Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-12-2024 01 Exécuté par Gilles (administrateur) sur PC-GILLES (MSI MS-7816) (27-12-2024 16:15:25) Exécuté depuis C:\Users\Gilles\Desktop\FRST64.exe Profils chargés: Gilles Plate-forme: Microsoft Windows 10 Professionnel pour les Stations de travail Version 22H2 19045.5247 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Vertical Mouse Driver\Monitor.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe ->) (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe (explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe (explorer.exe ->) (DEVELOPER IN A BOX -> Developerinabox) C:\Program Files\Agent\AgentTray.exe (explorer.exe ->) (Matthew Malensek) [Fichier non signé] C:\Program Files (x86)\3RVX\3RVX.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gilles\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (DEVELOPER IN A BOX -> Developerinabox) C:\Program Files\Agent\Agent.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_964d6838c79da0a2\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe (services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe (services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2411.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa\iCloud\secd.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 2021-02-14] () <==== ATTENTION [zéro octet Fichier/Dossier] HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9237896 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (Pas de fichier) HKLM-x32\...\Run: [Eaton Systray Launcher] => C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2780416 2023-08-30] (Eaton Corporation -> ) [Fichier non signé] HKLM-x32\...\Run: [Vertical Mouse Driver] => C:\Program Files (x86)\Vertical Mouse Driver\Monitor.exe [487424 2017-06-23] () [Fichier non signé] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-08-09] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-16] (Adobe Inc. -> Adobe Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [3RVX] => C:\Program Files (x86)\3RVX\3RVX.exe [649216 2016-06-04] (Matthew Malensek) [Fichier non signé] HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [Lifesize App Service] => C:\Users\Gilles\AppData\Local\lifesize_app\Lifesize.exe [578824 2024-01-18] (Lifesize, Inc -> Lifesize) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [com.squirrel.lifesize_app.Lifesize] => C:\Users\Gilles\AppData\Local\lifesize_app\update.exe [1837320 2023-05-30] (Lifesize, Inc -> GitHub) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [Opera Browser Assistant] => C:\Users\Gilles\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [Agent Tray] => C:\Program Files\Agent\AgentTray.exe [929920 2024-08-02] (DEVELOPER IN A BOX -> Developerinabox) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [BingWallpaperApp] => C:\Users\Gilles\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [8224312 2024-12-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4144763311-214912462-1353588558-1001\...\Run: [MicrosoftEdgeAutoLaunch_CBEBA777D9175BAC414899972E58A15C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-16] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [342232 2015-07-03] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-22] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {845D8C84-2713-44F0-9DD9-415E84AFFA06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {A820824F-5EE8-487B-8808-CB48964E8917} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-DFI7JJD-Gilles => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {C5EAEF8F-53E1-4AF3-ACD7-33EDF1B22D10} - System32\Tasks\AOMEI Synchro Documents 2021-02-17, 20-36-02 => C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.5.0 (Pas de fichier) Task: {26BED276-FDD2-4934-8816-AE2D7179EA69} - System32\Tasks\AOMEI Synchro Mail 2021-02-17, 20-36-02 => C:\Program Files (x86)\AOMEI\AOMEI Backupper\ABLaucher.exe [497096 2022-08-31] (AOMEI International Network Limited -> AOMEI International Network Limited) Task: {8A9422D5-69D2-474B-886B-9DFF70956705} - System32\Tasks\AOMEI Synchro Mail 2021-02-17, 20-43-21 => C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.5.0 (Pas de fichier) Task: {1642B68D-A4DF-4BF6-ABFD-4205C24DD1B8} - System32\Tasks\AOMEI Synchronisation de base 2021-02-17, 20-36-02 => C:\Program Files (x86)\AOMEI\AOMEI Backupper 6.4.0 (Pas de fichier) Task: {AC317A2E-C8AC-490A-8FC6-A061AED62648} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\mozilla firefox\firefox.exe [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation) -> -osint -url "hxxps://www.cfos.de/fr/cfosspeed/documentation/status.htm?sw-12.00.2512&days=30" Task: {FE5B95C6-1AE2-4712-A5EB-213F0E04B11E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {69280EBF-6892-4FE4-994F-7F9134FA9E45} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {27DF5D1A-EE4C-4990-A744-F22B3892F5AA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{48D657DF-3B38-4862-9A99-45B079F02367} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC) Task: {97E5593C-2A68-4ECA-A8DC-1AB74BAF8B28} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation) Task: {CDB7A46A-4ED7-4CB6-901F-4BDB6592005C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6164192 2024-09-23] (Intel Corporation -> Intel Corporation) Task: {2626BD30-5992-48D5-B409-BC81F695E6DC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {E68A0A0F-C5B6-46ED-8C97-A179B48EE2EA} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-08-09] (Adobe Inc. -> Adobe Inc.) Task: {199B815D-9785-45A7-BDF6-6386895021A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [336104 2024-11-29] (Microsoft Corporation -> Microsoft Corporation) Task: {83A81BF2-C350-4286-B6E0-FCE87BD46E5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F2ECFBB7-CFA0-4A8F-B57F-B5AD5DAD9EF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {18BFF0B0-2413-4C42-A347-9BB369F52FB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0D64DF3F-B0B9-43BD-906D-AC839DD0F35F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {52AB0287-7F52-4B08-AAFF-167D855E7A4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3D9256CE-AAB8-4636-90DA-A70BFF60B291} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1ECB421A-3F18-4DE2-BABC-48EBD54BAD6A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-11] (Mozilla Corporation -> Mozilla Foundation) Task: {A91E9779-D11C-4F55-9AB2-9BA09A8F6586} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {C4032294-B4A9-413A-BBC2-02D430430867} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {A620D43C-7397-4A19-A8FC-6F222D994D75} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {F4AC08E1-E715-4293-99D0-F374A237936A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {F1DDC4FE-091A-48CA-B259-3CC130BBD290} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {13FDAEAD-3D0E-4B2B-9DD1-114843324CB8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {B54473A2-B51E-42AA-99AF-97195B12FE27} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {B73EC365-D15E-4A28-B62E-2B6C1D8FED80} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {3008E064-988D-457C-9C8D-E192DCF60BFC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-07-12] (Nvidia Corporation -> NVIDIA Corporation) Task: {EA86AC68-FF9C-40E4-9280-3F75B6FA6639} - System32\Tasks\Opera scheduled assistant Autoupdate 1613583778 => C:\Users\Gilles\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Gilles\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {61860DFE-09ED-45BF-BA56-23F804624DD3} - System32\Tasks\Opera scheduled Autoupdate 1613300471 => C:\Users\Gilles\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {9D11442D-9287-46C0-BA77-91729ED67101} - System32\Tasks\Opera scheduled Autoupdate 1613583775 => C:\Users\Gilles\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5596568 2024-12-23] (Opera Norway AS -> Opera Software) Task: {A76AEFBC-3F23-41EB-9B84-09420561D6E5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-01-24] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat" Task: {D0A60AFB-C098-45CF-B8E5-E4B09EC0ACB5} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-4144763311-214912462-1353588558-1001 => C:\Users\Gilles\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2024-11-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{eb8f0a7e-b9a2-4acf-a18e-1c58d520c781}: [NameServer] 8.8.8.8,1.1.1.1 Tcpip\..