Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025 Exécuté par Vro (administrateur) sur DESKTOP-U3NB65S (HP 460-a001nf) (27-01-2025 09:16:36) Exécuté depuis C:\Users\Vro\Desktop\FRST Second\FRST64.exe Profils chargés: Vro Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5371 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe (services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vro\AppData\Local\Microsoft\OneDrive\24.244.1204.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.) HKLM-x32\...\Run: [ZoneAlarm Upgrader] => C:\Program Files (x86)\CheckPoint\ICM\UM_Interface.exe [37696 2024-09-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [24648912 2017-08-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [42164600 2022-07-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2\amd64" [4096 2022-07-11] () [Fichier non signé] HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2" [65536 2022-07-11] () [Fichier non signé] HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {67197291-E42E-4355-8B8C-BDA4E75F20D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.) Task: {70A4A514-A779-4766-9999-F68DD69FEF77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs Task: {277AAEF6-2CB5-4349-AEC2-236DB7844828} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> ) Task: {352E3040-C81C-43A0-B488-1ACB572E761B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {D0FFDB13-A1C4-4EB8-8CA5-BBC230E5CBAB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {21E8A26B-6DD7-4F8C-A3FA-D7CBBB1A7D3F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA Task: {DDDDD926-6BD8-4B7A-B4CE-D77F05ACA0EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart Task: {60192EA8-34DD-4B52-9E6C-3873F07D33C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show Task: {59BF3AA5-7592-4096-9799-1F5AD4F1FD59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-12] (HP Inc. -> HP Inc.) Task: {28EC55CA-5015-4D43-9F84-ADDB3F33E35E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u Task: {DA59D0D6-2CF5-49E3-932F-2FE8E85ABF6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r /m Task: {2157D956-51D0-48A1-A100-1EBBD1A3CE96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r Task: {7377F1F5-C684-4669-95AE-BEE28DE1EBBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis Task: {521A88D9-0DBA-4D16-9017-D8703466CAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport Task: {C19A082E-24F2-4EAF-9D3D-CE82B4484E1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-12] (HP Inc. -> HP Inc.) Task: {384DB857-625B-4E55-A098-FD92CE2AC796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier) Task: {9D4EB0E9-457A-4E0F-A080-3E61882935DA} - System32\Tasks\HPDAS => C:\Program -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs Task: {52713E61-4A1F-405A-BA59-9975A1C2993B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B50B1359-DC10-4C2A-B583-01DBD69A9E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F810A62B-6600-4150-9FEB-3B41C6E878AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {180867F5-2270-4E98-9719-AE339032A73A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {331FD892-BF7D-4543-940B-FF447E0BFD79} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {78FD465A-00D9-4BDF-AC11-C2AE1240F2C0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2014682923-2924825109-1543415093-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {19F7D7A2-B386-473D-B6AC-2FB781909CD9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation) Task: {E2761662-4E4D-4690-A07E-B51A0CEBC2BA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{3ce5b15d-7d10-4ed0-b14c-b4ee28aadf30}: [DhcpNameServer] 109.0.66.10 109.0.66.20 Tcpip\..