Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2023 Exécuté par Jean (administrateur) sur JEAN-PC (20-02-2023 18:19:57) Exécuté depuis E:\Jean\Desktop Profils chargés: Jean Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2604 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayProcess.exe (explorer.exe ->) (Emjysoft -> Emjysoft) C:\Program Files\Emjysoft\Sauvegarde-Facile\Sauvegarde.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.0.0\ABService.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\EaseUS\ENS\ensserver.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21330.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21330.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2014-12-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [125477704 2022-02-16] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [TrayProcess] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayProcess.exe [965352 2022-11-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-3790553777-1873748162-583351805-1000\...\Run: [Emjysoft Sauvegarde Facile] => C:\Program Files\Emjysoft\Sauvegarde-Facile\Sauvegarde.exe [2027224 2020-04-10] (Emjysoft -> Emjysoft) HKU\S-1-5-21-3790553777-1873748162-583351805-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629528 2023-02-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3790553777-1873748162-583351805-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: CNCALEU.DLL (Pas de fichier) HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: CNMLMEU.DLL (Pas de fichier) HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [345448 2010-06-14] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0070F96E-3391-46ED-865C-919AFFF42D7E} - \Microsoft\Windows\Setup\EOONotify -> Pas de fichier <==== ATTENTION Task: {0187C228-BDDB-4E30-A541-2B22947A02D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.) Task: {066CF0A6-F4C7-416F-A8DE-B8D5FE29E9BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {0B71C5C5-DE62-4433-9FA4-D82C3591F682} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier) Task: {0C17BABC-7690-4089-8AC7-61DC2E1D0BF3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {0E65D7C9-C14F-4C4F-AB75-1AB463D73FC4} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {162926D7-131E-4B9D-8E87-0F8D1A53C52F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier) Task: {18ABA7E3-EEEC-4FB8-A2F8-A15327AB17E2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier) Task: {1E60C12B-7D78-487A-9CF8-224D0D11814F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier) Task: {218911FC-3372-44B0-A87A-047C0DAC4881} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier) Task: {22C4F0DF-D4B2-40A7-92E3-6344398BFF4F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier) Task: {26FE1B25-B35F-4031-872F-648796D6758C} - System32\Tasks\{D6371B13-98B5-4AED-A711-521D9103FAAD} => C:\Program Files (x86)\Hp\Diagnostics\PSDR\HPPSDr.exe [16122800 2021-04-01] (HP Inc. -> HP Inc.) Task: {2724BA87-D045-4C8E-87DF-C4BF2959E7A7} - System32\Tasks\HPCustParticipation HP ENVY 5000 series => C:\Program Files\HP\HP ENVY 5000 series\Bin\HPCustPartic.exe [6666840 2022-06-15] (HP Inc. -> HP Inc.) Task: {27C18719-392B-4D91-9B8E-3C0E9FE454DB} - System32\Tasks\SafeZone scheduled Autoupdate 1450373019 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {28079D93-F533-4ADF-94DE-05D69A030CC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {2A95A256-3619-46D8-AC8B-E93E3B00AF01} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {2AC38523-4DBB-44F4-9943-43F81172EE4A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {2C81D3E9-8530-42DB-A2FF-C99D828EB2AB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jean\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-06-12] (ESET, spol. s r.o. -> ESET) Task: {2CD3605C-F167-4DD8-8A4B-CEE6D947C5AD} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION Task: {2DED051D-CCE0-40E2-A0B7-445E8725CDA7} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {2EDD995B-2324-4ACC-8100-62B6DE8C3E16} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier) Task: {30CCB786-42A5-41ED-B2DE-80786F6EEE37} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {36E3B353-899F-4A6C-86E3-B54CD5E2F615} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {38FC06E5-62EE-428F-AFE2-2EE4AE8AFB31} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier) Task: {399DDA85-F8FC-4B19-8611-15FF547E5676} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH9549J0T3 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.) Task: {3A4B8566-22E6-48B6-8500-4F5142F1AFD2} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {477DA914-4EAC-45EF-B5C6-90A3ECE9A9F0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {47FA6B30-F24B-40BE-8C1E-27ED06D3205E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {493DA3C6-7B1B-43D6-B22D-FF76F1C83A86} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier) Task: {4A66F993-1C83-4AE2-901F-C67F03F07374} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {4DD4EDF7-038A-4D44-BCF3-C637CFD51671} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier) Task: {556040ED-9143-4ADC-AC19-963A76FDC446} - System32\Tasks\{3D2B6582-74BF-4858-AF6A-077F2E51DB4B} => C:\Program Files (x86)\Hp\Diagnostics\PSDR\HPPSDr.exe [16122800 2021-04-01] (HP Inc. -> HP Inc.) Task: {577F7FFD-4D02-490C-850A-3253488E19F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.) Task: {586CAD42-BBDA-4821-8AD6-E5D4CBE677B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {6553814E-C91B-4DE0-9072-D79B032200F0} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (Pas de fichier) Task: {6DE85571-D11B-4434-9507-CF33ACB5C0CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {735943F5-FF36-4AC7-A962-2AE889D55EF3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {771E40C7-81E6-45D7-A024-D54B87AB985C} - System32\Tasks\{49285A17-FFE0-43BE-902D-C2B54A6CA081} => C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.0 AE\PHOTOfunSTUDIO.exe (Pas de fichier) Task: {78A64DE4-ABC5-472B-892A-EA7B971042ED} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION Task: {7C2596A1-B9BC-492F-BEB0-7DC1C26AACB8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier) Task: {7E455AA2-5B26-42D1-B1BB-468A0ED3B2CE} - System32\Tasks\{E4D6F11B-9582-424E-AC14-70A0C199133F} => C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.0 AE\PHOTOfunSTUDIO.exe (Pas de fichier) Task: {847F4BBE-70C0-4121-ACC7-8DE71B283F19} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier) Task: {88A2E1FD-8DB8-4329-A7C9-4E3209C68D96} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-16] (Mozilla Corporation -> Mozilla Foundation) Task: {8A7BC657-4B61-4D5A-93BF-48A98DEE3D09} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier) Task: {8BC475CE-4BF6-49F3-8AD8-251944A8AC24} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {8C7EDCE3-4F3C-444D-B082-691C80E55D5B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier) Task: {944618DC-9FB5-4DF5-BD0A-F959F89F5315} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [228888 2023-01-10] (HP Inc. -> HP Inc.) Task: {95803BCC-532F-445A-AE74-8FF202116E01} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {95C6E302-F833-4692-A27C-82F2686C958F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3790553777-1873748162-583351805-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191152 2023-02-20] (Microsoft Corporation -> Microsoft Corporation) Task: {977EB53F-EBB4-403D-AE9E-6E799B9030B6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {98FC6D02-5B0C-4AB3-B82C-A3CA6AF10169} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9ECB0E01-FF18-4761-9E0F-0722C68432C5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {A574B4DC-2224-49F1-95AB-DDDBA15CCFE5} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION Task: {A6AF8091-413C-4A23-931A-59C3C63656A9} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B3959EE2-4020-4D40-ABB1-7AC0A062A513} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {B537F7E3-9083-4743-BD87-EBA93E0603B0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier) Task: {B66DBF62-7E61-4AB1-8782-8145F9C34161} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {B73D2A62-FA78-439D-8036-081156FD278D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier) Task: {BC0610DB-F168-4B0C-A2B8-BA5B921AB461} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {BF9346B4-8CCA-4FD7-AF3B-DF0953B2DC9E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {C007FB91-3E3C-420F-BBEB-5628644C3A28} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier) Task: {C21A4F4D-8C33-4C4D-9E08-D77EA83C6AED} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier) Task: {C5DBA6A0-3C2D-41A1-8385-747D7485388A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-03] (Microsoft Corporation -> Microsoft Corporation) Task: {CA7B4C06-D18A-4803-ABD3-6D423A16E43C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {CF7D85BF-8E93-4E1D-A319-3354BBBB790B} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jean\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-06-12] (ESET, spol. s r.o. -> ESET) Task: {D1BE3200-A53E-4E82-9F8A-9846FF653CE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D578C7B7-ED1F-4DA7-A770-2CD54EFE3BD9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier) Task: {D6079A90-EE91-438A-8587-BFB9EC411347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7973ECB-AD0B-4707-BD87-10EDC14F7548} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier) Task: {ED195D79-49BF-44EB-87BF-781ED68E4F37} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier) Task: {ED7F6143-F3D4-4CA7-B479-937CB53D95D2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier) Task: {EF5EEA21-3F45-4031-83B8-5679E232E3E9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191152 2023-02-20] (Microsoft Corporation -> Microsoft Corporation) Task: {F07BC8BC-4B81-44D7-BF78-EBC9739DBE8F} - System32\Tasks\{9957AB2B-0827-48D2-B69E-7928D6AFF010} => C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.0 AE\PHOTOfunSTUDIO.exe (Pas de fichier) Task: {F0A6C387-A85D-4088-9CA9-6D135786CC32} - System32\Tasks\{92BDDEEB-9068-4C1A-AA14-876C55F0B430} => C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 8.0 AE\PHOTOfunSTUDIO.exe (Pas de fichier) Task: {F19C1441-F467-4FB1-8422-208A1BD29397} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier) Task: {F85ABC25-36C1-46E1-B7DE-5D5E49AE650B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier) Task: {FEAE2D69-609B-4FC2-B8C8-8A2FE17B3274} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{b569e58d-c994-4940-a112-d7f3def0aef5}: [DhcpNameServer] 192.168.0.254 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION FireFox: ======== FF DefaultProfile: mtg7na1f.Jean-1655813437382 FF ProfilePath: C:\Users\Jean\AppData\Roaming\TomTom\HOME\Profiles\19wj2o20.default [2016-07-23] FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)] FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\s6yogwvd.Appda9648d6e4dc43fabdbadf3ddf82ee0e [2023-02-15] FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\i1h04q3m.Appb272bf9f11454001aaf2ac40191c751c [2023-02-15] FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\qiqjjlk0.Appee793dbad39149cdbe947d73e360fe62 [2023-02-15] FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382 [2023-02-20] FF Extension: (HTTPS partout) - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382\Extensions\https-everywhere@eff.org.xpi [2022-06-21] FF Extension: (I don't care about cookies) - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-12-14] FF Extension: (Qwant VIPrivacy) - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382\Extensions\qwantcomforfirefox@jetpack.xpi [2022-09-01] FF Extension: (uBlock Origin) - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382\Extensions\uBlock0@raymondhill.net.xpi [2023-02-16] FF Extension: (Purpling bubbles) - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\mtg7na1f.Jean-1655813437382\Extensions\{69ab6730-1a1a-4d27-8aa4-f27a0e5f2de8}.xpi [2022-06-21] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.17 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1143720 2013-02-15] (Acronis International GmbH -> Acronis) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3808248 2016-05-07] (Acronis International GmbH -> Acronis) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.0.0\ABService.exe [898216 2020-09-07] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-03] (Microsoft Corporation -> Microsoft Corporation) S4 Crypkey License; C:\WINDOWS\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [Fichier non signé] S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [41192 2022-11-17] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-11-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.028.0205.0002\FileSyncHelper.exe [3486640 2023-02-20] (Microsoft Corporation -> Microsoft Corporation) R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-01-22] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.028.0205.0002\OneDriveUpdaterService.exe [3866528 2023-02-20] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-17] (Microsoft Windows Publisher -> Microsoft Corporation) S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7093272 2013-03-26] (Acronis International GmbH -> Acronis) R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{639A5454-89DA-4BC5-8B80-4FE5429B6E92} [21312 2020-11-19] (Microsoft Windows -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [75848 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EUBAKUP0; C:\WINDOWS\system32\drivers\EUBAKUP0.sys [75848 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [55352 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 EUBKMON0; C:\WINDOWS\system32\drivers\EUBKMON0.sys [55352 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [556112 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EUFDDISK0; C:\WINDOWS\system32\drivers\EUFDDISK0.sys [556112 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [108832 2016-05-07] (Acronis International GmbH -> Acronis International GmbH) S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2021-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> ) S3 StillCam; C:\WINDOWS\system32\DRIVERS\serscan.sys [13312 2020-11-19] (Microsoft Corporation) [Fichier non signé] R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-05-07] (Acronis International GmbH -> Acronis International GmbH) S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [183224 2016-05-07] (Acronis International GmbH -> Acronis) R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [117024 2016-05-07] (Acronis International GmbH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation) U4 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-02-20 18:14 - 2023-02-20 18:20 - 000000000 ____D C:\FRST 2023-02-17 14:21 - 2023-02-17 14:21 - 000000000 ___HD C:\$WinREAgent 2023-02-16 09:01 - 2023-02-16 09:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2023-02-15 15:03 - 2023-02-15 15:03 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2023-02-15 15:03 - 2023-02-15 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2023-02-14 13:59 - 2023-02-14 13:59 - 001276508 _____ C:\Users\Jean\Downloads\CGV-VPC.pdf 2023-02-03 15:00 - 2023-02-03 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2023-01-19 08:52 - 2023-01-19 08:52 - 000000000 ____D C:\Users\Jean\AppData\Roaming\HP 2023-01-12 09:15 - 2023-02-03 09:25 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{F5F87583-9D61-465F-9BE3-C248257BCB34} 2023-01-12 09:15 - 2023-02-03 09:25 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C550E2CC-33F2-46A7-9CC3-61C89B023D33} 2022-11-26 17:59 - 2023-02-12 18:31 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2022-11-26 17:59 - 2023-02-11 16:08 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2022-11-26 17:59 - 2022-11-26 17:59 - 000000000 ____D C:\Users\Jean\AppData\Roaming\Thunderbird 2022-11-26 17:59 - 2022-11-26 17:59 - 000000000 ____D C:\Users\Jean\AppData\Local\Thunderbird 2022-11-26 10:19 - 2022-11-26 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 2022-11-26 10:18 - 2022-11-26 10:18 - 000000000 ____D C:\Users\Jean\AppData\Local\unali-1194315375 2022-11-26 10:18 - 2022-11-26 10:18 - 000000000 ____D C:\Users\Jean\AppData\Local\unali-1194315031 ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-02-20 18:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2023-02-20 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-02-20 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-02-20 18:04 - 2015-01-11 16:26 - 000000000 ____D C:\Users\Jean\AppData\Roaming\ZHP 2023-02-20 17:55 - 2017-04-05 21:30 - 000000000 ____D C:\Users\Jean\AppData\Local\ZHP 2023-02-20 17:48 - 2022-02-09 10:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-02-20 17:47 - 2018-02-04 19:08 - 000000000 ____D C:\Users\Jean\AppData\LocalLow\Mozilla 2023-02-20 17:44 - 2020-12-26 16:07 - 002005062 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-02-20 17:44 - 2019-12-07 15:50 - 000865430 _____ C:\WINDOWS\system32\perfh00C.dat 2023-02-20 17:44 - 2019-12-07 15:50 - 000177780 _____ C:\WINDOWS\system32\perfc00C.dat 2023-02-20 17:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-02-20 17:41 - 2020-09-15 16:40 - 000008192 ___SH C:\DumpStack.log.tmp 2023-02-20 17:41 - 2020-04-21 17:46 - 000000000 ____D C:\Users\Jean\AppData\Local\SquirrelTemp 2023-02-20 17:41 - 2019-12-12 18:21 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2023-02-20 17:41 - 2017-11-23 17:39 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2023-02-20 17:41 - 2016-07-25 09:32 - 000000000 ___RD C:\Users\Jean\OneDrive 2023-02-20 17:40 - 2022-09-01 12:50 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-02-20 17:40 - 2020-12-26 15:59 - 000000000 ____D C:\Users\Jean 2023-02-20 17:40 - 2020-11-19 00:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-02-20 17:40 - 2020-11-18 23:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-02-20 17:32 - 2022-08-31 12:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3790553777-1873748162-583351805-1000 2023-02-20 17:32 - 2022-08-30 18:47 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-02-20 17:32 - 2022-08-30 18:47 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-02-19 17:50 - 2022-06-12 13:28 - 000003838 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2023-02-19 17:50 - 2022-06-12 13:28 - 000003396 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2023-02-19 17:50 - 2022-06-12 13:18 - 000001414 _____ C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-02-17 14:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-02-17 14:30 - 2020-11-18 23:44 - 000476832 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-02-17 14:30 - 2017-10-15 18:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2023-02-17 14:30 - 2014-12-27 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-02-17 14:29 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-02-17 14:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-02-17 14:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-02-17 14:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-02-17 14:26 - 2020-11-19 00:46 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-02-17 14:19 - 2014-12-28 18:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-02-17 14:16 - 2014-12-28 18:27 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-02-17 11:02 - 2020-12-26 16:05 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-02-17 11:01 - 2022-10-11 13:54 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-02-16 09:01 - 2014-12-27 19:26 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-02-15 15:04 - 2020-11-19 00:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-02-15 11:14 - 2022-03-08 22:16 - 000000000 ____D C:\Users\Jean\AppData\Local\CrashDumps 2023-02-14 14:10 - 2017-11-20 17:43 - 000000000 ____D C:\Users\Jean\AppData\Local\Packages 2023-02-11 10:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-02-10 17:29 - 2014-12-27 20:49 - 000000000 ____D C:\Users\Jean\AppData\Local\Google 2023-02-07 14:43 - 2022-08-30 18:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-02-07 14:33 - 2015-01-07 15:12 - 000000000 ____D C:\Program Files (x86)\MSECache 2023-02-05 19:19 - 2019-10-05 10:47 - 000000000 ____D C:\Users\Jean\AppData\Roaming\vlc 2023-02-03 15:00 - 2021-06-21 07:43 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2023-02-03 14:51 - 2019-08-19 13:02 - 000000000 ____D C:\Program Files\VideoLAN 2023-01-28 18:00 - 2021-02-13 18:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-01-22 19:10 - 2016-07-25 09:47 - 000000000 ____D C:\Users\Jean\AppData\Local\Comms 2023-01-22 14:17 - 2021-06-10 09:25 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2023-01-22 14:16 - 2022-06-04 13:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP ==================== Fichiers à la racine de certains dossiers ======== 2017-04-25 14:21 - 2017-11-20 20:11 - 002974592 _____ () C:\Users\Jean\ZHPCleaner.exe 2018-04-07 15:01 - 2018-02-21 13:58 - 001394608 _____ (Softland) C:\Program Files\dopdf.exe 2018-04-07 15:01 - 2018-03-30 17:36 - 007197480 _____ (VS Revo Group ) C:\Program Files\revosetup.exe 2018-12-11 16:25 - 2018-12-11 16:25 - 000002124 _____ () C:\Program Files (x86)\Acrobat Reader DC.lnk 2019-06-29 13:01 - 2019-06-29 13:01 - 000002807 _____ () C:\Program Files (x86)\e-Carte Bleue Banque Populaire.lnk 2018-01-08 12:10 - 2018-01-08 12:06 - 000004579 _____ () C:\Program Files (x86)\free_av_17.9.2322_2018-1-8_12-6-32.avastconfig 2022-08-23 10:59 - 2022-08-23 10:59 - 000000368 _____ () C:\Users\Jean\AppData\Roaming\SaraBat.bat 2022-08-23 10:59 - 2022-08-23 10:59 - 000196984 _____ (Microsoft Corporation) C:\Users\Jean\AppData\Roaming\SetupProd_Act.exe 2015-08-15 16:14 - 2017-10-23 09:33 - 000038529 _____ () C:\Users\Jean\AppData\Roaming\Valeurs séparées par une virgule.ADR 2015-08-24 18:28 - 2015-08-26 15:14 - 000000294 _____ () C:\Users\Jean\AppData\Local\config.ini 2015-07-11 13:35 - 2015-07-11 13:35 - 000000000 _____ () C:\Users\Jean\AppData\Local\Phonebook.txt 2022-01-21 22:53 - 2022-01-21 22:53 - 000000017 _____ () C:\Users\Jean\AppData\Local\resmon.resmoncfg 2018-05-12 19:15 - 2018-05-16 09:49 - 000024496 _____ () C:\Users\Jean\AppData\Local\ZHPCquarantine.jpg ==================== SigCheckExt ========================= 2019-03-19 05:45 - 2019-03-19 05:45 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionMgr.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-downlevel-version-l1-1-0.dll 2020-02-12 09:47 - 2020-02-12 09:47 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-03-19 05:44 - 2019-03-19 05:44 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\canonurl.dll 2016-07-25 10:16 - 2016-07-25 10:16 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2019-03-19 05:45 - 2019-03-19 05:45 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll 2016-07-30 10:59 - 2008-05-08 00:29 - 000122880 _____ (CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-04-13 15:46 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dml.dll 2011-04-12 10:27 - 2010-11-21 04:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvscres.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2018-07-12 07:22 - 2018-06-15 18:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemonitor.dll 2018-09-11 19:53 - 2018-08-28 07:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2017-05-11 09:04 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2014-12-27 19:34 - 2012-05-15 07:13 - 000144896 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPPMon.dll 2018-07-12 07:22 - 2018-07-06 08:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll 2019-03-19 05:43 - 2019-03-19 05:43 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mitigationscanner.exe 2016-07-24 15:06 - 2016-06-10 21:11 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll 2012-01-09 16:28 - 2012-01-09 16:28 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll 2014-12-28 11:57 - 2012-08-21 22:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000049664 _____ C:\WINDOWS\system32\PerceptionSimulationInput.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneDataSync.dll 2015-02-11 13:42 - 2015-01-09 04:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll 2010-11-21 04:24 - 2010-11-21 04:24 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushPrinterConnections.exe 2014-12-28 11:55 - 2012-04-26 06:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe 2019-03-19 05:45 - 2019-03-19 05:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmClientApi.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe 2015-09-09 14:43 - 2015-07-22 17:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2014-12-28 11:57 - 2012-11-28 23:56 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wdfres.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2019-03-19 05:44 - 2019-03-19 05:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.ShellPosition.dll 2016-03-14 14:35 - 2016-02-12 19:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2016-07-30 10:59 - 1999-06-18 21:49 - 000165888 _____ (Kenonic Controls) C:\WINDOWS\Ckconfig.exe 2016-07-30 10:59 - 1995-07-04 18:33 - 000011776 _____ C:\WINDOWS\Ckrfresh.exe 2016-07-30 10:59 - 1996-05-03 15:36 - 000018432 _____ C:\WINDOWS\Setup_ck.dll 2016-07-30 10:59 - 1996-05-03 17:21 - 000027648 _____ C:\WINDOWS\Setup_ck.exe 2014-12-28 18:37 - 2014-12-28 18:37 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-12-28 18:37 - 2014-12-28 18:37 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2007-10-10 13:08 - 2007-10-10 13:08 - 000025600 _____ (Inprise Corporation) C:\WINDOWS\SysWOW64\BORLNDMM.dll 2019-03-19 05:45 - 2019-03-19 05:45 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\canonurl.dll 2006-03-03 09:02 - 2006-03-03 09:02 - 000658432 _____ (Borland Corporation) C:\WINDOWS\SysWOW64\cc3270mt.