\Interfaces\{eb8f0a7e-b9a2-4acf-a18e-1c58d520c781}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{eb8f0a7e-b9a2-4acf-a18e-1c58d520c781}: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Gilles\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-27] Edge Notifications: Default -> hxxps://3ebb32tsly9wfdza3f.nnoomm.co.in; hxxps://e9d7435f5e8bd58977.nnoomm.co.in; hxxps://www.facebook.com Edge Extension: (Google Docs hors connexion) - C:\Users\Gilles\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-03] Edge Extension: (Edge relevant text changes) - C:\Users\Gilles\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04] FireFox: ======== FF DefaultProfile: hwq88wfa.default FF ProfilePath: C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default [2021-02-14] FF DownloadDir: E:\Telechargement FF NetworkProxy: Mozilla\Firefox\Profiles\hwq88wfa.default -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\hwq88wfa.default -> hxxps://ljld.undrabbifor.info; hxxps://u1h7.ughitilagu.info; hxxps://www.zt-za.com FF Extension: (Facebook Container) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\@contain-facebook.xpi [2020-11-17] FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\browsec@browsec.com.xpi [2021-02-08] FF Extension: (Correcteur de texte — LanguageTool) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\languagetool-webextension@languagetool.org.xpi [2021-02-04] FF Extension: (YouTube Classic) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\{6acd0f4d-ab79-4b79-9b28-8bde65ae355c}.xpi [2020-06-21] FF Extension: (Video DownloadHelper) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\hwq88wfa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-28] FF ProfilePath: C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release [2024-12-27] FF NetworkProxy: Mozilla\Firefox\Profiles\vt4jdz0i.default-release -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\vt4jdz0i.default-release -> hxxps://ljld.undrabbifor.info; hxxps://u1h7.ughitilagu.info; hxxps://www.zt-za.com; hxxps://monbureaupro.orange.fr; hxxps://www.facebook.com; hxxps://team.swile.co FF Extension: (Facebook Container) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\@contain-facebook.xpi [2023-07-21] FF Extension: (Activist – Soft) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\activist-soft-colorway@mozilla.org.xpi [2023-03-17] FF Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2024-12-13] FF Extension: (Firefox Relay) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\private-relay@firefox.com.xpi [2023-12-09] FF Extension: (MetaMask) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\webextension@metamask.io.xpi [2024-12-18] FF Extension: (YouTube Classic) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\{6acd0f4d-ab79-4b79-9b28-8bde65ae355c}.xpi [2020-06-21] FF Extension: (ClearURLs) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2023-02-04] FF Extension: (Video DownloadHelper) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-09-10] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Gilles\AppData\Roaming\Mozilla\Firefox\Profiles\vt4jdz0i.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-12-18] FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2021-02-13] (Sun Microsystems, Inc.) [Fichier non signé] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-16] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-16] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Profile 6 CHR Profile: C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-06-03] CHR Profile: C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-12-16] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-12-16] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-06-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-03] CHR Profile: C:\Users\Gilles\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-03] CHR HKU\S-1-5-21-4144763311-214912462-1353588558-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-4144763311-214912462-1353588558-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR DefaultProfile: Default OPR Profile: C:\Users\Gilles\AppData\Roaming\Opera Software\Opera Stable [2024-08-01] OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding} OPR DefaultSearchKeyword: Opera Stable -> g OPR Extension: (Rich Hints Agent) - C:\Users\Gilles\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-06] OPR Extension: (Opera Wallet) - C:\Users\Gilles\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-09-02] OPR Extension: (Aria) - C:\Users\Gilles\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-09-02] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Gilles\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-18] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-16] (Adobe Inc. -> Adobe