cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
Exécuté par xav94 (administrateur) sur DESKTOP-VL2GP6J (Hewlett-Packard HP 15 Notebook PC) (15-01-2023 16:28:42)
Exécuté depuis C:\Users\xav94\Desktop
Profils chargés: xav94
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2486 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Windows\ImmersiveControlPanel\SystemSettings.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\xav94\AppData\Roaming\ZHP\ZHPSuite.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Vtech Electronics North America, L.L.C. -> VTech Electronics Limited) C:\Program Files (x86)\VTech\DownloadManager\Applications\AppAccessory\6021\VTLeapStartHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Vtech Electronics North America, L.L.C. -> ) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [697408 2019-03-13] (Vtech Electronics North America, L.L.C. -> )
HKU\S-1-5-21-576369062-1899587579-3126029580-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-576369062-1899587579-3126029580-1001\...\Run: [MicrosoftEdgeAutoLaunch_C5D5C50787D0DE222E10D59448483BEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\WINDOWS\system32\hpinkstsB111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\WINDOWS\system32\HPDiscoPMB111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2023-01-02] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [181248 2023-01-02] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.126\Installer\chrmstp.exe [2023-01-14] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {079F606E-5142-4851-9E63-C9A21613168C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9cd02ba4-9260-4c4a-9e79-8edb277d462a" --version "6.07.10191" --silent
Task: {427C8E14-F6E2-4160-9E74-08A26A762AF5} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
Task: {4740EF3D-4093-49A9-8073-28D4DA5B0674} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A6D773A-6BBA-4D62-8F38-3AC8EB3094A0} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [15918008 2023-01-02] (pdfforge GmbH -> pdfforge GmbH.)
Task: {70E02C0D-B719-425C-B729-9E9D30D9A924} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3438016 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
Task: {A719EDF2-AF41-4093-8555-0ABAFDCEA234} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B130A9AE-D6FA-4DF0-A191-111CBD0122ED} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {B9E1E2F3-EA18-404C-8589-958D479ECF34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC0586E3-FA77-4124-B6A9-1CC5808F5876} - System32\Tasks\CCleanerSkipUAC - xav94 => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E1D9169A-442D-42D3-9DF7-C41405D40C0A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {E6C5D6EA-3D22-4EE0-B66C-5BC5EFED4A42} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2149312 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
Task: {E9F343CE-0D92-4C6B-81C7-09D1241ADAFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.)
Task: {EBD2985D-2315-42A2-A993-B709982C53D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE8427D6-BB34-47A5-8EC9-CDDBB2369279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58f082d2-2155-48d2-a03b-4395f5fc287c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b684840c-e2fd-47bf-97c3-8d276dcbea31}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\xav94\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-15]

