Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-12-2020
Exécuté par Entreprise DB (administrateur) sur ENTREPRISEDB-PC (13-12-2020 01:45:25)
Exécuté depuis C:\Users\Entreprise DB\Desktop
Profils chargés: Entreprise DB
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2018-09-12] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON AL-C300DN Advanced 64MonitorBE: C:\Windows\system32\E_4LMBAAE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor86: C:\Windows\system32\E_L12086.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PX830 Series 64MonitorBE: C:\Windows\system32\E_ILMHOE.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2019-09-04] (Softland) [Fichier non signé]
BootExecute:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4A354486-97C4-43B1-BD46-5E194801EEAA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DA9C7B5-41C4-46C0-9E43-343F6023675C} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {BA117580-1283-4FEF-BE5A-EC61C6D0CF20} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD12E76D-98DE-41EC-9108-D7878EFDA71A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [DhcpNameServer] 1.1.1.1 1.0.0.1
FireFox:
========
FF DefaultProfile: olmtkwu4.default-1603300992944
FF ProfilePath: C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 [2020-12-13]
FF DownloadDir: D:\Téléchargements
FF Homepage: Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 -> hxxps://www.qwant.com/?client=ext-firefox-hp
FF HomepageOverride: Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 -> Enabled: qwantcomforfirefox@jetpack
FF Extension: (Disconnect) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\2.0@disconnect.me.xpi [2020-10-21]
FF Extension: (Signal Spam) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\@addonsignalspam.xpi [2020-11-17]
FF Extension: (Facebook Container) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\@contain-facebook.xpi [2020-10-21]
FF Extension: (Cookie AutoDelete) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\CookieAutoDelete@kennydo.com.xpi [2020-10-21]
FF Extension: (Google search link fix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-10-21]
FF Extension: (To Google Translate) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-12-10]
FF Extension: (Pas de nom) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-21]
FF Extension: (uBlock Origin) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\uBlock0@raymondhill.net.xpi [2020-11-19]
FF Extension: (Flagfox) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-12-02]
FF Extension: (Temp Mail - E-mail temporaire disponible) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{2d97895d-fcd3-41ab-82e6-6a1d4d2243f6}.xpi [2020-10-21]
FF Extension: (Chameleon) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2020-12-12]
FF Extension: (Eviter les redirections Google Search) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{66ae1871-3b03-4157-96a1-dd82f8a5a045}.xpi [2020-10-21]
FF Extension: (NoScript) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-12-11]
FF Extension: (ClearURLs) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2020-11-24]
FF Extension: (LocalCDN) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{b86e4813-687a-43e6-ab65-0bde4ab75758}.xpi [2020-12-05]
FF Extension: (Google Analytics Blocker) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2020-10-21]
FF Extension: (View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google, Bing, Yandex, Gigablast, WebCite, Sogou, Memento, Naver and Yahoo Japan.) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{d07ccf11-c0cd-4938-a265-2a4d6ad01189}.xpi [2020-10-21]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [Pas de fichier]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-09-04] (Softland SRL -> Microsoft)
R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S2 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-11-01] (Reason Software Company Inc. -> Reason Software Company Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
U5 osadevprotect; C:\Windows\system32\drivers\osadevprotect.sys [15040 2020-12-12] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U5 OSArmorDevDrv; C:\Windows\system32\drivers\OSArmorDevDrv.sys [16064 2020-12-12] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-10-18] (Adlice -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 01:45 - 2020-12-13 01:45 - 000016421 _____ C:\Users\Entreprise DB\Desktop\FRST.txt
2020-12-13 01:38 - 2020-12-13 01:38 - 000306088 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.html
2020-12-13 01:38 - 2020-12-13 01:38 - 000248255 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.txt
