Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Exécuté par Vro (administrateur) sur DESKTOP-U3NB65S (HP 460-a001nf) (27-01-2025 09:16:36)
Exécuté depuis C:\Users\Vro\Desktop\FRST Second\FRST64.exe
Profils chargés: Vro
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vro\AppData\Local\Microsoft\OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [ZoneAlarm Upgrader] => C:\Program Files (x86)\CheckPoint\ICM\UM_Interface.exe [37696 2024-09-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [24648912 2017-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [42164600 2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2\amd64" [4096 2022-07-11] () [Fichier non signé]
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2" [65536 2022-07-11] () [Fichier non signé]
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {67197291-E42E-4355-8B8C-BDA4E75F20D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {70A4A514-A779-4766-9999-F68DD69FEF77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {277AAEF6-2CB5-4349-AEC2-236DB7844828} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {352E3040-C81C-43A0-B488-1ACB572E761B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D0FFDB13-A1C4-4EB8-8CA5-BBC230E5CBAB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {21E8A26B-6DD7-4F8C-A3FA-D7CBBB1A7D3F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {DDDDD926-6BD8-4B7A-B4CE-D77F05ACA0EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {60192EA8-34DD-4B52-9E6C-3873F07D33C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show
Task: {59BF3AA5-7592-4096-9799-1F5AD4F1FD59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-12] (HP Inc. -> HP Inc.)
Task: {28EC55CA-5015-4D43-9F84-ADDB3F33E35E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {DA59D0D6-2CF5-49E3-932F-2FE8E85ABF6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r /m
Task: {2157D956-51D0-48A1-A100-1EBBD1A3CE96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r
Task: {7377F1F5-C684-4669-95AE-BEE28DE1EBBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {521A88D9-0DBA-4D16-9017-D8703466CAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {C19A082E-24F2-4EAF-9D3D-CE82B4484E1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-12] (HP Inc. -> HP Inc.)
Task: {384DB857-625B-4E55-A098-FD92CE2AC796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {9D4EB0E9-457A-4E0F-A080-3E61882935DA} - System32\Tasks\HPDAS => C:\Program -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs
Task: {52713E61-4A1F-405A-BA59-9975A1C2993B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B50B1359-DC10-4C2A-B583-01DBD69A9E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F810A62B-6600-4150-9FEB-3B41C6E878AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180867F5-2270-4E98-9719-AE339032A73A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {331FD892-BF7D-4543-940B-FF447E0BFD79} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {78FD465A-00D9-4BDF-AC11-C2AE1240F2C0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2014682923-2924825109-1543415093-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {19F7D7A2-B386-473D-B6AC-2FB781909CD9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {E2761662-4E4D-4690-A07E-B51A0CEBC2BA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{3ce5b15d-7d10-4ed0-b14c-b4ee28aadf30}: [DhcpNameServer] 109.0.66.10 109.0.66.20
Tcpip\..\Interfaces\{d589d63d-a4ba-45b8-9ca9-14ac1c75be62}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-15]
Edge Extension: (Google Docs hors connexion) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: y2qot8ce.default-1626364951399
FF ProfilePath: C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 [2025-01-27]
FF Notifications: Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 -> hxxps://www.instagram.com; hxxps://www.oui.sncf; hxxps://a.searchdatingroom.top; hxxps://www.voyage-prive.com; hxxps://www.paruvendu.fr; hxxps://www.peaches.fr; hxxps://oyglk.mithrilminer.top; hxxps://www.quizz.biz
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-17]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
S2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [764440 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [763456 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [759336 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [762912 2022-05-12] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-03-10] (X-Rite Incorporated -> X-Rite Inc.)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-01-27] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-06-23] (PC Micro Systems Inc. -> Nicomsoft Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-27 09:15 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\FRST Second
2025-01-27 08:31 - 2025-01-27 08:31 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-01-26 19:57 - 2025-01-26 19:57 - 005332026 _____ C:\Users\Vro\Downloads\csp---projets-de-programme-de-japonais---coll-ge-199367.pdf
2025-01-26 18:56 - 2025-01-26 18:56 - 005285081 _____ C:\Users\Vro\Downloads\CPC - Formation Thorique N3 - Planification plonge pour tous-2.zip
2025-01-26 14:31 - 2025-01-26 14:31 - 000093322 _____ C:\Users\Vro\Downloads\Demande de congé pour formation syndicale 06 03 25.pdf
2025-01-24 16:29 - 2025-01-27 09:26 - 000000000 ____D C:\FRST
2025-01-24 15:01 - 2025-01-24 16:12 - 000000000 ____D C:\Users\Vro\AppData\Roaming\ZHP
2025-01-24 15:01 - 2025-01-24 15:01 - 000000870 _____ C:\Users\Vro\Desktop\ZHPSuite.lnk
2025-01-24 15:01 - 2025-01-24 15:01 - 000000000 ____D C:\Users\Vro\AppData\Local\ZHP