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-576369062-1899587579-3126029580-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\xav94\AppData\Local\Google\Chrome\User Data\Default [2023-01-15]
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Extension: (Google Docs hors connexion) - C:\Users\xav94\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-02]
CHR Extension: (Les recettes d'Amandine Cooking) - C:\Users\xav94\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoehncjmgklkechlkhjmninhcghgmcli [2020-03-22]
CHR Extension: (Amandine Cooking) - C:\Users\xav94\AppData\Local\Google\Chrome\User Data\Default\Extensions\igoflcmbbkklmiekecefmlnbdieajfhc [2019-04-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xav94\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-01]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2184192 2017-05-29] (DIAL GmbH) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3108288 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [507328 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414656 2022-12-07] (pdfforge GmbH -> pdfforge GmbH)
R2 VTLeapStartHelper; C:\Program Files (x86)\VTech\DownloadManager\Applications\AppAccessory\6021\VTLeapStartHelper.exe [86720 2021-08-11] (Vtech Electronics North America, L.L.C. -> VTech Electronics Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 hmxproj64; C:\WINDOWS\system32\drivers\hmxusb64.sys [98944 2009-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Magic Control Technology Corp.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2016-08-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-15 16:28 - 2023-01-15 16:30 - 000018034 _____ C:\Users\xav94\Desktop\FRST.txt
2023-01-15 16:27 - 2023-01-15 16:29 - 000000000 ____D C:\FRST
2023-01-15 15:23 - 2023-01-15 15:23 - 000258541 _____ C:\Users\xav94\Desktop\ZHPDiag.txt
2023-01-15 15:13 - 2023-01-15 15:13 - 002376704 _____ (Farbar) C:\Users\xav94\Desktop\FRST64.exe
2023-01-15 15:06 - 2023-01-15 15:06 - 000000865 _____ C:\Users\xav94\Desktop\ZHPSuite.lnk
2023-01-15 15:04 - 2023-01-15 15:04 - 003311816 _____ (Nicolas Coolman) C:\Users\xav94\Downloads\ZHPDiag3.exe
2023-01-15 15:03 - 2023-01-15 15:23 - 000000000 ____D C:\Users\xav94\AppData\Roaming\ZHP
2023-01-15 15:03 - 2023-01-15 15:03 - 000000000 ____D C:\Users\xav94\AppData\Local\ZHP
2023-01-15 12:42 - 2023-01-15 12:42 - 003510472 _____ (Nicolas Coolman) C:\Users\xav94\Desktop\ZHPSuite.exe
2023-01-15 11:26 - 2023-01-15 11:27 - 000000000 ____D C:\Users\xav94\Desktop\Mutzig
2023-01-15 11:26 - 2023-01-15 11:26 - 000851675 _____ C:\Users\xav94\Downloads\Maison MUTZIG Surface.pdf
2023-01-15 11:25 - 2023-01-15 11:25 - 001110182 _____ C:\Users\xav94\Downloads\Maison MUTZIG.pdf
2023-01-15 10:56 - 2023-01-15 10:56 - 000012829 _____ C:\Users\xav94\Downloads\Etude comparative M DUPUIS Xavier.xlsx
2023-01-11 17:30 - 2023-01-11 17:30 - 000000000 ___HD C:\$WinREAgent
2023-01-05 10:04 - 2023-01-05 10:04 - 000194278 _____ C:\Users\xav94\Downloads\Carte d'identité.pdf
2023-01-03 15:08 - 2023-01-03 15:08 - 023385816 _____ C:\Users\xav94\Downloads\rapport d'estimation Mrs DUPUIS.pdf
2023-01-03 15:08 - 2023-01-03 15:08 - 003483307 _____ C:\Users\xav94\Downloads\Estim DUPUIS.pdf
2023-01-03 07:56 - 2023-01-03 07:56 - 000000000 ____D C:\Users\xav94\Desktop\Documents Meilleurtaux
2023-01-02 14:40 - 2023-01-02 14:40 - 000167292 _____ C:\Users\xav94\Downloads\sfr-facture-0 (3).pdf
2023-01-02 13:59 - 2023-01-15 11:53 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-02 13:55 - 2023-01-02 13:55 - 000000000 ____D C:\Users\xav94\Documents\PDF Architect
2023-01-02 13:52 - 2023-01-02 13:52 - 000730422 _____ C:\Users\xav94\Downloads\ATTESTATION AVANT PARTAGE.pdf
2023-01-02 13:45 - 2023-01-15 11:36 - 000000000 ____D C:\Users\xav94\AppData\Roaming\PDF Architect 9
2023-01-02 13:45 - 2023-01-02 13:51 - 000000000 ____D C:\Program Files\PDF Architect 9
2023-01-02 13:45 - 2023-01-02 13:45 - 000001181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 9.lnk
2023-01-02 13:45 - 2023-01-02 13:45 - 000000841 _____ C:\Users\Public\Desktop\PDF Architect 9.lnk
2023-01-02 13:43 - 2023-01-02 13:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2023-01-02 13:42 - 2023-01-02 13:58 - 000000000 ____D C:\ProgramData\PDF Architect 9
2023-01-02 13:42 - 2023-01-02 13:42 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2023-01-02 13:42 - 2023-01-02 13:42 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2023-01-02 13:42 - 2023-01-02 13:42 - 000000000 ____D C:\Users\xav94\AppData\Local\pdfforge
2023-01-02 13:41 - 2023-01-02 13:50 - 000000000 ____D C:\Program Files\PDFCreator
2023-01-02 13:41 - 2023-01-02 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2023-01-02 13:39 - 2023-01-02 13:40 - 039184760 _____ (pdfforge GmbH) C:\Users\xav94\Downloads\PDFCreator-5_0_3-Setup.exe
2023-01-02 13:15 - 2023-01-02 13:15 - 000170129 _____ C:\Users\xav94\Downloads\bmwestimationreprise (22).pdf
2023-01-01 20:46 - 2023-01-01 20:46 - 000363762 _____ C:\Users\xav94\Downloads\12_2022_dupuis_xavier_92406.pdf
2023-01-01 20:46 - 2023-01-01 20:46 - 000354048 _____ C:\Users\xav94\Downloads\11_2022_dupuis_xavier_14851.pdf
2022-11-20 10:31 - 2022-11-20 10:31 - 000088278 _____ C:\Users\xav94\Downloads\Attestation_locataire_MME_RICHERT_MELANIE_22B_RTE_DE_MEISTRATZHEIM_67880_KRAUTERGERSHEIM.pdf
2022-11-20 10:11 - 2023-01-02 14:48 - 000000000 ____D C:\Users\xav94\Desktop\Documents Courtier
2022-11-15 18:51 - 2022-11-15 18:51 - 000352229 _____ C:\Users\xav94\Downloads\09_2022_dupuis_xavier_83541.pdf
2022-11-15 18:51 - 2022-11-15 18:51 - 000348377 _____ C:\Users\xav94\Downloads\10_2022_dupuis_xavier_88086.pdf
2022-11-15 18:51 - 2022-11-15 18:51 - 000143761 _____ C:\Users\xav94\Downloads\08_2022_dupuis_xavier_76844.pdf
2022-11-06 16:21 - 2022-11-06 17:42 - 000000000 ____D C:\Users\xav94\Desktop\Photo vacance Emilion