Inc.) R2 Agent; C:\Program Files\Agent\Agent.exe [218240 2024-08-02] (DEVELOPER IN A BOX -> Developerinabox) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe [1102328 2023-04-19] (AOMEI International Network Limited -> AOMEI International Network Limited) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.) R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [3963120 2024-08-16] (Wondershare Technology Group Co.,Ltd -> wondershare) S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\214.4.5217\DropboxElevationService.exe [1659280 2024-12-17] (Dropbox, Inc -> Dropbox, Inc.) S2 Eaton UPSCompanion; C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2780416 2023-08-30] (Eaton Corporation -> ) [Fichier non signé] R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2023-08-11] (Wondershare Technology Group Co.,Ltd -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-11] (HP Inc. -> HP Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_964d6838c79da0a2\Display.NvContainer\NVDisplay.Container.exe [1287832 2024-01-15] (NVIDIA Corporation -> NVIDIA Corporation) S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.4.3\ProtonVPNService.exe [466664 2024-11-04] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPN.WireGuardService.exe [474336 2024-08-12] (Proton AG -> ProtonVPN) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-23] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2023-12-21] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22681904 2024-11-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2004352 2023-03-15] (Synology Inc. -> ) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [794544 2024-07-10] (Oracle America, Inc. -> Oracle and/or its affiliates) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [497392 2024-08-16] (Wondershare Technology Group Co.,Ltd -> Wondershare) S2 WirelessBackupService; C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\Recovery\WirelessBackupService.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2023-06-12] (AOMEI International Network Limited -> ) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2023-06-12] (AOMEI International Network Limited -> ) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 busenum; C:\Windows\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [51848 2023-08-30] (Eaton Corp -> hxxp://libusb-win32.sourceforge.net) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.4.3\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-11-04] (Proton AG -> Proton Technologies AG) S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254344 2024-07-10] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265216 2024-07-10] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1063736 2024-07-10] (Oracle Corporation -> Oracle and/or its affiliates) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [189144 2022-11-16] (Oracle Corporation -> Oracle and/or its affiliates) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2023-10-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2021-12-26] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-12-27 16:15 - 2024-12-27 16:16 - 000038983 _____ C:\Users\Gilles\Desktop\FRST.txt 2024-12-27 16:15 - 2024-12-27 16:16 - 000000000 ____D C:\FRST 2024-12-27 16:13 - 2024-12-27 16:13 - 000304377 _____ C:\Users\Gilles\Desktop\ZHPDiag.txt 2024-12-27 16:03 - 2024-12-27 16:03 - 000000868 _____ C:\Users\Gilles\Desktop\ZHPSuite.lnk 2024-12-27 16:02 - 2024-12-27 16:02 - 002403840 _____ (Farbar) C:\Users\Gilles\Desktop\FRST64.exe 2024-12-27 16:01 - 2024-12-27 16:00 - 003539144 _____ (Nicolas Coolman) C:\Users\Gilles\Desktop\ZHPSuite.exe 2024-12-27 15:06 - 2024-12-27 16:13 - 000000000 ____D C:\Users\Gilles\AppData\Roaming\ZHP 2024-12-27 15:06 - 2024-12-27 16:03 - 000000000 ____D C:\Users\Gilles\AppData\Local\ZHP 2024-12-27 15:06 - 2024-12-27 15:06 - 000000878 _____ C:\Users\Gilles\Desktop\ZHPCleaner.lnk 2024-12-23 14:55 - 2024-12-23 14:55 - 000000000 ____D C:\Users\Gilles\AppData\Local\Tempzxpsign84a07217e3360dab 2024-12-22 21:35 - 2024-12-22 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-12-17 12:55 - 2024-12-17 12:55 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2024-12-11 20:50 - 2024-12-11 20:50 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2024-12-11 20:46 - 2024-12-11 20:46 - 000000000 ____D C:\Users\Gilles\Apple 2024-12-11 20:24 - 2024-12-27 15:54 