2020-12-13 01:29 - 2020-12-13 01:29 - 002289152 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-12-13 01:28 - 2020-12-13 01:28 - 003477888 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
2020-12-12 15:19 - 2020-12-12 15:19 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-12 00:46 - 2020-12-12 00:46 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-11 18:10 - 2020-12-11 18:10 - 000001524 _____ C:\Users\Entreprise DB\Desktop\PDFXCview.exe - Raccourci.lnk
2020-12-10 19:02 - 2020-12-10 19:02 - 000230779 _____ C:\Users\Entreprise DB\Desktop\Tarifs - INDIVIDUELS.pdf
2020-12-08 02:46 - 2020-12-08 02:46 - 006488243 _____ C:\Users\Entreprise DB\Desktop\Fiche Technique ODXSMART64.pdf
2020-12-08 02:46 - 2020-12-08 02:46 - 001035449 _____ C:\Users\Entreprise DB\Desktop\Manuel d'utilisation - Cleyver - XSMART 64.pdf
2020-12-05 02:11 - 2020-12-05 02:11 - 000001482 _____ C:\Users\Public\Desktop\LibreOffice 7.0.lnk
2020-12-05 02:11 - 2020-12-05 02:11 - 000001482 _____ C:\ProgramData\Desktop\LibreOffice 7.0.lnk
2020-12-05 02:11 - 2020-12-05 02:11 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-11-30 19:25 - 2020-11-30 18:34 - 002249273 _____ C:\Users\Entreprise DB\Desktop\2020 11 30 Attestation déplacement nouvelle .pdf
2020-11-28 17:51 - 2020-11-28 17:51 - 000818551 _____ C:\Users\Entreprise DB\Desktop\Notice Téléphone Gigaset FR.pdf
2020-11-28 00:11 - 2020-11-28 00:11 - 000371007 _____ C:\Users\Entreprise DB\Desktop\20 km autour.odt
2020-11-24 01:43 - 2020-11-24 01:43 - 000000272 _____ C:\Users\Entreprise DB\Desktop\panneaux solaires Qcells - Qwant Recherche.URL
2020-11-24 01:08 - 2020-11-24 01:08 - 001745724 _____ C:\Users\Entreprise DB\Desktop\Panneaux Solaires Q_CELLS_Caracte__ristiques_Q.PEAK_DUO_BLK-G6__330-345_2019-10_Rev01_FR.pdf
2020-11-24 01:01 - 2020-11-24 01:01 - 001609896 _____ C:\Users\Entreprise DB\Desktop\Panneaux Solaires Q_CELLS_Caracte__ristiques_Q.PEAK_DUO_BLK-G9_QD_325-345_2020-08_Rev01_FR.pdf
2020-11-23 20:05 - 2020-11-23 20:05 - 026968632 _____ C:\Users\Entreprise DB\Desktop\Mises à jour logiciels UCheck_portable64.exe
2020-11-18 01:22 - 2020-11-18 01:22 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-11 02:25 - 2020-12-12 00:46 - 000001949 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-11 02:25 - 2020-12-12 00:46 - 000001949 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-25 01:05 - 2020-10-25 02:34 - 000001623 _____ C:\Users\Entreprise DB\Desktop\AOMEI Backupper.exe - Raccourci.lnk
2020-10-24 01:56 - 2020-12-12 09:39 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\IGDump
2020-10-24 01:52 - 2020-12-12 00:46 - 000001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-24 00:59 - 2020-10-24 00:59 - 000001443 _____ C:\Users\Entreprise DB\Desktop\CCleaner64.exe - Raccourci.lnk
2020-10-21 01:35 - 2020-12-12 20:44 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\vlc
2020-10-20 01:27 - 2020-12-05 02:11 - 000000000 ____D C:\Program Files\LibreOffice
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 01:45 - 2019-12-29 01:43 - 000000000 ____D C:\FRST
2020-12-13 01:38 - 2019-10-27 13:51 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\Mozilla
2020-12-13 01:38 - 2019-10-17 18:56 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\ZHP
2020-12-13 01:38 - 2019-09-17 23:39 - 000000135 _____ C:\Users\Entreprise
2020-12-12 15:27 - 2009-07-14 05:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-12-12 15:27 - 2009-07-14 05:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-12-12 15:23 - 2018-12-29 02:33 - 000824628 _____ C:\Windows\system32\perfh00A.dat
2020-12-12 15:23 - 2018-12-29 02:33 - 000192838 _____ C:\Windows\system32\perfc00A.dat
2020-12-12 15:23 - 2018-12-28 23:14 - 000780794 _____ C:\Windows\system32\perfh007.dat
2020-12-12 15:23 - 2018-12-28 23:14 - 000178922 _____ C:\Windows\system32\perfc007.dat
2020-12-12 15:23 - 2011-04-12 10:16 - 000824238 _____ C:\Windows\system32\perfh00C.dat
2020-12-12 15:23 - 2011-04-12 10:16 - 000180840 _____ C:\Windows\system32\perfc00C.dat
2020-12-12 15:23 - 2009-07-14 06:13 - 003900216 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-12 15:23 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-12-12 15:19 - 2020-02-02 23:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2020-12-12 15:19 - 2020-02-02 23:11 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2020-12-12 15:19 - 2020-02-02 23:11 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2020-12-12 15:19 - 2019-10-21 01:45 - 000016064 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\OSArmorDevDrv.sys
2020-12-12 15:19 - 2019-10-21 01:45 - 000015040 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\osadevprotect.sys
2020-12-12 15:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-12 15:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-12-12 00:45 - 2020-03-31 18:24 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-11 20:29 - 2019-09-08 15:20 - 000000000 ___RD C:\Users\Entreprise DB\Desktop\Icônes moins utilisées
2020-12-11 13:43 - 2018-12-28 12:11 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\Adobe
2020-12-09 01:40 - 2018-12-28 10:28 - 000000000 ____D C:\Users\Entreprise DB
2020-12-05 10:28 - 2009-07-14 05:45 - 000571024 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-05 02:13 - 2019-11-01 01:23 - 000000000 ____D C:\ProgramData\Unchecky
2020-12-05 02:13 - 2019-10-17 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2020-12-05 02:13 - 2019-10-17 00:27 - 000000000 ____D C:\Program Files\PeaZip
2020-12-04 12:31 - 2009-07-14 06:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-11-27 15:53 - 2019-10-24 23:49 - 000001945 _____ C:\Windows\epplauncher.mif
2020-11-18 14:06 - 2020-03-22 12:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-16 19:28 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
==================== Fichiers à la racine de certains dossiers ========
2019-12-07 23:59 - 2019-12-08 00:04 - 000007673 _____ () C:\Users\Entreprise DB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2019-09-04 19:25 - 2019-09-04 19:25 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll
2019-09-04 19:25 - 2019-09-04 19:25 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000075264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000063488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2012-01-23 13:15 - 2012-01-23 13:15 - 000122880 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerAg.dll
2012-01-23 13:15 - 2012-01-23 13:15 - 002478592 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerBe.dll
2019-09-07 18:18 - 2016-09-29 08:44 - 001298584 _____ C:\Windows\ddmmain.exe
2015-03-17 01:34 - 2015-03-17 01:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000065024 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000056320 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2012-01-23 13:29 - 2012-01-23 13:29 - 000122880 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerAg.dll
2012-01-23 13:29 - 2012-01-23 13:29 - 002478592 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerBe.dll
2018-12-28 15:39 - 2004-06-11 08:34 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6fr.DLL
2019-09-08 14:32 - 2019-10-24 00:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-09-08 14:32 - 2019-10-24 00:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-09-08 14:32 - 2019-10-24 00:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-13 01:29 - 2020-12-13 01:29 - 002289152 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-12-13 01:28 - 2020-12-13 01:28 - 003477888 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=E:
path \bootmgr
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {314aeaa6-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
osdevice unknown
systemroot \Windows
resumeobject {314aeaa5-0a81-11e9-9024-8a852e30f591}
nx OptIn
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
loadoptions DENABLE_INTEGRITY_CHECKS
testsigning No
osdevice partition=C:
systemroot \Windows
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
Chargeur de d�marrage Windows
-----------------------------
identificateur {9531bfe8-ca4d-4b1c-b706-fb0354d23dfb}
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
device partition=C:
path \Windows\system32\winresume.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {314aeaa5-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=E:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Secteur de d�marrage en mode r�el
---------------------------------
identificateur {314aeaa8-0a81-11e9-9024-8a852e30f591}
device partition=C:
path \amldr.mbr
description AOMEI Backupper
Param�tres EMS
--------------
identificateur {emssettings}
bootems Yes
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {dbff7e90-5c75-4ac4-a742-e6568cf5d32a}
ramdisksdidevice unknown
ramdisksdipath \Aomei\AomeiBoot.sdi
LastRegBack: 2020-12-13 00:19
==================== Fin de FRST.txt ========================
Exécuté par Entreprise DB (administrateur) sur ENTREPRISEDB-PC (13-12-2020 01:45:25)
Exécuté depuis C:\Users\Entreprise DB\Desktop
Profils chargés: Entreprise DB
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2018-09-12] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON AL-C300DN Advanced 64MonitorBE: C:\Windows\system32\E_4LMBAAE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor86: C:\Windows\system32\E_L12086.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PX830 Series 64MonitorBE: C:\Windows\system32\E_ILMHOE.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2019-09-04] (Softland) [Fichier non signé]
BootExecute:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4A354486-97C4-43B1-BD46-5E194801EEAA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DA9C7B5-41C4-46C0-9E43-343F6023675C} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {BA117580-1283-4FEF-BE5A-EC61C6D0CF20} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {BD12E76D-98DE-41EC-9108-D7878EFDA71A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [DhcpNameServer] 1.1.1.1 1.0.0.1
FireFox:
========
FF DefaultProfile: olmtkwu4.default-1603300992944
FF ProfilePath: C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 [2020-12-13]
FF DownloadDir: D:\Téléchargements
FF Homepage: Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 -> hxxps://www.qwant.com/?client=ext-firefox-hp
FF HomepageOverride: Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944 -> Enabled: qwantcomforfirefox@jetpack
FF Extension: (Disconnect) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\2.0@disconnect.me.xpi [2020-10-21]
FF Extension: (Signal Spam) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\@addonsignalspam.xpi [2020-11-17]
FF Extension: (Facebook Container) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\@contain-facebook.xpi [2020-10-21]
FF Extension: (Cookie AutoDelete) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\CookieAutoDelete@kennydo.com.xpi [2020-10-21]
FF Extension: (Google search link fix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-10-21]
FF Extension: (To Google Translate) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-12-10]
FF Extension: (Pas de nom) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-21]
FF Extension: (uBlock Origin) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\uBlock0@raymondhill.net.xpi [2020-11-19]
FF Extension: (Flagfox) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-12-02]
FF Extension: (Temp Mail - E-mail temporaire disponible) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{2d97895d-fcd3-41ab-82e6-6a1d4d2243f6}.xpi [2020-10-21]
FF Extension: (Chameleon) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2020-12-12]
FF Extension: (Eviter les redirections Google Search) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{66ae1871-3b03-4157-96a1-dd82f8a5a045}.xpi [2020-10-21]
FF Extension: (NoScript) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-12-11]
FF Extension: (ClearURLs) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2020-11-24]
FF Extension: (LocalCDN) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{b86e4813-687a-43e6-ab65-0bde4ab75758}.xpi [2020-12-05]
FF Extension: (Google Analytics Blocker) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2020-10-21]
FF Extension: (View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google, Bing, Yandex, Gigablast, WebCite, Sogou, Memento, Naver and Yahoo Japan.) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\olmtkwu4.default-1603300992944\Extensions\{d07ccf11-c0cd-4938-a265-2a4d6ad01189}.xpi [2020-10-21]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [Pas de fichier]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-09-04] (Softland SRL -> Microsoft)
R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S2 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-11-01] (Reason Software Company Inc. -> Reason Software Company Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
U5 osadevprotect; C:\Windows\system32\drivers\osadevprotect.sys [15040 2020-12-12] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U5 OSArmorDevDrv; C:\Windows\system32\drivers\OSArmorDevDrv.sys [16064 2020-12-12] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-10-18] (Adlice -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 01:45 - 2020-12-13 01:45 - 000016421 _____ C:\Users\Entreprise DB\Desktop\FRST.txt
2020-12-13 01:38 - 2020-12-13 01:38 - 000306088 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.html
2020-12-13 01:38 - 2020-12-13 01:38 - 000248255 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.txt
2020-12-13 01:29 - 2020-12-13 01:29 - 002289152 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-12-13 01:28 - 2020-12-13 01:28 - 003477888 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
2020-12-12 15:19 - 2020-12-12 15:19 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-12 00:46 - 2020-12-12 00:46 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-11 18:10 - 2020-12-11 18:10 - 000001524 _____ C:\Users\Entreprise DB\Desktop\PDFXCview.exe - Raccourci.lnk