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-15 16:25 - 2020-06-26 11:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-15 16:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-15 15:45 - 2019-01-24 18:42 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-15 11:58 - 2022-08-02 20:35 - 000000000 ____D C:\Program Files\CCleaner
2023-01-15 11:54 - 2020-06-26 11:50 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-15 11:54 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-15 11:54 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-15 11:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-15 11:52 - 2019-01-24 18:37 - 000000000 __SHD C:\Users\xav94\IntelGraphicsProfiles
2023-01-15 11:50 - 2020-06-26 12:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-15 11:50 - 2020-06-26 11:31 - 000303752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-15 11:49 - 2020-06-26 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-15 11:48 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-15 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-15 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-15 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-15 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-15 10:09 - 2020-06-27 22:42 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-15 10:09 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-15 10:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-14 13:13 - 2021-10-25 18:25 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-14 13:13 - 2021-10-25 18:25 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-14 12:43 - 2022-08-02 20:36 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-11 21:08 - 2022-09-25 15:28 - 000000000 ____D C:\Users\xav94\Desktop\Curatelle REP
2023-01-11 18:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-11 18:33 - 2020-06-26 11:36 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-11 17:30 - 2019-01-25 09:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-11 17:11 - 2019-01-25 09:05 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-10 21:10 - 2022-05-05 18:52 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-576369062-1899587579-3126029580-1001
2023-01-10 21:10 - 2021-06-03 10:10 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-576369062-1899587579-3126029580-1001
2023-01-10 21:10 - 2021-04-29 13:49 - 000002417 _____ C:\Users\xav94\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-05 02:21 - 2020-06-27 22:42 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-05 02:21 - 2020-06-27 22:42 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-01-03 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-01-03 00:05 - 2020-06-26 11:34 - 000000000 ____D C:\Users\xav94
2023-01-02 14:46 - 2020-03-23 10:22 - 000000000 ____D C:\Users\xav94\Desktop\Krautergersheim
2023-01-02 08:47 - 2022-09-29 13:57 - 000002922 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-02 08:47 - 2022-09-25 15:19 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job