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2024-12-11 20:23 - 2024-12-12 15:50 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-12-11 16:13 - 2024-12-11 16:13 - 000000000 ___HD C:\$WinREAgent 2024-12-09 16:52 - 2024-12-09 16:52 - 000003600 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2024-12-09 16:52 - 2024-10-03 23:33 - 000049888 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\semav6msr64.sys 2024-11-26 15:14 - 2024-11-26 15:14 - 000000000 ____D C:\Users\Gilles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2024-11-24 19:25 - 2024-11-24 19:25 - 000022205 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-11-24 19:24 - 2024-11-24 19:24 - 000022205 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2024-11-20 15:16 - 2024-11-20 15:20 - 000000000 ____D C:\Users\Gilles\Desktop\Corpo 2024 2024-11-18 21:38 - 2024-11-18 21:38 - 000789898 _____ C:\Users\Gilles\Desktop\Guide_du_club_de_pétanque.pdf 2024-11-14 22:42 - 2024-11-14 22:42 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk 2024-11-14 22:42 - 2024-11-14 22:42 - 000000879 _____ C:\Users\Public\Desktop\TeamViewer.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2024-11-14 14:27 - 2024-11-14 14:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2024-11-14 14:26 - 2024-11-14 14:26 - 000000000 ____D C:\Windows\PCHEALTH 2024-11-14 14:26 - 2024-11-14 14:26 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-11-14 14:25 - 2024-11-14 14:27 - 000000000 ____D C:\Windows\SHELLNEW 2024-11-14 14:25 - 2024-11-14 14:25 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2024-11-14 14:25 - 2024-11-14 14:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-11-14 14:25 - 2024-11-14 14:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2024-11-07 18:15 - 2024-11-07 18:15 - 012111635 _____ C:\Users\Gilles\Desktop\OAP.pdf 2024-11-07 18:13 - 2024-11-07 18:10 - 002215983 _____ C:\Users\Gilles\Desktop\OAP.JPEG 2024-11-07 18:10 - 2024-11-07 18:10 - 001096053 _____ C:\Users\Gilles\Desktop\OAP.heic 2024-11-03 14:30 - 2024-11-14 14:03 - 000449536 _____ C:\Users\Gilles\Desktop\CRC Fem.xls 2024-11-03 14:26 - 2024-11-14 14:35 - 000449024 _____ C:\Users\Gilles\Desktop\CRC Open.xls 2024-11-02 15:12 - 2024-11-02 15:12 - 000922855 _____ C:\Users\Gilles\Desktop\Campagne électorale F.F.P.J.P. 2024.pdf 2024-11-02 14:28 - 2024-11-02 14:28 - 000000264 _____ C:\Users\Gilles\Desktop\https___service.e-cartebleue.com_fr_banquepopulaire_#.url 2024-10-24 17:19 - 2024-10-24 17:19 - 011015824 _____ C:\Users\Gilles\Desktop\24 octobre 2024.pdf 2024-10-18 15:37 - 2024-12-12 20:27 - 000002464 _____ C:\Users\Gilles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper.lnk 2024-10-17 15:51 - 2024-10-17 15:51 - 000068444 _____ C:\Users\Gilles\Desktop\Gilles ENJALBERT_Bulletin de paie du 2024-09-30.pdf 2024-10-17 15:50 - 2024-10-17 15:50 - 000070294 _____ C:\Users\Gilles\Desktop\Gilles ENJALBERT_Bulletin de paie du 2024-08-31.pdf 2024-10-13 11:02 - 2024-10-13 11:31 - 000151552 _____ C:\Users\Gilles\Desktop\Requista-la primaube.xls 2024-10-10 15:36 - 2024-10-10 15:36 - 001548564 _____ C:\Users\Gilles\Desktop\10 octobre 2024.pdf 2024-10-02 15:50 - 2024-10-10 15:14 - 000000000 ____D C:\Users\Gilles\Desktop\USB 64Go 2024-09-29 22:49 - 2024-09-29 22:49 - 000116132 _____ C:\Users\Gilles\Desktop\Demande d'extrait de casier judiciaire (bulletin n°3) - Impression du récapitulatif de mes informations.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-12-27 16:14 - 2022-02-08 23:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-12-27 16:09 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2024-12-27 16:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-12-27 15:59 - 2021-02-13 18:42 - 001771974 _____ C:\Windows\system32\PerfStringBackup.INI 2024-12-27 15:59 - 2019-12-07 15:50 - 000792000 _____ C:\Windows\system32\perfh00C.dat 2024-12-27 15:59 - 2019-12-07 15:50 - 000150166 _____ C:\Windows\system32\perfc00C.dat 2024-12-27 15:59 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2024-12-27 15:54 - 2023-07-26 19:41 - 000000000 ____D C:\Program Files\TeamViewer 2024-12-27 15:54 - 2023-07-04 21:52 - 000000531 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2024-12-27 15:54 - 2021-12-15 22:09 - 000000000 ____D C:\Windows\SystemTemp 2024-12-27 15:54 - 2021-02-16 20:24 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat 2024-12-27 15:54 - 2021-02-16 20:24 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2024-12-27 15:54 - 2021-02-13 20:04 - 000000000 ____D C:\ProgramData\NVIDIA 2024-12-27 15:54 - 2021-02-13 18:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-12-27 15:54 - 2021-02-13 18:33 - 000008192 ___SH C:\DumpStack.log.tmp 2024-12-27 15:54 - 2020-11-19 00:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-12-27 15:53 - 2023-05-22 19:58 - 000001426 _____ C:\Windows\system32\default_error_stack-000000-000000.txt 2024-12-27 15:53 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-12-27 15:43 - 2020-11-18 23:44 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-12-27 13:23 - 2021-02-13 18:41 - 000000000 ____D C:\Users\Gilles\AppData\Local\Packages 2024-12-27 11:54 - 2021-02-14 10:58 - 000000000 ____D C:\Users\Gilles\AppData\Local\CrashDumps 2024-12-27 11:46 - 2024-08-10 10:56 - 000003562 _____ C:\Windows\system32\Tasks\Launch Adobe CCXProcess 2024-12-27 09:36 - 2023-05-10 16:57 - 000001391 _____ C:\Users\Gilles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2024-12-27 09:36 - 2021-02-17 18:43 - 000004268 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1613583775 2024-12-27 09:33 - 2021-02-13 22:56 - 000000000 ____D C:\Users\Gilles\AppData\Local\Adobe 2024-12-26 14:32 - 2021-02-13 22:35 - 000000000 ____D C:\Users\Gilles\AppData\Roaming\Microsoft\Word 2024-12-26 14:23 - 2021-02-14 11:12 - 000000000 ____D C:\Users\Gilles\AppData\Roaming\Microsoft\Excel 2024-12-26 13:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-12-24 19:13 - 2021-02-13 23:41 - 000000000 ____D C:\Gestion_concours 2024-12-23 23:04 - 2021-02-14 16:31 - 000000000 ____D C:\ProgramData\AomeiBR 2024-12-23 22:53 - 2021-02-16 20:24 - 000001024 ____H C:\SYSTAG.BIN 2024-12-23 15:00 - 2021-02-13 18:41 - 000000000 ____D C:\Users\Gilles\AppData\Roaming\Adobe 2024-12-23 10:03 - 2021-02-14 11:35 - 000000000 ____D C:\Users\Gilles\AppData\Local\D3DSCache 2024-12-22 21:35 - 2023-01-16 14:39 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-12-22 21:35 - 2021-04-06 10:08 - 000000000 ____D C:\Users\Gilles\AppData\Local\Dropbox 2024-12-22 21:35 - 2021-04-06 10:08 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-12-22 21:35 - 2020-11-19 00:47 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-12-22 21:29 - 2020-11-19 00:46 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-12-22 21:29 - 2020-11-19 00:46 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-12-18 11:18 - 2021-12-13 13:47 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4144763311-214912462-1353588558-1001 2024-12-18 11:18 - 2021-02-13 18:42 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4144763311-214912462-1353588558-1001 2024-12-18 11:18 - 2021-02-13 18:40 - 000002422 _____ C:\Users\Gilles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-12-16 20:15 - 2021-09-10 17:11 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-12-16 20:15 - 2021-09-10 17:11 - 000002010 _____ C:\Users\Default\Desktop\Google Slides.lnk 2024-12-16 20:15 - 2021-09-10 17:11 - 000002010 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2024-12-16 20:15 - 2021-09-10 17:11 - 000001998 _____ C:\Users\Default\Desktop\Google Docs.lnk 2024-12-12 15:51 - 2020-11-18 23:44 - 000445888 _____ C:\Windows\system32\FNTCACHE.DAT 2024-12-11 20:53 - 2024-03-05 23:15 - 000000000 ____D C:\Program Files\Hyper-V 2024-12-11 20:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-12-11 20:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2024-12-11 20:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2024-12-11 20:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2024-12-11 20:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2024-12-11 20:49 - 2021-02-13 18:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-12-11 20:46 - 2021-02-13 18:40 - 000000000 ____D C:\Users\Gilles 2024-12-11 20:43 - 2021-02-13 18:41 - 000000000 ____D C:\Users\Gilles\AppData\Local\Publishers 2024-12-11 20:43 - 2020-11-19 00:48 - 000000000 ____D C:\ProgramData\Packages 2024-12-11 20:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2024-12-11 20:28 - 2022-10-12 20:53 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-12-11 20:28 - 2021-02-13 22:58 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-12-11 20:26 - 2020-11-19 00:46 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-12-10 17:39 - 2021-05-25 17:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-12-09 