Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023 Exécuté par xxxx (administrateur) sur xxxx (24-10-2023 16:03:16) Exécuté depuis C:\Users\xxxx\Downloads\FRST64.exe Profils chargés: xxxx Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3570 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe (C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe (C:\Program Files (x86)\Kipaware\Moduleo\ModuleoClient.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Kipaware\Moduleo\CefSharp.BrowserSubprocess.exe <4> (C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4> (C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.9.18.0\AdskIdentityManager.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\GEOMEDIA SAS\GeoGexFR CAD 3.0\GeoGexFR.exe ->) (GEOMEDIA S.A.S. -> Géomédia S.A.S.) C:\Program Files\GEOMEDIA SAS\GeoGexFR CAD 3.0\CovSrvHelp.exe (C:\Program Files\GEOMEDIA SAS\GeoGexFR CAD 3.0\GeoGexFR.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.61\msedgewebview2.exe <7> (C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe ->) (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe (C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe (explorer.exe ->) (Autodesk, Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\GEOMEDIA SAS\GeoGexFR CAD 3.0\GeoGexFR.exe (explorer.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe (explorer.exe ->) (KIPAWARE SARL -> Kipaware) C:\Program Files (x86)\Kipaware\Moduleo\ModuleoClient.exe (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe (services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (services.exe ->) (Canon Inc. -> CANON INC) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe (services.exe ->) (Canon Inc. -> CANON INC.) C:\Windows\System32\cnwiols6.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe (services.exe ->) (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3> (services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [CnwiDeviceAgent] => C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [73816 2013-10-02] (Canon Inc. -> CANON INC.) HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [18088224 2023-05-02] (Autodesk, Inc. -> Autodesk, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-08-09] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk, Inc -> Autodesk Inc.) HKLM\...\Policies\Explorer: [NoAutorun] 1 HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2237428635-2949036318-282999744-1108\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.) HKU\S-1-5-21-2237428635-2949036318-282999744-1108\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [13443008 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software) HKU\S-1-5-21-2237428635-2949036318-282999744-1108\...\Policies\Explorer: [] HKU\S-1-5-21-2237428635-2949036318-282999744-1108\...\Policies\Explorer: [NoAutorun] 1 HKU\S-1-5-21-3898077259-470512180-987415372-500\...\Run: [MicrosoftEdgeAutoLaunch_9987CEAFA1939BF8A5BD47FB8E54B0C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-20] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon iPF750 Print Processor: C:\Windows\System32\spool\prtprocs\x64\cnwfdpAB.dll [95744 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon iPF780 Print Processor: C:\Windows\System32\spool\prtprocs\x64\cnwfdpK5.dll [96768 2014-02-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon TM-300 Print Processor: C:\Windows\System32\spool\prtprocs\x64\cnwfdpTP.dll [96768 2020-07-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [11264 2017-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation) HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [33368 2012-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TM-300: C:\Windows\system32\CNMLMF0.DLL [937984 2020-07-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon IOS Language Monitor: C:\Windows\system32\cnwilm64.dll [16896 2005-11-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [967168 2010-07-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDF reDirect Monitor: C:\Windows\system32\PDFreDirectMon64.dll [65344 2010-06-06] (EXP Systems LLC -> ) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [115592 2015-06-04] (pdfforge GmbH -> pdfforge GmbH) HKLM\Software\Microsoft\Active Setup\Installed Components: [ForensiT-Migrate-AppxPackage] -> C:\Windows\upwpm2.exe [2023-04-17] (ForensiT Limited -> ForensiT Limited) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\118.0.5993.89\Installer\chrmstp.exe [2023-10-20] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-03-12] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\imagePROGRAF Status Monitor.lnk [2020-02-12] ShortcutTarget: imagePROGRAF Status Monitor.lnk -> C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe (Canon Inc. -> CANON INC.) Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chrome.lnk [2022-08-26] ShortcutTarget: Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chat.lnk [2022-08-26] ShortcutTarget: Google Chat.