==================== Fichiers à la racine de certains dossiers ========

2020-04-20 09:16 - 2020-04-20 09:16 - 000002407 _____ () C:\Users\xav94\AppData\Local\recently-used.xbel

==================== SigCheckExt =========================

2023-01-02 13:42 - 2023-01-02 13:42 - 000181248 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2019-08-14 17:47 - 1998-10-07 13:08 - 000327168 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe
2019-08-14 19:49 - 2008-10-14 08:36 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2019-08-14 19:49 - 2008-10-14 08:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2019-08-14 19:49 - 2008-10-14 08:36 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2019-08-14 19:49 - 2008-10-14 08:36 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2019-08-14 19:49 - 2008-10-14 08:36 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2019-08-14 19:49 - 2008-10-14 08:36 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-08-14 19:49 - 2008-10-14 08:36 - 000167936 _____ (Tidestone Technologies, Inc.) C:\WINDOWS\SysWOW64\TTF16FR.DLL
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2023-01-15 15:13 - 2023-01-15 15:13 - 002376704 _____ (Farbar) C:\Users\xav94\Desktop\FRST64.exe
2023-01-15 12:42 - 2023-01-15 12:42 - 003510472 _____ (Nicolas Coolman) C:\Users\xav94\Desktop\ZHPSuite.exe
2019-08-14 17:44 - 2019-08-14 17:45 - 055199882 _____ (Hager ) C:\Users\xav94\Downloads\Semiolog_5.1_05.2017.exe
2019-01-27 17:18 - 2019-01-27 17:19 - 178304840 _____ (Trimble, Inc.) C:\Users\xav94\Downloads\SketchUpPro-fr.exe
2019-08-01 16:17 - 2019-08-01 16:18 - 085965001 _____ (Hewlett-Packard Company ) C:\Users\xav94\Downloads\sp53261.exe
2023-01-15 15:04 - 2023-01-15 15:04 - 003311816 _____ (Nicolas Coolman) C:\Users\xav94\Downloads\ZHPDiag3.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{76cc132e-4175-11e8-82db-806e6f6e6963}
{d81e0fe9-fe07-11e3-a603-b5dbfa2d858f}
{d81e0fea-fe07-11e3-a603-b5dbfa2d858f}
timeout 2

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {5ec4618b-b7a0-11ea-9509-d4a4ae4953e0}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Application logicielle (101fffff)
--------------------------------
identificateur {76cc132e-4175-11e8-82db-806e6f6e6963}
description Internal Hard Disk or Solid State Disk

Application logicielle (101fffff)
--------------------------------
identificateur {b2889977-934f-11e5-825c-806e6f6e6963}
description Disque dur portable

Application logicielle (101fffff)
--------------------------------
identificateur {d81e0fe9-fe07-11e3-a603-b5dbfa2d858f}
description EFI USB Device

Application logicielle (101fffff)
--------------------------------
identificateur {d81e0fea-fe07-11e3-a603-b5dbfa2d858f}
description EFI DVD/CDROM

Chargeur de d‚marrage Windows
-----------------------------
identificateur {21b0a8bc-9350-11e5-825c-f8a96388b557}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{21b0a8bd-9350-11e5-825c-f8a96388b557}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{21b0a8bd-9350-11e5-825c-f8a96388b557}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {4a090b9e-b798-11ea-bc22-aac8778bb026}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{4a090b9f-b798-11ea-bc22-aac8778bb026}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{4a090b9f-b798-11ea-bc22-aac8778bb026}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {4a090b9e-b798-11ea-bc22-aac8778bb026}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {5ec4618b-b7a0-11ea-9509-d4a4ae4953e0}
nx OptIn
bootmenupolicy Standard

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {5ec4618b-b7a0-11ea-9509-d4a4ae4953e0}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {4a090b9e-b798-11ea-bc22-aac8778bb026}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {4a090b9f-b798-11ea-bc22-aac8778bb026}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité