenConnect.WindowsClient.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Hewlett-Packard -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Koninklijke Philips Electronics N.V.) [Fichier non signé] C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe (services.exe ->) (HP) [Fichier non signé] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (ScreenConnect Software -> ) C:\Users\Jack\AppData\Local\Apps\2.0\NK5H5NXD.WDV\7ZWPNMR7.39M\scre..tion_2c2536e5112611c9_0006.0003_5f62dade1237aee5\ScreenConnect.ClientService.exe (services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (svchost.exe ->) (ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-10-03] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé] HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-11-07] (Corel Corporation -> Corel Corporation) HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [130624 2018-11-07] (Corel Corporation -> WinZip Computing) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] (ASUS Cloud Corporation -> ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\Run: [Dashlane] => C:\Users\Jack\AppData\Roaming\Dashlane\Dashlane.exe [321208 2021-08-25] (Dashlane USA, Inc. -> Dashlane, Inc.) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\Run: [DashlanePlugin] => C:\Users\Jack\AppData\Roaming\Dashlane\DashlanePlugin.exe [342200 2021-08-25] (Dashlane USA, Inc. -> Dashlane, Inc.) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2018-04-24] (TomTom International BV -> TomTom) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\Run: [PCPrivacyShield2020] => "C:\Program Files (x86)\PC Privacy Shield 2020\PCPrivacyShield2020.exe" minimized (Pas de fichier) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\Run: [MicrosoftEdgeAutoLaunch_3C32DD8DCCCF754B3FFB51F344CC4011] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-02-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2013793525-2746929012-3189490076-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.121\Installer\chrmstp.exe [2023-02-13] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2023-02-15] ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Démarrage d'Office.lnk [2017-07-23] ShortcutTarget: Démarrage d'Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE () [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wi-Fi MediaConnect.lnk [2018-12-19] ShortcutTarget: Wi-Fi MediaConnect.lnk -> C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Koninklijke Philips Electronics N.V.) [Fichier non signé] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0642F901-551D-40BA-957E-E5FF49F703CC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2015-12-02] (ASUS) [Fichier non signé] Task: {08B0F6BC-1092-4E12-9164-6676C5B73EF6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {2B877798-A2AB-4488-974E-901710759AE4} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-02-15] (Avast Software s.r.o. -> AVAST Software) Task: {39CD21EB-35CB-4512-AA79-269F27FC6E2F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {40C16C89-5B22-4B8C-9C81-473B802B8152} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) Task: {40F286F8-506F-4E58-8129-92CA5BC42E0F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.) Task: {47371510-FF2A-4C63-9112-452E1C615D85} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013264 2017-12-12] (NVIDIA Corporation -> ) Task: {5365D1B5-E050-4D5E-B386-8A29115A0649} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [481128 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {580EB9DC-31DF-4A74-B23E-2E0FC98061C5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {5C8EDEE7-4ABF-40D0-A864-8BF313ED2B2A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1616160 2016-01-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé] Task: {6833EB06-F01F-47F0-BFC5-7F03A47C4309} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6C9EE653-ACA6-41CB-A640-500D10E38782} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6D11BE0A-A4C6-4E89-84A2-4D8B0DACE538} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {751032FB-518B-42B1-84EC-DAFF4695A73D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [514408 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {773AA035-15A8-432B-B568-B4A908FD79D8} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-11-07] (Corel Corporation -> Corel Corporation) Task: {786B5BC2-926A-46FB-B29C-97B2C58690E4} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-11-07] (Corel Corporation -> Corel Corporation) Task: {805F3577-D71A-4E35-90A7-E9C3AAD60D64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8ADD543C-8DFF-4BA5-911E-61AC6DC1D1EA} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {A2AB61D5-D872-47C1-967A-EAD1E3C91A7B} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc) Task: {A847F631-E985-4EB7-8D10-BF1207AB7831} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-02-15] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 7305e01c-5397-4e12-b8c0-cd88a25cac25 Task: {B2CDE5CC-9B71-4193-AAC0-F0E7FE7C6506} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {B4B35FB6-C4D5-4979-9CEF-2573D99A83B8} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2018-11-07] (Corel Corporation -> Corel Corporation) Task: {C88B1CAA-2B22-4B27-83DB-EEA7383BE538} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {CDB4D0A2-5C04-4C63-89B3-6D562F68BC5D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek) Task: {D199C4EA-6C08-437C-A63E-4F2DB8B4FF34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D627FE53-B9B9-4E24-B61E-3F5CB683F00C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> ) Task: {EC8ECBBC-7EE9-45EC-8A04-DB8C628CFDBE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) Task: {F01138A1-1F02-4586-9971-4437F53566D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.) Task: {F349BFAF-FC4A-4AB7-8C27-303A4F4B8DA7} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software) Task: {F39A2A88-3A14-44B8-B1AB-83FBE8822A2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2295192 2023-02-05] (Avast Software s.r.o. -> Avast Software) Task: {FCA35D1C-22E1-418C-BF80-56FD6CE77987} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4e46ca7a-8aa7-4a03-9125-e4505fa1bd09}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{73a1f20e-0847-43b4-8c8d-b2988dd070b6}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\Jack\Downloads Edge Notifications: HKU\S-1-5-21-2013793525-2746929012-3189490076-1001 -> hxxps://www.cnet.com; hxxps://smsmms.orange.fr; hxxps://www.remedes-de-grand-mere.com; hxxps://tunesgo.wondershare.com Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-15] Edge DownloadDir: Default -> C:\Users\Jack\Downloads Edge Notifications: Default -> hxxps://smsmms.orange.fr; hxxps://tunesgo.wondershare.com; hxxps://www.camping-car.com; hxxps://www.cnet.com; hxxps://www.remedes-de-grand-mere.com Edge Extension: (Edge relevant text changes) - C:\Users\Jack\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-15] FireFox: ======== FF ProfilePath: C:\Users\Jack\AppData\Roaming\TomTom\HOME\Profiles\t5n0kp8z.default [2018-07-14] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2018-07-14] [] [non signé] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> ) Chrome: ======= CHR Profile: C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default [2023-02-15] CHR Extension: (Google Docs hors connexion) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-05] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-15] (Dropbox, Inc -> Dropbox, Inc.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Fichier non signé] R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 ScreenConnect Client (2ffd0884-f5d0-4e91-b291-94f13e02580a); C:\Users\Jack\AppData\Local\Apps\2.0\NK5H5NXD.WDV\7ZWPNMR7.39M\scre..tion_2c2536e5112611c9_0006.0003_5f62dade1237aee5\ScreenConnect.ClientService.exe [90768 2023-02-15] (ScreenConnect Software -> ) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-02-15] (Avast Software s.r.o. -> AVAST Software) S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2581864 2017-01-25] (LULU Software -> LULU Software) S3 Soda PDF Desktop CrashHandler; C:\Program Files\Soda PDF Desktop\crash-handler-ws.exe [931176 2017-01-25] (LULU Software -> LULU Software) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [72584 2023-02-15] (Avast Software s.r.o. -> Avast Software) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation) R3 WFMC_VAD; C:\WINDOWS\System32\drivers\wfmcvad.sys [24064 2010-02-08] (Microsoft Windows Hardware Compatibility Publisher -> WiFi Media Connect) S3 MpKsl9ce6d63e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6BEECB99-1234-4D92-92C3-435543C0CF13}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-02-15 21:22 - 2023-02-15 21:24 - 000030180 _____ C:\Users\Jack\Downloads\FRST.txt 2023-02-15 21:21 - 2023-02-15 21:24 - 000000000 ____D C:\FRST 2023-02-15 21:18 - 2023-02-15 21:18 - 002378240 _____ (Farbar) C:\Users\Jack\Downloads\FRST64.exe 2023-02-15 21:00 - 2023-02-15 21:00 - 000323909 _____ C:\Users\Jack\Desktop\ZHPDiag.txt 2023-02-15 20:43 - 2023-02-15 21:04 - 000000000 ____D C:\Users\Jack\AppData\Roaming\ZHP 2023-02-15 20:43 - 2023-02-15 20:49 - 000000866 _____ C:\Users\Jack\Desktop\ZHPSuite.lnk 2023-02-15 20:43 - 2023-02-15 20:43 - 000000000 ____D C:\Users\Jack\AppData\Local\ZHP 2023-02-15 20:41 - 2023-02-15 20:41 - 003513544 _____ (Nicolas Coolman) C:\Users\Jack\Downloads\ZHPSuite.exe 2023-02-15 20:41 - 2023-02-15 