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cflapi.dll 2015-02-21 10:30 - 2004-08-04 04:54 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clipbrd.exe 2022-05-13 10:49 - 2008-08-25 17:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-01-15 14:17 - 2011-04-15 16:00 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 001161216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dml.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamemonitor.dll 2017-04-04 11:43 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 12:44 - 2016-07-16 23:46 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2014-12-27 19:34 - 2012-05-15 06:20 - 000104448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll 2014-12-28 18:41 - 2014-12-28 18:41 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsIntl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsTelemetry.dll 2016-07-24 15:06 - 2016-06-10 19:09 - 001155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll 2006-11-04 14:14 - 2006-11-04 14:14 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2010-11-21 04:24 - 2010-11-21 04:24 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pmcsnap.dll 2010-11-21 04:24 - 2010-11-21 04:24 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ppcsnap.dll 2010-11-21 04:24 - 2010-11-21 04:24 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PushPrinterConnections.exe 2000-10-02 00:00 - 2000-10-02 00:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll 2018-04-12 00:35 - 2018-04-12 17:24 - 000034304 _____ C:\WINDOWS\SysWOW64\vmstaging.dll 2022-05-13 10:49 - 2018-03-21 04:00 - 000482816 _____ (CANON INC.) C:\WINDOWS\system32\spool\prtprocs\x64\CNMPDEU.DLL 2022-05-13 10:49 - 2018-03-21 04:00 - 000566272 _____ (CANON INC.) C:\WINDOWS\system32\spool\prtprocs\x64\CNMPPEU.DLL 2015-10-30 08:19 - 2016-04-27 06:16 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\spool\prtprocs\x64\jnwppr.dll 2017-04-25 14:21 - 2017-11-20 20:11 - 002974592 _____ C:\Users\Jean\ZHPCleaner.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=E: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {9b135c08-478a-11eb-a0f3-d7ba8cf86aa4} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {2d669ad0-d7ad-11dd-81bd-e303d325356a} device ramdisk=[C:]\Recovery\2d669ad0-d7ad-11dd-81bd-e303d325356a\Winre.wim,{2d669ad1-d7ad-11dd-81bd-e303d325356a} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\2d669ad0-d7ad-11dd-81bd-e303d325356a\Winre.wim,{2d669ad1-d7ad-11dd-81bd-e303d325356a} systemroot \windows nx OptIn winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {6d192e8a-944d-11e9-aeb2-8b6874f47f6f} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6d192e8b-944d-11e9-aeb2-8b6874f47f6f} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6d192e8b-944d-11e9-aeb2-8b6874f47f6f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {bf26a078-478a-11eb-b56e-fd9f450a1bc1} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {9b135c08-478a-11eb-a0f3-d7ba8cf86aa4} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {bf26a078-478a-11eb-b56e-fd9f450a1bc1} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bf26a079-478a-11eb-b56e-fd9f450a1bc1} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{bf26a079-478a-11eb-b56e-fd9f450a1bc1} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {9b135c08-478a-11eb-a0f3-d7ba8cf86aa4} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {bf26a078-478a-11eb-b56e-fd9f450a1bc1} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=E: path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {2d669ad1-d7ad-11dd-81bd-e303d325356a} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\2d669ad0-d7ad-11dd-81bd-e303d325356a\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {bf26a079-478a-11eb-b56e-fd9f450a1bc1} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================