2025-01-24 14:44 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\NETTOYAGE PC
2025-01-20 13:08 - 2025-01-20 13:08 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(2).pdf
2025-01-19 15:39 - 2025-01-19 15:39 - 000073447 _____ C:\Users\Vro\Documents\AttestationRespCiv2025.pdf
2025-01-19 15:33 - 2025-01-19 15:34 - 000069826 _____ C:\Users\Vro\Downloads\Attestation_RC_ViePrivée.pdf
2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024.pdf
2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(1).pdf
2025-01-18 16:40 - 2025-01-18 16:40 - 000034521 _____ C:\Users\Vro\Documents\AttestationHonneurMobDur2024.pdf
2025-01-18 16:36 - 2025-01-18 16:36 - 000011103 _____ C:\Users\Vro\Downloads\AttestationHonneur.pdf
2025-01-18 16:27 - 2025-01-18 16:27 - 000071246 _____ C:\Users\Vro\Downloads\annexe_1-4.pdf
2025-01-18 16:20 - 2025-01-18 16:20 - 002003853 _____ C:\Users\Vro\Downloads\circulaire_fmd_-_annee_civile_2024-2.pdf
2025-01-18 15:50 - 2025-01-18 15:50 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7(1).pdf
2025-01-18 15:42 - 2025-01-18 15:42 - 001661925 _____ C:\Users\Vro\Downloads\ob_76eacb_rapport-d-auto-evaluation-modifie-pa.pdf
2025-01-18 15:12 - 2025-01-18 15:12 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7.pdf
2025-01-18 15:12 - 2025-01-18 15:12 - 000422392 _____ C:\Users\Vro\Downloads\ob_5a676a_rapport-auto-evaluation-ecole-les-tam.pdf
2025-01-15 15:02 - 2025-01-15 15:02 - 000000000 ___HD C:\$WinREAgent
2025-01-14 20:17 - 2025-01-14 20:17 - 001098729 _____ C:\Users\Vro\Downloads\25pecp_guide_des_scores_16122024.pdf
2025-01-09 13:31 - 2025-01-25 17:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2025-01-07 16:46 - 2025-01-07 16:46 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025(1).odt
2025-01-06 16:56 - 2025-01-06 16:56 - 002971806 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe.pdf
2025-01-06 16:52 - 2025-01-06 16:52 - 002032527 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe - Esther PEREL.pdf
2025-01-05 20:52 - 2025-01-05 20:52 - 000030301 _____ C:\Users\Vro\Downloads\licenciés et adhérents 2024-2025.xlsx
2024-12-22 17:47 - 2024-12-22 17:47 - 000531044 _____ C:\Users\Vro\Downloads\gift_card(2).pdf
2024-12-22 17:45 - 2024-12-22 17:45 - 000217531 _____ C:\Users\Vro\Downloads\gift_card(1).pdf
2024-12-22 17:42 - 2024-12-22 17:42 - 000217113 _____ C:\Users\Vro\Downloads\gift_card.pdf
2024-12-18 18:32 - 2024-12-18 18:32 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025.odt
2024-12-17 19:47 - 2024-12-17 19:48 - 000376799 _____ C:\Users\Vro\Downloads\thaumatrope.pdf
2024-12-15 21:43 - 2024-12-15 21:48 - 000000000 ____D C:\Users\Visiteur\AppData\Local\Malwarebytes
2024-12-14 17:03 - 2024-12-14 17:03 - 002924008 _____ C:\Users\Vro\Downloads\dossier-pedagogique-la-dompteuse-de-colere_1.pdf
2024-12-13 17:30 - 2024-12-13 17:30 - 000161316 _____ C:\Users\Vro\Downloads\Plaquette CALICEO 2025.pdf
2024-12-13 17:26 - 2024-12-13 17:26 - 000086119 _____ C:\Users\Vro\Downloads\Informations pratiques sur les centres Calicéo.pdf
2024-12-13 13:24 - 2024-12-13 13:24 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-13 13:21 - 2024-12-13 13:21 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 16:56 - 2024-12-11 16:56 - 000050993 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.pdf
2024-12-11 16:47 - 2024-12-11 16:54 - 000017584 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.odt
2024-12-09 12:25 - 2024-12-09 12:25 - 000000000 ____D C:\Users\Vro\Documents\Nouveau dossier
2024-11-30 20:56 - 2024-11-30 20:56 - 000193842 _____ C:\Users\Vro\Downloads\0e64d500657fabfbfda36855e0049bc6c45c8ffc(2).pdf
2024-11-30 17:25 - 2024-11-30 17:25 - 001105213 _____ C:\Users\Vro\Downloads\Gevasco réexamen WONG jeromy 2024 2025.pdf
2024-11-30 15:42 - 2024-11-30 15:43 - 000105179 _____ C:\Users\Vro\Documents\Justificatif congrès 29 11 30.pdf
2024-11-25 17:55 - 2024-11-25 17:55 - 000024678 _____ C:\Users\Vro\Downloads\facture-KJ02823392-2024-9-7860553.pdf
2024-11-25 17:51 - 2024-11-25 17:51 - 000148053 _____ C:\Users\Vro\Downloads\Formations en partenariat avec le Mémorial de la Shoah - 2025.pdf
2024-11-25 17:27 - 2024-11-25 17:28 - 000888090 _____ C:\Users\Vro\Documents\Retour satisfaction stage SUD 25 11 24.pdf
2024-11-25 17:19 - 2024-11-25 17:19 - 000137852 _____ C:\Users\Vro\Downloads\result(3).pdf
2024-11-25 17:15 - 2024-11-25 17:15 - 000137852 _____ C:\Users\Vro\Documents\Justificatif stage 25 11 24.pdf
2024-11-24 18:08 - 2024-11-24 18:08 - 001130923 _____ C:\Users\Vro\Downloads\ACFrOgBt8NEKjPDg-ucKVFOSiAkc5vjWN6XqTNlR0kmtmQ8yOrBRR2u2EfIF9tXWWUuLU4CxhX4WZ9IWEtQjqrTeM4Nz7nvS4p93aFB_KlTwj8BnvPZZUFnRmb9Pe7TqhR6f0RD8LLQBANwHhSo6.pdf
2024-11-24 17:38 - 2024-11-24 17:38 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre(1).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025.pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(3).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(2).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(1).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre.pdf
2024-11-24 17:30 - 2024-11-24 17:30 - 000281569 _____ C:\Users\Vro\Downloads\Contrat_Pain.pdf
2024-11-24 17:23 - 2024-11-24 17:23 - 000143221 _____ C:\Users\Vro\Downloads\ACFrOgBVoUZ8JAjGZj_8BBO4AwLduf4-HCcJ9l9Sg6kdFIEr-wI16CEhcu0R34WqbEUwQPwhkI32luhb95LPLrQiQ4O7nd0-iGOpp6xxa-0TSQpca3FAKWUk08Mj3D9bwv5-0kI160jEzCrdO5aN.pdf
2024-11-16 14:51 - 2024-11-16 14:51 - 001067814 _____ C:\Users\Vro\Downloads\2024-attendus-edd-cycle-1_2024.pdf
2024-11-16 14:44 - 2024-11-16 14:44 - 004306378 _____ C:\Users\Vro\Downloads\2-Milieu marin PB1 Castel Stagiaires.pdf