\Interfaces\{d589d63d-a4ba-45b8-9ca9-14ac1c75be62}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-15] Edge Extension: (Google Docs hors connexion) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27] Edge Extension: (Edge relevant text changes) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF DefaultProfile: y2qot8ce.default-1626364951399 FF ProfilePath: C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 [2025-01-27] FF Notifications: Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 -> hxxps://www.instagram.com; hxxps://www.oui.sncf; hxxps://a.searchdatingroom.top; hxxps://www.voyage-prive.com; hxxps://www.paruvendu.fr; hxxps://www.peaches.fr; hxxps://oyglk.mithrilminer.top; hxxps://www.quizz.biz FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-17] FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> ) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [764440 2022-05-12] (HP Inc. -> HP Inc.) S2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [763456 2022-05-12] (HP Inc. -> HP Inc.) S2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [759336 2022-05-12] (HP Inc. -> HP Inc.) S2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [762912 2022-05-12] (HP Inc. -> HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-16] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-09] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-03-10] (X-Rite Incorporated -> X-Rite Inc.) R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-01-27] (Malwarebytes Inc. -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-04] (Microsoft Windows -> Microsoft Corporation) R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-06-23] (PC Micro Systems Inc. -> Nicomsoft Ltd.) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-27 09:15 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\FRST Second 2025-01-27 08:31 - 2025-01-27 08:31 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2025-01-26 19:57 - 2025-01-26 19:57 - 005332026 _____ C:\Users\Vro\Downloads\csp---projets-de-programme-de-japonais---coll-ge-199367.pdf 2025-01-26 18:56 - 2025-01-26 18:56 - 005285081 _____ C:\Users\Vro\Downloads\CPC - Formation Thorique N3 - Planification plonge pour tous-2.zip 2025-01-26 14:31 - 2025-01-26 14:31 - 000093322 _____ C:\Users\Vro\Downloads\Demande de congé pour formation syndicale 06 03 25.pdf 2025-01-24 16:29 - 2025-01-27 09:26 - 000000000 ____D C:\FRST 2025-01-24 15:01 - 2025-01-24 16:12 - 000000000 ____D C:\Users\Vro\AppData\Roaming\ZHP 2025-01-24 15:01 - 2025-01-24 15:01 - 000000870 _____ C:\Users\Vro\Desktop\ZHPSuite.lnk 2025-01-24 15:01 - 2025-01-24 15:01 - 000000000 ____D C:\Users\Vro\AppData\Local\ZHP 2025-01-24 14:44 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\NETTOYAGE PC 2025-01-20 13:08 - 2025-01-20 13:08 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(2).pdf 2025-01-19 15:39 - 2025-01-19 15:39 - 000073447 _____ C:\Users\Vro\Documents\AttestationRespCiv2025.pdf 2025-01-19 15:33 - 2025-01-19 15:34 - 000069826 _____ C:\Users\Vro\Downloads\Attestation_RC_ViePrivée.pdf 2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024.pdf 2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(1).pdf 2025-01-18 16:40 - 2025-01-18 16:40 - 000034521 _____ C:\Users\Vro\Documents\AttestationHonneurMobDur2024.pdf 2025-01-18 16:36 - 2025-01-18 16:36 - 000011103 _____ C:\Users\Vro\Downloads\AttestationHonneur.pdf 2025-01-18 16:27 - 2025-01-18 16:27 - 000071246 _____ C:\Users\Vro\Downloads\annexe_1-4.pdf 2025-01-18 16:20 - 2025-01-18 16:20 - 002003853 _____ C:\Users\Vro\Downloads\circulaire_fmd_-_annee_civile_2024-2.pdf 