20:41 - 003513544 _____ (Nicolas Coolman) C:\Users\Jack\Downloads\ZHPSuite (1).exe 2023-02-15 19:04 - 2023-02-15 19:04 - 000263000 _____ (AVAST Software) C:\Users\Jack\Downloads\avast_one_free_antivirus.exe 2023-02-15 17:02 - 2023-02-15 17:02 - 000000000 ____D C:\Users\Jack\AppData\Local\PCPrivacyShield2020 2023-02-15 16:16 - 2023-02-15 16:16 - 000000048 _____ C:\Users\Jack\AppData\Local\computerid 2023-02-15 16:14 - 2023-02-15 16:14 - 000000000 ____D C:\Users\Jack\AppData\Roaming\PC Privacy Shield 2020 2023-02-15 16:11 - 2023-02-15 20:39 - 000000000 ____D C:\ProgramData\scre..tion_2c2536e5112611c9_0006.0003_5f62dade1237aee5 2023-02-15 16:10 - 2023-02-15 16:10 - 000000000 ____D C:\Users\Jack\AppData\Local\Deployment 2023-02-15 16:10 - 2023-02-15 16:10 - 000000000 ____D C:\Users\Jack\AppData\Local\Apps\2.0 2023-02-15 14:46 - 2023-02-15 14:46 - 000258103 _____ C:\Users\Jack\Downloads\2023-01-2-PODO.pdf 2023-02-15 11:56 - 2023-02-15 11:56 - 000000000 ___HD C:\$WinREAgent 2023-02-15 11:13 - 2023-02-15 11:12 - 000072584 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys 2023-02-13 15:04 - 2023-02-13 15:04 - 000237032 _____ C:\Users\Jack\Downloads\Facture.pdf 2023-02-05 18:17 - 2023-02-05 18:17 - 001174331 _____ C:\Users\Jack\Downloads\2023_02-MUTUELLE_AVENIR.pdf 2023-02-05 17:23 - 2023-02-05 17:23 - 001546281 _____ C:\Users\Jack\Downloads\2022_12_VOLVO-DEVIS_2.pdf 2023-02-05 16:39 - 2023-02-05 16:39 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2023-02-05 16:39 - 2023-02-05 16:39 - 000002243 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2023-02-05 16:39 - 2023-02-05 16:39 - 000000000 ____D C:\Program Files\Google 2022-11-27 18:11 - 2022-11-27 18:11 - 000000751 _____ C:\Users\Jack\Downloads\Documents - Raccourci.lnk ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-02-15 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-02-15 21:07 - 2019-03-03 10:27 - 000000000 ____D C:\Program Files (x86)\Google 2023-02-15 21:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-02-15 20:31 - 2021-04-30 12:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-02-15 19:29 - 2017-06-11 12:36 - 000000000 ___RD C:\Users\Jack\OneDrive 2023-02-15 19:29 - 2017-06-11 12:31 - 000000184 _____ C:\Users\Jack\AppData\Roaming\sp_data.sys 2023-02-15 19:28 - 2021-04-30 13:05 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-02-15 19:28 - 2019-12-07 15:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat 2023-02-15 19:28 - 2019-12-07 15:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat 2023-02-15 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-02-15 19:26 - 2017-07-25 18:21 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2023-02-15 19:25 - 2017-06-11 12:31 - 000000000 __SHD C:\Users\Jack\IntelGraphicsProfiles 2023-02-15 19:25 - 2017-06-11 11:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-02-15 19:22 - 2021-04-30 13:20 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update 2023-02-15 19:22 - 2017-06-11 11:51 - 000000000 ____D C:\ProgramData\NVIDIA 2023-02-15 19:22 - 2016-07-28 23:45 - 000000000 ____D C:\ProgramData\AVAST Software 2023-02-15 19:21 - 2021-04-30 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-02-15 19:21 - 2021-04-30 12:39 - 000008192 ___SH C:\DumpStack.log.tmp 2023-02-15 19:16 - 2021-04-30 12:39 - 000473104 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-02-15 19:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-02-15 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-02-15 18:30 - 2016-03-24 13:06 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2023-02-15 18:30 - 2016-03-24 13:06 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2023-02-15 13:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-02-15 13:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-02-15 13:00 - 2021-04-30 12:44 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-02-15 11:56 - 2020-08-27 16:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-02-15 11:33 - 2017-06-11 15:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-02-15 11:15 - 2017-06-11 15:48 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-02-15 10:42 - 2020-06-21 10:22 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-02-15 10:25 - 2018-02-16 19:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-02-13 15:47 - 2021-01-16 17:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-02-13 15:08 - 2021-12-12 17:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2013793525-2746929012-3189490076-1001 2023-02-13 15:08 - 2021-04-30 13:20 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2013793525-2746929012-3189490076-1001 2023-02-13 15:08 - 2021-04-30 12:51 - 000002420 _____ C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-02-13 