2024-11-16 14:42 - 2024-11-16 14:42 - 000574735 _____ C:\Users\Vro\Downloads\ACFrOgB-eKcu2mU7dpOLQVo-RqiSI_gKErpGrjlh31WyTv0lxASluhErU1-jKeYG8finZ-bnNRDOuvohFmjEYLTunxNaEa3YFjIlKdK0LyAqO_9a-0v_BqTk0hJYcAS8XNMV1fE5LDThEhDxSK-l.pdf
2024-11-16 14:39 - 2024-11-16 14:39 - 000359817 _____ C:\Users\Vro\Downloads\ACFrOgCHswbVrbMeS7IAhUf3Iq41wlpQyxcxXvT0zdIvhumJAoPm6_1B1U5XoIrmp1rJGGBsyRKwYaC95kWe3tWHzfn-NKxrgqexBrMxwIPyp3bqUks2mzfWv5HJqwy6w3urvEhv__6I9WmLlmf4.pdf
2024-11-16 14:38 - 2024-11-16 14:38 - 000359736 _____ C:\Users\Vro\Downloads\ACFrOgDRwFImnIE60v0mVRmY2SEy-Hz4TYdtHLsCGAZRN_SBzsY_iUnInSHFxO6fdfLF74omLKdnPAHghwTucpQuxeYICscOiycgyDfnxIPPCq7548BBLQmwjleMg2L_AFVRYn6_NiQDpGj0T-jp.pdf
2024-11-16 14:31 - 2024-11-16 14:31 - 000359674 _____ C:\Users\Vro\Downloads\ACFrOgBfX41eQap7DlR1uunQHpeBSh3d2kbG0kDPrj4QOeZHcJy11Xfu8JwgAcgutW_iTmef_QHBPk0qlLdJ-1LTaCVtLsRzjM4pyaPNDB20JzcfJapjRwI6bCXgLjsfTD-NuGV5sJxBgKNgkGeb.pdf
2024-11-16 14:21 - 2024-11-16 14:21 - 000098541 _____ C:\Users\Vro\Downloads\Contrat_brebis.pdf
2024-11-16 14:09 - 2024-11-16 14:09 - 000200984 _____ C:\Users\Vro\Downloads\APznzaajuiwq2vjoZY-9UEcxGoaN2w1airlywqkoK_VQB6ORBv8rOVS2_5n9M3m_fM_unydzlWvPIp_FFmPgddxTnJvhJfwE1y287-E9qKRekfIus1CXQypD4qYF3tUXLqXIs8NrDKCtK8RQxv2AxYGQTVrTNx5vYC-vet2JBq-VKNRFD5hhW7gtDWhrWE8n5yeNDDZwXJXNdoPZnwDQnIqnvjASgcC.pdf
2024-11-15 16:50 - 2024-11-15 16:50 - 000128253 _____ C:\Users\Vro\Downloads\result(2).pdf
2024-11-15 16:44 - 2024-11-15 16:44 - 000128253 _____ C:\Users\Vro\Documents\Convocation congrès SE-UNSA 29 11 24.pdf
2024-11-14 19:22 - 2024-11-14 19:22 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE(1).pdf
2024-11-14 19:20 - 2024-11-14 19:20 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE.pdf
2024-11-13 15:55 - 2024-11-13 15:55 - 000025328 _____ C:\Users\Vro\Downloads\2024_10_BP_octobre.pdf
2024-11-12 20:22 - 2024-11-12 20:23 - 001457041 _____ C:\Users\Vro\Downloads\player.pdf
2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(3).pdf
2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(2).pdf
2024-11-11 18:26 - 2024-11-11 18:26 - 000477486 _____ C:\Users\Vro\Downloads\Annonce_stage_PB1.pdf
2024-11-08 13:02 - 2024-11-08 13:02 - 000381136 _____ C:\Users\Vro\Downloads\Courrier de Madame la Rectrice.pdf
2024-11-07 18:51 - 2024-11-07 19:15 - 001161964 _____ C:\WINDOWS\Minidump\110724-80796-01.dmp
2024-11-06 18:18 - 2024-11-06 18:18 - 012498992 _____ C:\Users\Vro\Downloads\Dossier pedagogique LAntilope dor la renarde et le lievre.pdf
2024-11-06 18:18 - 2024-11-06 18:18 - 008044098 _____ C:\Users\Vro\Downloads\Cahier de coloriages LAntilope dor la renarde et le lievre.pdf
2024-11-03 19:38 - 2024-11-03 19:38 - 001307634 _____ C:\Users\Vro\Downloads\pré-programme-hiver24-25-v2.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-27 09:38 - 2023-12-04 17:33 - 000000000 ____D C:\Users\Vro\AppData\Local\Malwarebytes
2025-01-27 09:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-27 09:16 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Visiteur
2025-01-27 08:27 - 2017-09-17 14:55 - 000000391 _____ C:\Users\Vro\Desktop\Panneau de configuration - Raccourci.lnk
2025-01-27 08:24 - 2022-02-11 13:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-27 08:22 - 2018-09-15 21:55 - 000000000 ____D C:\Users\Vro\AppData\Local\CrashDumps
2025-01-27 08:20 - 2020-02-19 18:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2025-01-27 08:20 - 2016-12-10 11:45 - 000000000 __SHD C:\Users\Vro\IntelGraphicsProfiles
2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-26 18:37 - 2020-08-27 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-26 11:49 - 2023-01-16 21:33 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-26 11:49 - 2021-12-16 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-26 11:49 - 2020-06-25 15:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-25 21:22 - 2022-01-22 15:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-25 17:54 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Vro
2025-01-25 17:48 - 2020-08-27 23:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-25 17:48 - 2020-08-27 22:34 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-25 17:48 - 2016-12-10 12:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-25 17:48 - 2016-08-05 03:30 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2025-01-25 17:48 - 2016-08-05 03:30 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2025-01-25 15:44 - 2020-08-27 23:06 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2025-01-25 15:44 - 2020-08-27 23:06 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2025-01-22 14:30 - 2016-12-10 12:03 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-18 11:26 - 2021-12-11 20:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2014682923-2924825109-1543415093-1001
2025-01-18 11:26 - 2020-08-27 23:06 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2014682923-2924825109-1543415093-1001
2025-01-18 11:26 - 2020-08-27 22:37 - 000002422 _____ C:\Users\Vro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-16 12:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-15 19:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-01-15 19:42 - 2020-08-27 22:52 - 001923838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-15 19:42 - 2019-12-07 15:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat
2025-01-15 19:42 - 2019-12-07 15:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat
2025-01-15 19:33 - 2016-08-05 06:01 - 000000000 ____D C:\ProgramData\Realtek
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-15 16:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-15 15:35 - 2020-08-27 22:38 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-15 14:26 - 2016-12-12 18:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 13:49 - 2016-12-12 18:25 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-10 12:30 - 2019-01-05 16:09 - 000000000 ____D C:\Users\Vro\Documents\Les anniversaires mensuels
2025-01-10 12:24 - 2018-02-11 18:32 - 000000000 ____D C:\Users\Vro\Documents\Activités médiathèque
2025-01-10 12:08 - 2017-06-21 18:20 - 000000000 ____D C:\Users\Vro\Documents\sorties classe-école
==================== Fichiers à la racine de certains dossiers ========
2016-12-10 11:45 - 2025-01-27 09:25 - 008348112 _____ () C:\Users\Vro\AppData\Local\BTServer.log
2023-07-10 14:55 - 2023-07-10 14:55 - 000000017 _____ () C:\Users\Vro\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-12-10 15:20 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000166400 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelper.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000136192 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelperX.dll
2017-04-13 18:15 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2016-08-05 03:29 - 2016-03-08 21:04 - 000135168 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2016-03-11 11:11 - 2016-03-11 11:11 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4380.dll
2017-05-10 21:29 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2016-08-05 06:02 - 2016-02-18 10:42 - 000050804 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000143360 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelper.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000114688 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelperX.dll
2011-02-13 16:36 - 2011-02-13 16:36 - 015150592 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icudt46.dll
2011-02-13 16:36 - 2011-02-13 16:36 - 000946176 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icuuc46.dll
2017-03-16 08:21 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2016-08-05 06:03 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2015-09-03 09:59 - 2015-09-03 09:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2015-10-30 08:19 - 2016-12-10 14:34 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2016-12-10 14:34 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{aa939cf7-641e-11e6-b910-806e6f6e6963}
{aa939cf8-641e-11e6-b910-806e6f6e6963}
{aa939cfa-641e-11e6-b910-806e6f6e6963}
{aa939cfb-641e-11e6-b910-806e6f6e6963}
{2cb74d45-beb4-11e6-b913-806e6f6e6963}
{4aeb1ac0-1f49-11ee-bca2-806e6f6e6963}
{4aeb1ac1-1f49-11ee-bca2-806e6f6e6963}
{4aeb1ac2-1f49-11ee-bca2-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {2cb74d45-beb4-11e6-b913-806e6f6e6963}
description Fake Legacy Option
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac0-1f49-11ee-bca2-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac1-1f49-11ee-bca2-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac2-1f49-11ee-bca2-806e6f6e6963}
description UEFI:Network Device
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cf7-641e-11e6-b910-806e6f6e6963}
description USB Floppy/CD
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cf8-641e-11e6-b910-806e6f6e6963}
description USB Hard Drive
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cfa-641e-11e6-b910-806e6f6e6963}
description UEFI: IPv4 Realtek PCIe GBE Family Controller
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cfb-641e-11e6-b910-806e6f6e6963}
description UEFI: IPv6 Realtek PCIe GBE Family Controller
Chargeur de démarrage Windows
-----------------------------
identificateur {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e}
nx OptIn
bootmenupolicy Standard
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {5791a447-e8b5-11ea-a372-d478f3fc760e}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Vro (administrateur) sur DESKTOP-U3NB65S (HP 460-a001nf) (27-01-2025 09:16:36)
Exécuté depuis C:\Users\Vro\Desktop\FRST Second\FRST64.exe
Profils chargés: Vro
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2503.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vro\AppData\Local\Microsoft\OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [ZoneAlarm Upgrader] => C:\Program Files (x86)\CheckPoint\ICM\UM_Interface.exe [37696 2024-09-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [24648912 2017-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [42164600 2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2\amd64" [4096 2022-07-11] () [Fichier non signé]
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2" [65536 2022-07-11] () [Fichier non signé]
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {67197291-E42E-4355-8B8C-BDA4E75F20D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {70A4A514-A779-4766-9999-F68DD69FEF77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {277AAEF6-2CB5-4349-AEC2-236DB7844828} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {352E3040-C81C-43A0-B488-1ACB572E761B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D0FFDB13-A1C4-4EB8-8CA5-BBC230E5CBAB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {21E8A26B-6DD7-4F8C-A3FA-D7CBBB1A7D3F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {DDDDD926-6BD8-4B7A-B4CE-D77F05ACA0EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {60192EA8-34DD-4B52-9E6C-3873F07D33C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show
Task: {59BF3AA5-7592-4096-9799-1F5AD4F1FD59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-12] (HP Inc. -> HP Inc.)
Task: {28EC55CA-5015-4D43-9F84-ADDB3F33E35E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {DA59D0D6-2CF5-49E3-932F-2FE8E85ABF6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r /m
Task: {2157D956-51D0-48A1-A100-1EBBD1A3CE96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r
Task: {7377F1F5-C684-4669-95AE-BEE28DE1EBBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {521A88D9-0DBA-4D16-9017-D8703466CAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {C19A082E-24F2-4EAF-9D3D-CE82B4484E1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-12] (HP Inc. -> HP Inc.)
Task: {384DB857-625B-4E55-A098-FD92CE2AC796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {9D4EB0E9-457A-4E0F-A080-3E61882935DA} - System32\Tasks\HPDAS => C:\Program -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs
Task: {52713E61-4A1F-405A-BA59-9975A1C2993B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B50B1359-DC10-4C2A-B583-01DBD69A9E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F810A62B-6600-4150-9FEB-3B41C6E878AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180867F5-2270-4E98-9719-AE339032A73A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {331FD892-BF7D-4543-940B-FF447E0BFD79} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {78FD465A-00D9-4BDF-AC11-C2AE1240F2C0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2014682923-2924825109-1543415093-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {19F7D7A2-B386-473D-B6AC-2FB781909CD9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {E2761662-4E4D-4690-A07E-B51A0CEBC2BA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{3ce5b15d-7d10-4ed0-b14c-b4ee28aadf30}: [DhcpNameServer] 109.0.66.10 109.0.66.20
Tcpip\..\Interfaces\{d589d63d-a4ba-45b8-9ca9-14ac1c75be62}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-15]
Edge Extension: (Google Docs hors connexion) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: y2qot8ce.default-1626364951399
FF ProfilePath: C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 [2025-01-27]
FF Notifications: Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399 -> hxxps://www.instagram.com; hxxps://www.oui.sncf; hxxps://a.searchdatingroom.top; hxxps://www.voyage-prive.com; hxxps://www.paruvendu.fr; hxxps://www.peaches.fr; hxxps://oyglk.mithrilminer.top; hxxps://www.quizz.biz
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Vro\AppData\Roaming\Mozilla\Firefox\Profiles\y2qot8ce.default-1626364951399\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-01-17]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
S2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [764440 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [763456 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [759336 2022-05-12] (HP Inc. -> HP Inc.)
S2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [762912 2022-05-12] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-03-10] (X-Rite Incorporated -> X-Rite Inc.)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2025-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-01-27] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-04] (Microsoft Windows -> Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-06-23] (PC Micro Systems Inc. -> Nicomsoft Ltd.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-27 09:15 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\FRST Second
2025-01-27 08:31 - 2025-01-27 08:31 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-01-26 19:57 - 2025-01-26 19:57 - 005332026 _____ C:\Users\Vro\Downloads\csp---projets-de-programme-de-japonais---coll-ge-199367.pdf
2025-01-26 18:56 - 2025-01-26 18:56 - 005285081 _____ C:\Users\Vro\Downloads\CPC - Formation Thorique N3 - Planification plonge pour tous-2.zip
2025-01-26 14:31 - 2025-01-26 14:31 - 000093322 _____ C:\Users\Vro\Downloads\Demande de congé pour formation syndicale 06 03 25.pdf
2025-01-24 16:29 - 2025-01-27 09:26 - 000000000 ____D C:\FRST
2025-01-24 15:01 - 2025-01-24 16:12 - 000000000 ____D C:\Users\Vro\AppData\Roaming\ZHP
2025-01-24 15:01 - 2025-01-24 15:01 - 000000870 _____ C:\Users\Vro\Desktop\ZHPSuite.lnk
2025-01-24 15:01 - 2025-01-24 15:01 - 000000000 ____D C:\Users\Vro\AppData\Local\ZHP
2025-01-24 14:44 - 2025-01-27 09:16 - 000000000 ____D C:\Users\Vro\Desktop\NETTOYAGE PC
2025-01-20 13:08 - 2025-01-20 13:08 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(2).pdf
2025-01-19 15:39 - 2025-01-19 15:39 - 000073447 _____ C:\Users\Vro\Documents\AttestationRespCiv2025.pdf
2025-01-19 15:33 - 2025-01-19 15:34 - 000069826 _____ C:\Users\Vro\Downloads\Attestation_RC_ViePrivée.pdf
2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024.pdf
2025-01-18 16:43 - 2025-01-18 16:43 - 000034521 _____ C:\Users\Vro\Downloads\AttestationHonneurMobDur2024(1).pdf
2025-01-18 16:40 - 2025-01-18 16:40 - 000034521 _____ C:\Users\Vro\Documents\AttestationHonneurMobDur2024.pdf
2025-01-18 16:36 - 2025-01-18 16:36 - 000011103 _____ C:\Users\Vro\Downloads\AttestationHonneur.pdf
2025-01-18 16:27 - 2025-01-18 16:27 - 000071246 _____ C:\Users\Vro\Downloads\annexe_1-4.pdf