2025-01-18 15:50 - 2025-01-18 15:50 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7(1).pdf 2025-01-18 15:42 - 2025-01-18 15:42 - 001661925 _____ C:\Users\Vro\Downloads\ob_76eacb_rapport-d-auto-evaluation-modifie-pa.pdf 2025-01-18 15:12 - 2025-01-18 15:12 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7.pdf 2025-01-18 15:12 - 2025-01-18 15:12 - 000422392 _____ C:\Users\Vro\Downloads\ob_5a676a_rapport-auto-evaluation-ecole-les-tam.pdf 2025-01-15 15:02 - 2025-01-15 15:02 - 000000000 ___HD C:\$WinREAgent 2025-01-14 20:17 - 2025-01-14 20:17 - 001098729 _____ C:\Users\Vro\Downloads\25pecp_guide_des_scores_16122024.pdf 2025-01-09 13:31 - 2025-01-25 17:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2025-01-07 16:46 - 2025-01-07 16:46 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025(1).odt 2025-01-06 16:56 - 2025-01-06 16:56 - 002971806 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe.pdf 2025-01-06 16:52 - 2025-01-06 16:52 - 002032527 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe - Esther PEREL.pdf 2025-01-05 20:52 - 2025-01-05 20:52 - 000030301 _____ C:\Users\Vro\Downloads\licenciés et adhérents 2024-2025.xlsx 2024-12-22 17:47 - 2024-12-22 17:47 - 000531044 _____ C:\Users\Vro\Downloads\gift_card(2).pdf 2024-12-22 17:45 - 2024-12-22 17:45 - 000217531 _____ C:\Users\Vro\Downloads\gift_card(1).pdf 2024-12-22 17:42 - 2024-12-22 17:42 - 000217113 _____ C:\Users\Vro\Downloads\gift_card.pdf 2024-12-18 18:32 - 2024-12-18 18:32 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025.odt 2024-12-17 19:47 - 2024-12-17 19:48 - 000376799 _____ C:\Users\Vro\Downloads\thaumatrope.pdf 2024-12-15 21:43 - 2024-12-15 21:48 - 000000000 ____D C:\Users\Visiteur\AppData\Local\Malwarebytes 2024-12-14 17:03 - 2024-12-14 17:03 - 002924008 _____ C:\Users\Vro\Downloads\dossier-pedagogique-la-dompteuse-de-colere_1.pdf 2024-12-13 17:30 - 2024-12-13 17:30 - 000161316 _____ C:\Users\Vro\Downloads\Plaquette CALICEO 2025.pdf 2024-12-13 17:26 - 2024-12-13 17:26 - 000086119 _____ C:\Users\Vro\Downloads\Informations pratiques sur les centres Calicéo.pdf 2024-12-13 13:24 - 2024-12-13 13:24 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-12-13 13:21 - 2024-12-13 13:21 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-12-11 16:56 - 2024-12-11 16:56 - 000050993 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.pdf 2024-12-11 16:47 - 2024-12-11 16:54 - 000017584 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.odt 2024-12-09 12:25 - 2024-12-09 12:25 - 000000000 ____D C:\Users\Vro\Documents\Nouveau dossier 2024-11-30 20:56 - 2024-11-30 20:56 - 000193842 _____ C:\Users\Vro\Downloads\0e64d500657fabfbfda36855e0049bc6c45c8ffc(2).pdf 2024-11-30 17:25 - 2024-11-30 17:25 - 001105213 _____ C:\Users\Vro\Downloads\Gevasco réexamen WONG jeromy 2024 2025.pdf 2024-11-30 15:42 - 2024-11-30 15:43 - 000105179 _____ C:\Users\Vro\Documents\Justificatif congrès 29 11 30.pdf 2024-11-25 17:55 - 2024-11-25 17:55 - 000024678 _____ C:\Users\Vro\Downloads\facture-KJ02823392-2024-9-7860553.pdf 2024-11-25 17:51 - 2024-11-25 17:51 - 000148053 _____ C:\Users\Vro\Downloads\Formations en partenariat avec le Mémorial de la Shoah - 2025.pdf 2024-11-25 17:27 - 2024-11-25 17:28 - 000888090 _____ C:\Users\Vro\Documents\Retour satisfaction stage SUD 25 11 24.pdf 2024-11-25 17:19 - 2024-11-25 17:19 - 000137852 _____ C:\Users\Vro\Downloads\result(3).pdf 2024-11-25 17:15 - 2024-11-25 17:15 - 000137852 _____ C:\Users\Vro\Documents\Justificatif stage 25 11 24.pdf 2024-11-24 18:08 - 2024-11-24 18:08 - 001130923 _____ C:\Users\Vro\Downloads\ACFrOgBt8NEKjPDg-ucKVFOSiAkc5vjWN6XqTNlR0kmtmQ8yOrBRR2u2EfIF9tXWWUuLU4CxhX4WZ9IWEtQjqrTeM4Nz7nvS4p93aFB_KlTwj8BnvPZZUFnRmb9Pe7TqhR6f0RD8LLQBANwHhSo6.pdf 2024-11-24 17:38 - 2024-11-24 17:38 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre(1).pdf 2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025.pdf 2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(3).pdf 2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(2).pdf 2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(1).pdf 2024-11-24 17:34 - 2024-11-24 17:34 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre.pdf 2024-11-24 17:30 - 2024-11-24 17:30 - 000281569 _____ C:\Users\Vro\Downloads\Contrat_Pain.pdf 2024-11-24 17:23 - 2024-11-24 17:23 - 000143221 _____ C:\Users\Vro\Downloads\ACFrOgBVoUZ8JAjGZj_8BBO4AwLduf4-HCcJ9l9Sg6kdFIEr-wI16CEhcu0R34WqbEUwQPwhkI32luhb95LPLrQiQ4O7nd0-iGOpp6xxa-0TSQpca3FAKWUk08Mj3D9bwv5-0kI160jEzCrdO5aN.pdf 2024-11-16 14:51 - 2024-11-16 14:51 - 001067814 _____ C:\Users\Vro\Downloads\2024-attendus-edd-cycle-1_2024.pdf 2024-11-16 14:44 - 2024-11-16 14:44 - 004306378 _____ C:\Users\Vro\Downloads\2-Milieu marin PB1 Castel Stagiaires.pdf 2024-11-16 14:42 - 2024-11-16 14:42 - 000574735 _____ C:\Users\Vro\Downloads\ACFrOgB-eKcu2mU7dpOLQVo-RqiSI_gKErpGrjlh31WyTv0lxASluhErU1-jKeYG8finZ-bnNRDOuvohFmjEYLTunxNaEa3YFjIlKdK0LyAqO_9a-0v_BqTk0hJYcAS8XNMV1fE5LDThEhDxSK-l.pdf 2024-11-16 14:39 - 2024-11-16 14:39 - 000359817 _____ C:\Users\Vro\Downloads\ACFrOgCHswbVrbMeS7IAhUf3Iq41wlpQyxcxXvT0zdIvhumJAoPm6_1B1U5XoIrmp1rJGGBsyRKwYaC95kWe3tWHzfn-NKxrgqexBrMxwIPyp3bqUks2mzfWv5HJqwy6w3urvEhv__6I9WmLlmf4.pdf 2024-11-16 14:38 - 2024-11-16 14:38 - 000359736 _____ C:\Users\Vro\Downloads\ACFrOgDRwFImnIE60v0mVRmY2SEy-Hz4TYdtHLsCGAZRN_SBzsY_iUnInSHFxO6fdfLF74omLKdnPAHghwTucpQuxeYICscOiycgyDfnxIPPCq7548BBLQmwjleMg2L_AFVRYn6_NiQDpGj0T-jp.pdf 2024-11-16 14:31 - 2024-11-16 14:31 - 000359674 _____ C:\Users\Vro\Downloads\ACFrOgBfX41eQap7DlR1uunQHpeBSh3d2kbG0kDPrj4QOeZHcJy11Xfu8JwgAcgutW_iTmef_QHBPk0qlLdJ-1LTaCVtLsRzjM4pyaPNDB20JzcfJapjRwI6bCXgLjsfTD-NuGV5sJxBgKNgkGeb.pdf 2024-11-16 14:21 - 2024-11-16 14:21 - 000098541 _____ C:\Users\Vro\Downloads\Contrat_brebis.pdf 2024-11-16 14:09 - 2024-11-16 14:09 - 000200984 _____ C:\Users\Vro\Downloads\APznzaajuiwq2vjoZY-9UEcxGoaN2w1airlywqkoK_VQB6ORBv8rOVS2_5n9M3m_fM_unydzlWvPIp_FFmPgddxTnJvhJfwE1y287-E9qKRekfIus1CXQypD4qYF3tUXLqXIs8NrDKCtK8RQxv2AxYGQTVrTNx5vYC-vet2JBq-VKNRFD5hhW7gtDWhrWE8n5yeNDDZwXJXNdoPZnwDQnIqnvjASgcC.pdf 2024-11-15 16:50 - 2024-11-15 16:50 - 000128253 _____ C:\Users\Vro\Downloads\result(2).pdf 2024-11-15 16:44 - 2024-11-15 16:44 - 000128253 _____ C:\Users\Vro\Documents\Convocation congrès SE-UNSA 29 11 24.pdf 2024-11-14 19:22 - 2024-11-14 19:22 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE(1).pdf 2024-11-14 19:20 - 2024-11-14 19:20 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE.pdf 2024-11-13 15:55 - 2024-11-13 15:55 - 000025328 _____ C:\Users\Vro\Downloads\2024_10_BP_octobre.pdf 2024-11-12 20:22 - 2024-11-12 20:23 - 001457041 _____ C:\Users\Vro\Downloads\player.pdf 2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(3).pdf 2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(2).pdf 2024-11-11 18:26 - 2024-11-11 18:26 - 000477486 _____ C:\Users\Vro\Downloads\Annonce_stage_PB1.pdf 2024-11-08 13:02 - 2024-11-08 13:02 - 000381136 _____ C:\Users\Vro\Downloads\Courrier de Madame la Rectrice.pdf 2024-11-07 18:51 - 2024-11-07 19:15 - 001161964 _____ C:\WINDOWS\Minidump\110724-80796-01.dmp 2024-11-06 18:18 - 2024-11-06 18:18 - 012498992 _____ C:\Users\Vro\Downloads\Dossier pedagogique LAntilope dor la renarde et le lievre.pdf 2024-11-06 18:18 - 2024-11-06 18:18 - 008044098 _____ C:\Users\Vro\Downloads\Cahier de coloriages LAntilope dor la renarde et le lievre.pdf 2024-11-03 19:38 - 2024-11-03 19:38 - 001307634 _____ C:\Users\Vro\Downloads\pré-programme-hiver24-25-v2.