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC -> Google LLC) Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {A29E69D6-EF7F-4CD2-8B91-C5CA03249D58} - \Microsoft\Windows\Setup\EOSNotify2 -> Pas de fichier <==== ATTENTION Task: {CB24C590-10BC-4FA4-A80D-559BF16D6A1F} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION Task: {26C88229-F8B7-4046-A2DC-8F9EA3F9C2D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {C88DD8EB-CF7E-426C-BE10-094A85000793} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Pas de fichier) Task: {57BC6C62-76D5-4394-9771-84F2F0E3646D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {3BC6AE14-17F5-47C8-8F37-AB587B5F140F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {9BF18F78-C5DD-4C6B-A2F6-F5635F8F3CFA} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier) Task: {D3E1A540-DBBD-4594-9361-E1385459B818} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (Pas de fichier) Task: {921886AF-1B97-4F62-8C56-65B12D26C034} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2023-10-12] (Microsoft Windows -> Microsoft Corporation) Task: {9AC8BB3F-6DE0-479A-A8FB-9B0E8CD418EA} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2023-10-12] (Microsoft Windows -> Microsoft Corporation) Task: {D43837D4-8772-4D13-90E5-698AD830C00A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier) Task: {DB69627E-F0AB-40F1-A4FF-2EB318C36A1A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier) Task: {B7B4E2E7-C871-47D6-BD86-96D2F6130847} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier) Task: {C8503D3D-A779-45DF-A7C6-B89CB1759395} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier) Task: {BAAF056D-ABDC-478F-814F-B91FAB8962A7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier) Task: {81A0E12A-3CAF-49FE-9C3B-FDE2B6DAADF8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier) Task: {19E00768-1F22-483E-9949-A5F5973BAD1E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier) Task: {9003526D-4EE0-4342-AB68-44646D574C53} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier) Task: {C1B6A261-EFEC-4E4A-99FC-A173743C9A12} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier) Task: {64EDCD9D-A5D3-4199-A02B-DF136C9AD032} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier) Task: {307F244D-A7B4-48D9-9B85-9CE974462AE0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier) Task: {B9ED99CE-6A4D-4064-B838-2667EE6B23F1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier) Task: {5E7364ED-6620-4B0B-9562-96C26D47D06A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier) Task: {60FD016A-1EF1-4D20-850D-31F3989E4D3B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier) Task: {3DEEF6D1-7FF5-48B3-AA3A-6B838A27361F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier) Task: {9DE79165-971D-4F8F-9D2B-D40027CDBE1E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier) Task: {36933854-6731-416D-8AC0-3F47C43B425A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier) Task: {B19A9721-4FE2-44C2-A849-455E28E7313D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier) Task: {B035F2EE-B513-4367-A393-73BAB9A0DB8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier) Task: {08ED743D-17C4-4BEB-A422-6C843798B586} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier) Task: {FD61DAED-C7CB-476E-8E9C-621A2F07A1B4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier) Task: {42A8968B-52A0-404F-BA13-54A64D6C5095} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {95D9F5ED-6C57-41BB-859E-72E12D5FE144} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {B804FD79-A722-4DAE-9247-BBA37D3027E1} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {46F8403C-21BE-48DE-B526-52F5CD378B27} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {E3DDBE26-4B12-469D-8500-6FD186AFEE46} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {5F3BD29E-1A65-4E51-A962-F095FFA262F4} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-10-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {9449C54D-1F8E-4A78-A67D-255D30DC57BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-12] (Mozilla Corporation -> Mozilla Foundation) Task: {7A63A521-FEE0-4F52-B78F-C1A8CE5A90B5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {DC50E3CB-EBDF-4A05-BA1B-281EF7147E05} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {8DB4F34D-AD13-4C69-8E0E-1B1468F6E3C9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7C2738C7-C3C1-490D-9C1F-E12DA3B3C0AC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C0B9F3CA-331A-4BAD-985F-18DEBA39630D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4E64A410-415B-4ED9-9C0A-ED88558EC8FE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {15C09ACE-2ED9-4C20-8448-C6FFA8183248} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {81010C76-41CC-4E50-B673-98DCC720F1F3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5462F886-F545-4FDB-B575-24522933DF76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A3A6DBE9-7AD5-4B4B-AD0C-2FAA5509BD58} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{cb6c8bca-192e-4046-8f24-72a6fd7088c6}: [NameServer] xxxx,8.8.8.8 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-17] FireFox: ======== FF DefaultProfile: 8vvicq25.default-1487329024054-1684831955052 FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\8vvicq25.default-1487329024054-1684831955052 [2023-10-24] FF Homepage: Mozilla\Firefox\Profiles\8vvicq25.default-1487329024054-1684831955052 -> google.fr FF Extension: (uBlock Origin) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\8vvicq25.default-1487329024054-1684831955052\Extensions\uBlock0@raymondhill.net.xpi [2023-09-26] FF Extension: (Malwarebytes Browser Guard) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\8vvicq25.default-1487329024054-1684831955052\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2023-10-17] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => non trouvé(e) FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => non trouvé(e) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-02-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Fichier non signé] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-10-24] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default [2023-10-24] CHR Notifications: Default -> hxxps://mail.google.com CHR Extension: (Google Docs hors connexion) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-29] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk, Inc -> Autodesk Inc.) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-08-01] (Adobe Systems) [Fichier non signé] R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-16] (philandro Software GmbH -> AnyDesk Software GmbH) R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [10539808 2023-05-21] (Autodesk, Inc. -> Autodesk, Inc.) S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.) R2 Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [755288 2014-07-03] (Canon Inc. -> CANON INC) R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [11309520 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software) R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2532472 2023-08-09] (ESET, spol. s r.o. -> ESET) S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [55416 2023-08-09] (ESET, spol. s r.o. -> ESET) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3873952 2023-08-09] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3873952 2023-08-09] (ESET, spol. s r.o. -> ESET) R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1529112 2023-08-14] (ESET, spol. s r.o. -> ESET) R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.) R2 iPFDeviceAgentService; C:\WINDOWS\system32\cnwiols6.exe [217416 2013-02-26] (Canon Inc. -> CANON INC.) R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH -> TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [210320 2023-08-09] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118904 2023-08-09] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [252184 2023-08-09] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55400 2023-03-21] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81712 2023-08-09] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123040 2023-08-09] (ESET, spol. s r.o. -> ESET) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.) U5 osadevprotect; C:\WINDOWS\system32\drivers\osadevprotect.sys [25440 2023-10-13] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) U5 OSArmorDevDrv; C:\WINDOWS\system32\drivers\OSArmorDevDrv.sys [26576 2023-10-13] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) S3 pccsmcfd; C:\WINDOWS\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) S3 SNTUSB64; C:\WINDOWS\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-24 16:03 - 2023-10-24 16:04 - 000033512 _____ C:\Users\xxxx\Downloads\FRST.txt 2023-10-24 16:02 - 2023-10-24 16:03 - 000000000 ____D C:\FRST 2023-10-24 16:01 - 2023-10-24 16:02 - 002383360 _____ (Farbar) C:\Users\xxxx\Downloads\FRST64.exe 2023-10-24 15:15 - 2023-10-24 15:15 - 000233683 _____ C:\Users\xxxx\Downloads\SF2310452516.pdf 2023-10-24 14:52 - 2023-10-24 14:52 - 000232647 _____ C:\Users\xxxx\Downloads\SF2310451352.pdf 2023-10-23 07:56 - 2023-10-24 07:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2023-10-17 14:38 - 2023-10-17 14:38 - 000233892 _____ C:\Users\xxxx\Downloads\SF2310340197.pdf 2023-10-13 13:35 - 2023-10-13 13:35 - 000234303 _____ C:\Users\xxxx\Downloads\SF2310293850.pdf 2023-10-12 13:51 - 2023-10-12 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2023-10-12 13:51 - 2023-10-12 13:51 - 000233096 _____ C:\Users\xxxx\Downloads\SF2310271945.pdf 2023-10-12 10:18 - 2023-10-12 10:18 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-10-12 10:05 - 2023-10-12 10:05 - 000000000 ___HD C:\$WinREAgent 