2025-01-18 16:20 - 2025-01-18 16:20 - 002003853 _____ C:\Users\Vro\Downloads\circulaire_fmd_-_annee_civile_2024-2.pdf
2025-01-18 15:50 - 2025-01-18 15:50 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7(1).pdf
2025-01-18 15:42 - 2025-01-18 15:42 - 001661925 _____ C:\Users\Vro\Downloads\ob_76eacb_rapport-d-auto-evaluation-modifie-pa.pdf
2025-01-18 15:12 - 2025-01-18 15:12 - 001110397 _____ C:\Users\Vro\Downloads\H1aXDWGalOLfnbYK4YXcQhGoQJLMbPZoqBtbuox7.pdf
2025-01-18 15:12 - 2025-01-18 15:12 - 000422392 _____ C:\Users\Vro\Downloads\ob_5a676a_rapport-auto-evaluation-ecole-les-tam.pdf
2025-01-15 15:02 - 2025-01-15 15:02 - 000000000 ___HD C:\$WinREAgent
2025-01-14 20:17 - 2025-01-14 20:17 - 001098729 _____ C:\Users\Vro\Downloads\25pecp_guide_des_scores_16122024.pdf
2025-01-09 13:31 - 2025-01-25 17:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2025-01-07 16:46 - 2025-01-07 16:46 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025(1).odt
2025-01-06 16:56 - 2025-01-06 16:56 - 002971806 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe.pdf
2025-01-06 16:52 - 2025-01-06 16:52 - 002032527 _____ C:\Users\Vro\Downloads\Je t'aime, je te trompe - Esther PEREL.pdf
2025-01-05 20:52 - 2025-01-05 20:52 - 000030301 _____ C:\Users\Vro\Downloads\licenciés et adhérents 2024-2025.xlsx
2024-12-22 17:47 - 2024-12-22 17:47 - 000531044 _____ C:\Users\Vro\Downloads\gift_card(2).pdf
2024-12-22 17:45 - 2024-12-22 17:45 - 000217531 _____ C:\Users\Vro\Downloads\gift_card(1).pdf
2024-12-22 17:42 - 2024-12-22 17:42 - 000217113 _____ C:\Users\Vro\Downloads\gift_card.pdf
2024-12-18 18:32 - 2024-12-18 18:32 - 000060366 _____ C:\Users\Vro\Downloads\2025_dsden11_dossier_de_candidature_conga_c_de_formation_2025.odt
2024-12-17 19:47 - 2024-12-17 19:48 - 000376799 _____ C:\Users\Vro\Downloads\thaumatrope.pdf
2024-12-15 21:43 - 2024-12-15 21:48 - 000000000 ____D C:\Users\Visiteur\AppData\Local\Malwarebytes
2024-12-14 17:03 - 2024-12-14 17:03 - 002924008 _____ C:\Users\Vro\Downloads\dossier-pedagogique-la-dompteuse-de-colere_1.pdf
2024-12-13 17:30 - 2024-12-13 17:30 - 000161316 _____ C:\Users\Vro\Downloads\Plaquette CALICEO 2025.pdf
2024-12-13 17:26 - 2024-12-13 17:26 - 000086119 _____ C:\Users\Vro\Downloads\Informations pratiques sur les centres Calicéo.pdf
2024-12-13 13:24 - 2024-12-13 13:24 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-13 13:21 - 2024-12-13 13:21 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 16:56 - 2024-12-11 16:56 - 000050993 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.pdf
2024-12-11 16:47 - 2024-12-11 16:54 - 000017584 _____ C:\Users\Vro\Downloads\demande_stage_ien_30_janvier.odt
2024-12-09 12:25 - 2024-12-09 12:25 - 000000000 ____D C:\Users\Vro\Documents\Nouveau dossier
2024-11-30 20:56 - 2024-11-30 20:56 - 000193842 _____ C:\Users\Vro\Downloads\0e64d500657fabfbfda36855e0049bc6c45c8ffc(2).pdf
2024-11-30 17:25 - 2024-11-30 17:25 - 001105213 _____ C:\Users\Vro\Downloads\Gevasco réexamen WONG jeromy 2024 2025.pdf
2024-11-30 15:42 - 2024-11-30 15:43 - 000105179 _____ C:\Users\Vro\Documents\Justificatif congrès 29 11 30.pdf
2024-11-25 17:55 - 2024-11-25 17:55 - 000024678 _____ C:\Users\Vro\Downloads\facture-KJ02823392-2024-9-7860553.pdf
2024-11-25 17:51 - 2024-11-25 17:51 - 000148053 _____ C:\Users\Vro\Downloads\Formations en partenariat avec le Mémorial de la Shoah - 2025.pdf
2024-11-25 17:27 - 2024-11-25 17:28 - 000888090 _____ C:\Users\Vro\Documents\Retour satisfaction stage SUD 25 11 24.pdf
2024-11-25 17:19 - 2024-11-25 17:19 - 000137852 _____ C:\Users\Vro\Downloads\result(3).pdf
2024-11-25 17:15 - 2024-11-25 17:15 - 000137852 _____ C:\Users\Vro\Documents\Justificatif stage 25 11 24.pdf
2024-11-24 18:08 - 2024-11-24 18:08 - 001130923 _____ C:\Users\Vro\Downloads\ACFrOgBt8NEKjPDg-ucKVFOSiAkc5vjWN6XqTNlR0kmtmQ8yOrBRR2u2EfIF9tXWWUuLU4CxhX4WZ9IWEtQjqrTeM4Nz7nvS4p93aFB_KlTwj8BnvPZZUFnRmb9Pe7TqhR6f0RD8LLQBANwHhSo6.pdf
2024-11-24 17:38 - 2024-11-24 17:38 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre(1).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025.pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(3).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(2).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000637107 _____ C:\Users\Vro\Downloads\contrat petit panier en binome 2025(1).pdf
2024-11-24 17:34 - 2024-11-24 17:34 - 000201470 _____ C:\Users\Vro\Downloads\Contrats_chevre.pdf
2024-11-24 17:30 - 2024-11-24 17:30 - 000281569 _____ C:\Users\Vro\Downloads\Contrat_Pain.pdf
2024-11-24 17:23 - 2024-11-24 17:23 - 000143221 _____ C:\Users\Vro\Downloads\ACFrOgBVoUZ8JAjGZj_8BBO4AwLduf4-HCcJ9l9Sg6kdFIEr-wI16CEhcu0R34WqbEUwQPwhkI32luhb95LPLrQiQ4O7nd0-iGOpp6xxa-0TSQpca3FAKWUk08Mj3D9bwv5-0kI160jEzCrdO5aN.pdf
2024-11-16 14:51 - 2024-11-16 14:51 - 001067814 _____ C:\Users\Vro\Downloads\2024-attendus-edd-cycle-1_2024.pdf
2024-11-16 14:44 - 2024-11-16 14:44 - 004306378 _____ C:\Users\Vro\Downloads\2-Milieu marin PB1 Castel Stagiaires.pdf
2024-11-16 14:42 - 2024-11-16 14:42 - 000574735 _____ C:\Users\Vro\Downloads\ACFrOgB-eKcu2mU7dpOLQVo-RqiSI_gKErpGrjlh31WyTv0lxASluhErU1-jKeYG8finZ-bnNRDOuvohFmjEYLTunxNaEa3YFjIlKdK0LyAqO_9a-0v_BqTk0hJYcAS8XNMV1fE5LDThEhDxSK-l.pdf
2024-11-16 14:39 - 2024-11-16 14:39 - 000359817 _____ C:\Users\Vro\Downloads\ACFrOgCHswbVrbMeS7IAhUf3Iq41wlpQyxcxXvT0zdIvhumJAoPm6_1B1U5XoIrmp1rJGGBsyRKwYaC95kWe3tWHzfn-NKxrgqexBrMxwIPyp3bqUks2mzfWv5HJqwy6w3urvEhv__6I9WmLlmf4.pdf
2024-11-16 14:38 - 2024-11-16 14:38 - 000359736 _____ C:\Users\Vro\Downloads\ACFrOgDRwFImnIE60v0mVRmY2SEy-Hz4TYdtHLsCGAZRN_SBzsY_iUnInSHFxO6fdfLF74omLKdnPAHghwTucpQuxeYICscOiycgyDfnxIPPCq7548BBLQmwjleMg2L_AFVRYn6_NiQDpGj0T-jp.pdf
2024-11-16 14:31 - 2024-11-16 14:31 - 000359674 _____ C:\Users\Vro\Downloads\ACFrOgBfX41eQap7DlR1uunQHpeBSh3d2kbG0kDPrj4QOeZHcJy11Xfu8JwgAcgutW_iTmef_QHBPk0qlLdJ-1LTaCVtLsRzjM4pyaPNDB20JzcfJapjRwI6bCXgLjsfTD-NuGV5sJxBgKNgkGeb.pdf
2024-11-16 14:21 - 2024-11-16 14:21 - 000098541 _____ C:\Users\Vro\Downloads\Contrat_brebis.pdf
2024-11-16 14:09 - 2024-11-16 14:09 - 000200984 _____ C:\Users\Vro\Downloads\APznzaajuiwq2vjoZY-9UEcxGoaN2w1airlywqkoK_VQB6ORBv8rOVS2_5n9M3m_fM_unydzlWvPIp_FFmPgddxTnJvhJfwE1y287-E9qKRekfIus1CXQypD4qYF3tUXLqXIs8NrDKCtK8RQxv2AxYGQTVrTNx5vYC-vet2JBq-VKNRFD5hhW7gtDWhrWE8n5yeNDDZwXJXNdoPZnwDQnIqnvjASgcC.pdf
2024-11-15 16:50 - 2024-11-15 16:50 - 000128253 _____ C:\Users\Vro\Downloads\result(2).pdf
2024-11-15 16:44 - 2024-11-15 16:44 - 000128253 _____ C:\Users\Vro\Documents\Convocation congrès SE-UNSA 29 11 24.pdf
2024-11-14 19:22 - 2024-11-14 19:22 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE(1).pdf
2024-11-14 19:20 - 2024-11-14 19:20 - 000041304 _____ C:\Users\Vro\Downloads\G011_AVT2024-6153_cat_04_CE_BANNIARD_VERONIQUE.pdf
2024-11-13 15:55 - 2024-11-13 15:55 - 000025328 _____ C:\Users\Vro\Downloads\2024_10_BP_octobre.pdf
2024-11-12 20:22 - 2024-11-12 20:23 - 001457041 _____ C:\Users\Vro\Downloads\player.pdf
2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(3).pdf
2024-11-11 18:27 - 2024-11-11 18:27 - 000240552 _____ C:\Users\Vro\Downloads\FEUILLE_inscription_PB1(2).pdf
2024-11-11 18:26 - 2024-11-11 18:26 - 000477486 _____ C:\Users\Vro\Downloads\Annonce_stage_PB1.pdf
2024-11-08 13:02 - 2024-11-08 13:02 - 000381136 _____ C:\Users\Vro\Downloads\Courrier de Madame la Rectrice.pdf
2024-11-07 18:51 - 2024-11-07 19:15 - 001161964 _____ C:\WINDOWS\Minidump\110724-80796-01.dmp
2024-11-06 18:18 - 2024-11-06 18:18 - 012498992 _____ C:\Users\Vro\Downloads\Dossier pedagogique LAntilope dor la renarde et le lievre.pdf
2024-11-06 18:18 - 2024-11-06 18:18 - 008044098 _____ C:\Users\Vro\Downloads\Cahier de coloriages LAntilope dor la renarde et le lievre.pdf
2024-11-03 19:38 - 2024-11-03 19:38 - 001307634 _____ C:\Users\Vro\Downloads\pré-programme-hiver24-25-v2.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-01-27 09:38 - 2023-12-04 17:33 - 000000000 ____D C:\Users\Vro\AppData\Local\Malwarebytes
2025-01-27 09:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-27 09:16 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Visiteur
2025-01-27 08:27 - 2017-09-17 14:55 - 000000391 _____ C:\Users\Vro\Desktop\Panneau de configuration - Raccourci.lnk
2025-01-27 08:24 - 2022-02-11 13:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-27 08:22 - 2018-09-15 21:55 - 000000000 ____D C:\Users\Vro\AppData\Local\CrashDumps
2025-01-27 08:20 - 2020-02-19 18:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2025-01-27 08:20 - 2016-12-10 11:45 - 000000000 __SHD C:\Users\Vro\IntelGraphicsProfiles
2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-26 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-26 18:37 - 2020-08-27 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-26 11:49 - 2023-01-16 21:33 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-26 11:49 - 2021-12-16 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-26 11:49 - 2020-06-25 15:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-25 21:22 - 2022-01-22 15:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-01-25 17:54 - 2020-08-27 22:37 - 000000000 ____D C:\Users\Vro
2025-01-25 17:48 - 2020-08-27 23:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-25 17:48 - 2020-08-27 22:34 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-25 17:48 - 2016-12-10 12:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-01-25 17:48 - 2016-08-05 03:30 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2025-01-25 17:48 - 2016-08-05 03:30 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2025-01-25 15:44 - 2020-08-27 23:06 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2025-01-25 15:44 - 2020-08-27 23:06 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2025-01-22 14:30 - 2016-12-10 12:03 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-01-18 11:26 - 2021-12-11 20:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2014682923-2924825109-1543415093-1001
2025-01-18 11:26 - 2020-08-27 23:06 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2014682923-2924825109-1543415093-1001