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-27 09:38 - 2023-12-04 17:33 - 000000000 ____D C:\Users\Vro\AppData\Local\Malwarebytes 2025-01-27 09:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-01-27 09:16 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Visiteur 2025-01-27 08:27 - 2017-09-17 14:55 - 000000391 _____ C:\Users\Vro\Desktop\Panneau de configuration - Raccourci.lnk 2025-01-27 08:24 - 2022-02-11 13:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-01-27 08:22 - 2018-09-15 21:55 - 000000000 ____D C:\Users\Vro\AppData\Local\CrashDumps 2025-01-27 08:20 - 2020-02-19 18:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2025-01-27 08:20 - 2016-12-10 11:45 - 000000000 __SHD C:\Users\Vro\IntelGraphicsProfiles 2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-01-26 18:37 - 2020-08-27 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-01-26 11:49 - 2023-01-16 21:33 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-01-26 11:49 - 2021-12-16 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-01-26 11:49 - 2020-06-25 15:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-01-25 21:22 - 2022-01-22 15:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2025-01-25 17:54 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Vro 2025-01-25 17:48 - 2020-08-27 23:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-01-25 17:48 - 2020-08-27 22:34 - 000008192 ___SH C:\DumpStack.log.tmp 2025-01-25 17:48 - 2016-12-10 12:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-01-25 17:48 - 2016-08-05 03:30 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2025-01-25 17:48 - 2016-08-05 03:30 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2025-01-25 15:44 - 2020-08-27 23:06 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2025-01-25 15:44 - 2020-08-27 23:06 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2025-01-22 14:30 - 2016-12-10 12:03 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2025-01-18 11:26 - 2021-12-11 20:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2014682923-2924825109-1543415093-1001 2025-01-18 11:26 - 2020-08-27 23:06 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2014682923-2924825109-1543415093-1001 2025-01-18 11:26 - 2020-08-27 22:37 - 000002422 _____ C:\Users\Vro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-01-16 12:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2025-01-15 19:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-01-15 19:42 - 2020-08-27 22:52 - 001923838 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-01-15 19:42 - 2019-12-07 15:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat 2025-01-15 19:42 - 2019-12-07 15:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat 2025-01-15 19:33 - 2016-08-05 06:01 - 000000000 ____D C:\ProgramData\Realtek 2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-01-15 16:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-01-15 15:35 - 2020-08-27 22:38 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-01-15 14:26 - 2016-12-12 18:25 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-01-15 13:49 - 2016-12-12 18:25 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2025-01-10 12:30 - 2019-01-05 16:09 - 000000000 ____D C:\Users\Vro\Documents\Les anniversaires mensuels 2025-01-10 12:24 - 2018-02-11 18:32 - 000000000 ____D C:\Users\Vro\Documents\Activités médiathèque 2025-01-10 12:08 - 2017-06-21 18:20 - 