2023-10-11 12:57 - 2023-10-11 12:57 - 000000000 ____D C:\ProgramData\PLUG 2023-10-11 08:57 - 2023-10-11 08:57 - 000000000 ____D C:\Program Files\RUXIM 2023-09-26 15:16 - 2023-09-26 15:16 - 016386775 _____ C:\Users\xxxx\Downloads\wetransfer_scan15561-jpg_2023-09-26_0631.zip ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-10-24 16:02 - 2022-02-09 13:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-10-24 16:01 - 2021-12-15 18:01 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-10-24 16:01 - 2012-08-31 08:27 - 000000000 ____D C:\Program Files (x86)\Google 2023-10-24 15:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-10-24 15:44 - 2018-11-05 09:43 - 000000000 ____D C:\Users\xxxx\AppData\Local\CrashDumps 2023-10-24 15:41 - 2012-08-29 15:24 - 000000120 _____ C:\WINDOWS\system32\config\netlogon.ftl 2023-10-24 12:25 - 2021-03-16 11:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-10-24 10:31 - 2012-08-29 16:00 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Excel 2023-10-24 07:57 - 2023-03-20 10:23 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-10-24 07:57 - 2014-11-10 16:58 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2023-10-24 07:57 - 2012-08-29 00:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-10-24 07:56 - 2012-09-04 10:44 - 000000000 ____D C:\ProgramData\NVIDIA 2023-10-23 16:30 - 2016-11-21 14:07 - 000000000 ____D C:\Users\xxxx\AppData\LocalLow\Mozilla 2023-10-23 11:47 - 2023-04-17 09:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2237428635-2949036318-282999744-1108 2023-10-23 11:47 - 2023-04-17 09:41 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2237428635-2949036318-282999744-1108 2023-10-23 11:47 - 2021-03-16 11:49 - 000002460 _____ C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-10-23 07:50 - 2020-09-07 07:55 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-10-23 07:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-10-23 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-10-19 11:50 - 2022-10-13 08:12 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-10-19 11:50 - 2021-03-16 11:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-10-19 11:50 - 2019-12-23 15:13 - 000000000 ____D C:\Users\xxxx\AppData\Local\Packages 2023-10-16 07:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-10-13 07:47 - 2021-03-16 11:57 - 002005062 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-10-13 07:47 - 2019-12-07 16:50 - 000865430 _____ C:\WINDOWS\system32\perfh00C.dat 2023-10-13 07:47 - 2019-12-07 16:50 - 000177780 _____ C:\WINDOWS\system32\perfc00C.dat 2023-10-13 07:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-10-13 07:43 - 2022-01-25 12:54 - 000026576 _____ (NoVirusThanks Company Srl) C:\WINDOWS\system32\Drivers\OSArmorDevDrv.sys 2023-10-13 07:43 - 2022-01-25 12:54 - 000025440 _____ (NoVirusThanks Company Srl) C:\WINDOWS\system32\Drivers\osadevprotect.sys 2023-10-13 07:43 - 2021-03-16 11:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-10-13 07:42 - 2021-03-16 11:47 - 000008192 ___SH C:\DumpStack.log.tmp 2023-10-12 17:07 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2023-10-12 17:04 - 2021-03-16 11:47 - 000515608 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-10-12 17:02 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-10-12 17:02 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-10-12 17:02 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-10-12 17:02 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-10-12 17:02 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-10-12 17:02 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\system32\fr 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-10-12 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-10-12 17:02 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2023-10-12 15:44 - 2012-08-29 00:49 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-10-12 10:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-10-12 10:28 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-10-12 10:28 - 2019-12-07 16:53 - 000023552 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2023-10-12 10:28 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2023-10-12 10:28 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2023-10-12 10:18 - 2021-03-16 11:50 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-10-12 08:35 - 2013-08-26 17:15 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-10-12 08:28 - 2012-08-28 19:30 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2023-04-17 09:43 - 2023-04-17 09:43 - 000887296 _____ (ForensiT Software Limited) C:\ProgramData\UserProfileMigrationService.exe 2012-10-02 10:05 - 2014-02-17 11:33 - 000011776 _____ () C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-04-23 14:24 - 2020-02-24 14:20 - 000007646 _____ () C:\Users\xxxx\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================