2025-01-18 11:26 - 2020-08-27 22:37 - 000002422 _____ C:\Users\Vro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-16 12:07 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-15 19:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-01-15 19:42 - 2020-08-27 22:52 - 001923838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-15 19:42 - 2019-12-07 15:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat
2025-01-15 19:42 - 2019-12-07 15:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat
2025-01-15 19:33 - 2016-08-05 06:01 - 000000000 ____D C:\ProgramData\Realtek
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-15 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-15 16:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-15 15:35 - 2020-08-27 22:38 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-15 14:26 - 2016-12-12 18:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 13:49 - 2016-12-12 18:25 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-10 12:30 - 2019-01-05 16:09 - 000000000 ____D C:\Users\Vro\Documents\Les anniversaires mensuels
2025-01-10 12:24 - 2018-02-11 18:32 - 000000000 ____D C:\Users\Vro\Documents\Activités médiathèque
2025-01-10 12:08 - 2017-06-21 18:20 - 000000000 ____D C:\Users\Vro\Documents\sorties classe-école
==================== Fichiers à la racine de certains dossiers ========
2016-12-10 11:45 - 2025-01-27 09:25 - 008348112 _____ () C:\Users\Vro\AppData\Local\BTServer.log
2023-07-10 14:55 - 2023-07-10 14:55 - 000000017 _____ () C:\Users\Vro\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2016-12-10 15:20 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000166400 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelper.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000136192 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\DDCHelperX.dll
2017-04-13 18:15 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2016-08-05 03:29 - 2016-03-08 21:04 - 000135168 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2016-03-11 11:11 - 2016-03-11 11:11 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4380.dll
2017-05-10 21:29 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:45 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2016-08-05 06:02 - 2016-02-18 10:42 - 000050804 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000143360 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelper.dll
2018-08-03 15:19 - 2011-06-23 01:01 - 000114688 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\DDCHelperX.dll
2011-02-13 16:36 - 2011-02-13 16:36 - 015150592 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icudt46.dll
2011-02-13 16:36 - 2011-02-13 16:36 - 000946176 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icuuc46.dll
2017-03-16 08:21 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 12:44 - 2016-07-16 23:45 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2016-08-05 06:03 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2015-09-03 09:59 - 2015-09-03 09:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2015-10-30 08:19 - 2016-12-10 14:34 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2016-12-10 14:34 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{aa939cf7-641e-11e6-b910-806e6f6e6963}
{aa939cf8-641e-11e6-b910-806e6f6e6963}
{aa939cfa-641e-11e6-b910-806e6f6e6963}
{aa939cfb-641e-11e6-b910-806e6f6e6963}
{2cb74d45-beb4-11e6-b913-806e6f6e6963}
{4aeb1ac0-1f49-11ee-bca2-806e6f6e6963}
{4aeb1ac1-1f49-11ee-bca2-806e6f6e6963}
{4aeb1ac2-1f49-11ee-bca2-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {2cb74d45-beb4-11e6-b913-806e6f6e6963}
description Fake Legacy Option
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac0-1f49-11ee-bca2-806e6f6e6963}
description UEFI:CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac1-1f49-11ee-bca2-806e6f6e6963}
description UEFI:Removable Device
Application logicielle (101fffff)
--------------------------------
identificateur {4aeb1ac2-1f49-11ee-bca2-806e6f6e6963}
description UEFI:Network Device
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cf7-641e-11e6-b910-806e6f6e6963}
description USB Floppy/CD
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cf8-641e-11e6-b910-806e6f6e6963}
description USB Hard Drive
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cfa-641e-11e6-b910-806e6f6e6963}
description UEFI: IPv4 Realtek PCIe GBE Family Controller
Application logicielle (101fffff)
--------------------------------
identificateur {aa939cfb-641e-11e6-b910-806e6f6e6963}
description UEFI: IPv6 Realtek PCIe GBE Family Controller
Chargeur de démarrage Windows
-----------------------------
identificateur {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {5791a447-e8b5-11ea-a372-d478f3fc760e}
nx OptIn
bootmenupolicy Standard
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {5791a447-e8b5-11ea-a372-d478f3fc760e}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {2fb64357-e8ad-11ea-bc11-ec8eb5d71bdc}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {2fb64358-e8ad-11ea-bc11-ec8eb5d71bdc}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================