000000000 ____D C:\Users\Vro\Documents\sorties classe-école ==================== Fichiers à la racine de certains dossiers ======== 2016-12-10 11:45 - 2025-01-27 09:25 - 008348112 _____ () C:\Users\Vro\AppData\Local\BTServer.log 2023-07-10 14:55 - 2023-07-10 14:55 - 000000017 _____ () C:\Users\Vro\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2016-12-10 15:20 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2018-08-03 15:19 - 2011-06-23 01:01 - 000166400 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelper.dll 2018-08-03 15:19 - 2011-06-23 01:01 - 000136192 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelperX.dll 2017-04-13 18:15 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2016-08-05 03:29 - 2016-03-08 21:04 - 000135168 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe 2016-03-11 11:11 - 2016-03-11 11:11 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4380.dll 2017-05-10 21:29 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2016-08-05 06:02 - 2016-02-18 10:42 - 000050804 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2018-08-03 15:19 - 2011-06-23 01:01 - 000143360 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelper.dll 2018-08-03 15:19 - 2011-06-23 01:01 - 000114688 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelperX.dll 2011-02-13 16:36 - 2011-02-13 16:36 - 015150592 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icudt46.dll 2011-02-13 16:36 - 2011-02-13 16:36 - 000946176 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icuuc46.dll 2017-03-16 08:21 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2016-08-05 06:03 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2015-09-03 09:59 - 2015-09-03 09:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-10-30 08:19 - 2016-12-10 14:34 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 08:19 - 2016-12-10 14:34 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {aa939cf7-641e-11e6-b910-806e6f6e6963} {aa939cf8-641e-11e6-b910-806e6f6e6963} {aa939cfa-641e-11e6-b910-806e6f6e6963} {aa939cfb-641e-11e6-b910-806e6f6e6963} {2cb74d45-beb4-11e6-b913-806e6f6e6963} {4aeb1ac0-1f49-11ee-bca2-806e6f6e6963} {4aeb1ac1-1f49-11ee-bca2-806e6f6e6963} {4aeb1ac2-1f49-11ee-bca2-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {2cb74d45-beb4-11e6-b913-806e6f6e6963} description Fake Legacy Option Application logicielle (101fffff) -------------------------------- identificateur {4aeb1ac0-1f49-11ee-bca2-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {4aeb1ac1-1f49-11ee-bca2-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {4aeb1ac2-1f49-11ee-bca2-806e6f6e6963} description UEFI:Network Device Application logicielle (101fffff) -------------------------------- identificateur {aa939cf7-641e-11e6-b910-806e6f6e6963} description USB Floppy/CD Application logicielle (101fffff) -------------------------------- identificateur {aa939cf8-641e-11e6-b910-806e6f6e6963} description USB Hard Drive Application logicielle (101fffff) -------------------------------- identificateur {aa939cfa-641e-11e6-b910-806e6f6e6963} description UEFI: IPv4 Realtek PCIe GBE Family Controller Application logicielle (101fffff) -------------------------------- identificateur {aa939cfb-641e-11e6-b910-806e6f6e6963} description UEFI: IPv6 Realtek PCIe GBE Family Controller Chargeur de démarrage Windows ----------------------------- identificateur {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e} nx OptIn bootmenupolicy Standard Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {5791a447-e8b5-11ea-a372-d478f3fc760e} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================