15:04 - 2021-04-30 13:20 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-02-13 15:04 - 2021-04-30 13:20 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-02-13 14:55 - 2021-04-30 13:20 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2023-02-13 14:55 - 2021-04-30 13:20 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2023-02-13 14:55 - 2016-03-24 13:06 - 000000000 ____D C:\Program Files (x86)\Dropbox 2023-02-05 16:56 - 2016-07-28 23:54 - 000000000 ____D C:\Program Files\Microsoft Office ==================== Fichiers à la racine de certains dossiers ======== 2017-06-11 12:31 - 2023-02-15 19:29 - 000000184 _____ () C:\Users\Jack\AppData\Roaming\sp_data.sys 2023-02-15 16:16 - 2023-02-15 16:16 - 000000048 _____ () C:\Users\Jack\AppData\Local\computerid ==================== SigCheckExt ========================= 2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) C:\WINDOWS\system32\HpTcpMib.dll 2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) C:\WINDOWS\system32\HPTcpMon.dll 2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HPTcpMUI.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000045568 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.DLL 2009-09-16 10:44 - 2009-09-16 10:44 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.DLL 2009-09-16 10:44 - 2009-09-16 10:44 - 000596992 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000028672 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjfw64.dll 2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) C:\WINDOWS\system32\hpzjrd01.dll 2016-07-28 23:21 - 2015-08-06 17:43 - 000177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-07-28 23:23 - 2015-10-03 03:22 - 001756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-07-28 23:23 - 2015-10-03 03:22 - 001710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000123904 _____ (Microsoft) C:\WINDOWS\SysWOW64\ACCWIZ.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000007440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APPXEC32.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMC.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000140048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CNFNOT32.EXE 1997-08-28 23:00 - 1997-08-28 23:00 - 000057342 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMMTB32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000094304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONTAB32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONVDSN.EXE 1997-08-28 23:00 - 1997-08-28 23:00 - 000022016 _____ C:\WINDOWS\SysWOW64\DOCOBJ.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000104208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSABP32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000548624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSMDB32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSUI32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000599824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSUIX32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000405776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETEXCH32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 001123600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000028432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000093968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GAPI32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000012288 _____ C:\WINDOWS\SysWOW64\HLINKPRX.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HLP95EN.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMGWALK.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETAB32.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2015-05-22 01:00 - 2015-05-22 01:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000086288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KEYEX32.EXE 2016-05-17 23:49 - 2016-05-17 23:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000522432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000028432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISP32.EXE 1997-08-28 23:00 - 1997-08-28 23:00 - 000037648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE 2016-05-17 23:49 - 2016-05-17 23:49 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2016-05-17 23:49 - 2016-05-17 23:49 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC40FRA.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCANS32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MINET32.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000007904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ML3XEC16.EXE 1997-08-28 23:00 - 1997-08-28 23:00 - 000288016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMFMIG32.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000094208 _____ C:\WINDOWS\SysWOW64\MSENCODE.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCL35.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000558352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFS32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000016304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINF16H.EXE 1997-08-28 23:00 - 1997-08-28 23:00 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000145168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000024336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOTHUNK.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPRPFR.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000595728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPST32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000251664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000404240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTEXT35.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXBSE35.DLL 2016-05-17 23:49 - 2016-05-17 23:49 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2016-05-17 23:49 - 2016-05-17 23:49 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2016-07-28 23:21 - 2015-08-06 17:43 - 000155464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-07-28 23:23 - 2015-10-03 03:23 - 001317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-07-28 23:23 - 2015-10-03 03:23 - 001423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000234528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OLEMSG.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000288528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OLEMSG32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000425424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OUTLCOMM.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PICSTORE.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000025600 _____ C:\WINDOWS\SysWOW64\RECNCL.DLL 2018-11-06 11:15 - 2016-05-17 23:49 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 1997-08-28 23:00 - 1997-08-28 23:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\REFEDIT.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000032256 _____ (Microsoft) C:\WINDOWS\SysWOW64\SELFREG.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000012288 _____ C:\WINDOWS\SysWOW64\VAFR232.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBSFR.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000020080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSSPI.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 001232656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSUI32.DLL 1997-08-28 23:00 - 1997-08-28 23:00 - 000031232 _____ C:\WINDOWS\SysWOW64\XLREC.DLL 2023-02-15 21:18 - 2023-02-15 21:18 - 002378240 _____ (Farbar) C:\Users\Jack\Downloads\FRST64.exe 2023-02-15 20:41 - 2023-02-15 20:41 - 003513544 _____ (Nicolas Coolman) C:\Users\Jack\Downloads\ZHPSuite (1).exe 2023-02-15 20:41 - 2023-02-15 20:41 - 003513544 _____ (Nicolas Coolman) C:\Users\Jack\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {3ae067b6-be6c-11e6-8936-806e6f6e6963} {3ae067b7-be6c-11e6-8936-806e6f6e6963} {3ae067b8-be6c-11e6-8936-806e6f6e6963} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {f86f86cc-a9b0-11eb-bf03-9aed593cec4d} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {3ae067b6-be6c-11e6-8936-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {3ae067b7-be6c-11e6-8936-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {3ae067b8-be6c-11e6-8936-806e6f6e6963} description UEFI:Network Device Chargeur de d‚marrage Windows ----------------------------- identificateur {e2db8bd5-8a87-11e8-930e-920e4ff52d0f} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e2db8bd6-8a87-11e8-930e-920e4ff52d0f} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{e2db8bd6-8a87-11e8-930e-920e4ff52d0f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {f86f86ce-a9b0-11eb-bf03-9aed593cec4d} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {f86f86cc-a9b0-11eb-bf03-9aed593cec4d} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {f86f86ce-a9b0-11eb-bf03-9aed593cec4d} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{f86f86cf-a9b0-11eb-bf03-9aed593cec4d} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{f86f86cf-a9b0-11eb-bf03-9aed593cec4d} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {f86f86cc-a9b0-11eb-bf03-9aed593cec4d} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {f86f86ce-a9b0-11eb-bf03-9aed593cec4d} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {f86f86cf-a9b0-11eb-bf03-9aed593cec4d} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================