16:52 - 2023-05-05 16:28 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2024-12-09 16:52 - 2023-05-05 16:28 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon ==================== Fichiers à la racine de certains dossiers ======== 2024-03-06 21:56 - 2024-06-24 10:25 - 000001456 _____ () C:\Users\Gilles\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2021-08-18 11:30 - 2021-08-18 11:50 - 000011776 _____ () C:\Users\Gilles\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2021-04-11 16:26 - 2023-10-18 09:56 - 000000205 _____ () C:\Users\Gilles\AppData\Local\oobelibMkey.log 2022-03-28 20:22 - 2024-04-03 09:48 - 000000128 _____ () C:\Users\Gilles\AppData\Local\PUTTY.RND 2023-09-15 15:45 - 2023-09-15 15:45 - 000000884 _____ () C:\Users\Gilles\AppData\Local\recently-used.xbel 2022-11-17 18:40 - 2024-03-23 14:10 - 000007597 _____ () C:\Users\Gilles\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2010-09-07 17:26 - 2010-09-07 17:26 - 000053760 _____ C:\Windows\system32\JPCSC.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll 2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\mvtcpmon.dll 2009-06-25 09:27 - 2009-06-25 09:27 - 000868864 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\mvtcpui.dll 2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) C:\Windows\system32\slp64.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2021-02-13 23:41 - 1998-07-13 00:00 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL 2021-02-13 23:41 - 1998-07-13 00:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FLXGDFR.DLL 2021-02-13 23:41 - 2006-11-16 15:51 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETFR.DLL 2010-09-07 17:32 - 2010-09-07 17:32 - 000051712 _____ C:\Windows\SysWOW64\JPCSC.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libcrypto-1_1.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libssl-1_1.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll 2021-02-13 23:41 - 1998-07-13 01:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll 2021-02-13 23:41 - 1998-07-13 00:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL 2021-02-14 12:02 - 1987-12-19 22:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll 2021-02-14 12:02 - 1987-12-19 22:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll 2021-02-13 23:41 - 2000-10-02 00:00 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6fr.dll 2021-02-13 23:41 - 1998-07-13 00:00 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSKFR.dll 2024-12-27 16:02 - 2024-12-27 16:02 - 002403840 _____ (Farbar) C:\Users\Gilles\Desktop\FRST64.exe 2024-12-27 16:01 - 2024-12-27 16:00 - 003539144 _____ (Nicolas Coolman) C:\Users\Gilles\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {f9c79268-c135-11ef-b1e3-d43d7ed6c4de} {39a1e66a-6e21-11eb-b189-b4829fbafa63} {6eb6f8a1-6e2d-11eb-b0b6-d43d7ed6c4de} {39a1e667-6e21-11eb-b189-b4829fbafa63} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {39a1e66b-6e21-11eb-b189-b4829fbafa63} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {39a1e667-6e21-11eb-b189-b4829fbafa63} description UEFI: Built-in EFI Shell Application logicielle (101fffff) -------------------------------- identificateur {39a1e66a-6e21-11eb-b189-b4829fbafa63} description Hard Drive Application logicielle (101fffff) -------------------------------- identificateur {6eb6f8a1-6e2d-11eb-b0b6-d43d7ed6c4de} device unknown description CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {f9c79268-c135-11ef-b1e3-d43d7ed6c4de} description Unknown Device Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {39a1e66d-6e21-11eb-b189-b4829fbafa63} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {39a1e66b-6e21-11eb-b189-b4829fbafa63} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de démarrage Windows ----------------------------- identificateur {39a1e66d-6e21-11eb-b189-b4829fbafa63} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{39a1e66e-6e21-11eb-b189-b4829fbafa63} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{39a1e66e-6e21-11eb-b189-b4829fbafa63} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {39a1e66b-6e21-11eb-b189-b4829fbafa63} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {39a1e66d-6e21-11eb-b189-b4829fbafa63} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {39a1e66e-6e21-11eb-b189-b4829fbafa63} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================