2020-12-10 19:02 - 2020-12-10 19:02 - 000230779 _____ C:\Users\Entreprise DB\Desktop\Tarifs - INDIVIDUELS.pdf
2020-12-08 02:46 - 2020-12-08 02:46 - 006488243 _____ C:\Users\Entreprise DB\Desktop\Fiche Technique ODXSMART64.pdf
2020-12-08 02:46 - 2020-12-08 02:46 - 001035449 _____ C:\Users\Entreprise DB\Desktop\Manuel d'utilisation - Cleyver - XSMART 64.pdf
2020-12-05 02:11 - 2020-12-05 02:11 - 000001482 _____ C:\Users\Public\Desktop\LibreOffice 7.0.lnk
2020-12-05 02:11 - 2020-12-05 02:11 - 000001482 _____ C:\ProgramData\Desktop\LibreOffice 7.0.lnk
2020-12-05 02:11 - 2020-12-05 02:11 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-11-30 19:25 - 2020-11-30 18:34 - 002249273 _____ C:\Users\Entreprise DB\Desktop\2020 11 30 Attestation déplacement nouvelle .pdf
2020-11-28 17:51 - 2020-11-28 17:51 - 000818551 _____ C:\Users\Entreprise DB\Desktop\Notice Téléphone Gigaset FR.pdf
2020-11-28 00:11 - 2020-11-28 00:11 - 000371007 _____ C:\Users\Entreprise DB\Desktop\20 km autour.odt
2020-11-24 01:43 - 2020-11-24 01:43 - 000000272 _____ C:\Users\Entreprise DB\Desktop\panneaux solaires Qcells - Qwant Recherche.URL
2020-11-24 01:08 - 2020-11-24 01:08 - 001745724 _____ C:\Users\Entreprise DB\Desktop\Panneaux Solaires Q_CELLS_Caracte__ristiques_Q.PEAK_DUO_BLK-G6__330-345_2019-10_Rev01_FR.pdf
2020-11-24 01:01 - 2020-11-24 01:01 - 001609896 _____ C:\Users\Entreprise DB\Desktop\Panneaux Solaires Q_CELLS_Caracte__ristiques_Q.PEAK_DUO_BLK-G9_QD_325-345_2020-08_Rev01_FR.pdf
2020-11-23 20:05 - 2020-11-23 20:05 - 026968632 _____ C:\Users\Entreprise DB\Desktop\Mises à jour logiciels UCheck_portable64.exe
2020-11-18 01:22 - 2020-11-18 01:22 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-11 02:25 - 2020-12-12 00:46 - 000001949 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-11 02:25 - 2020-12-12 00:46 - 000001949 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-25 01:05 - 2020-10-25 02:34 - 000001623 _____ C:\Users\Entreprise DB\Desktop\AOMEI Backupper.exe - Raccourci.lnk
2020-10-24 01:56 - 2020-12-12 09:39 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\IGDump
2020-10-24 01:52 - 2020-12-12 00:46 - 000001961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-24 00:59 - 2020-10-24 00:59 - 000001443 _____ C:\Users\Entreprise DB\Desktop\CCleaner64.exe - Raccourci.lnk
2020-10-21 01:35 - 2020-12-12 20:44 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\vlc
2020-10-20 01:27 - 2020-12-05 02:11 - 000000000 ____D C:\Program Files\LibreOffice
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-13 01:45 - 2019-12-29 01:43 - 000000000 ____D C:\FRST
2020-12-13 01:38 - 2019-10-27 13:51 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\Mozilla
2020-12-13 01:38 - 2019-10-17 18:56 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\ZHP
2020-12-13 01:38 - 2019-09-17 23:39 - 000000135 _____ C:\Users\Entreprise
2020-12-12 15:27 - 2009-07-14 05:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-12-12 15:27 - 2009-07-14 05:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-12-12 15:23 - 2018-12-29 02:33 - 000824628 _____ C:\Windows\system32\perfh00A.dat
2020-12-12 15:23 - 2018-12-29 02:33 - 000192838 _____ C:\Windows\system32\perfc00A.dat
2020-12-12 15:23 - 2018-12-28 23:14 - 000780794 _____ C:\Windows\system32\perfh007.dat
2020-12-12 15:23 - 2018-12-28 23:14 - 000178922 _____ C:\Windows\system32\perfc007.dat
2020-12-12 15:23 - 2011-04-12 10:16 - 000824238 _____ C:\Windows\system32\perfh00C.dat
2020-12-12 15:23 - 2011-04-12 10:16 - 000180840 _____ C:\Windows\system32\perfc00C.dat
2020-12-12 15:23 - 2009-07-14 06:13 - 003900216 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-12 15:23 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-12-12 15:19 - 2020-02-02 23:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2020-12-12 15:19 - 2020-02-02 23:11 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2020-12-12 15:19 - 2020-02-02 23:11 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2020-12-12 15:19 - 2019-10-21 01:45 - 000016064 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\OSArmorDevDrv.sys
2020-12-12 15:19 - 2019-10-21 01:45 - 000015040 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\osadevprotect.sys
2020-12-12 15:19 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-12 15:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-12-12 00:45 - 2020-03-31 18:24 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-11 20:29 - 2019-09-08 15:20 - 000000000 ___RD C:\Users\Entreprise DB\Desktop\Icônes moins utilisées
2020-12-11 13:43 - 2018-12-28 12:11 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\Adobe
2020-12-09 01:40 - 2018-12-28 10:28 - 000000000 ____D C:\Users\Entreprise DB
2020-12-05 10:28 - 2009-07-14 05:45 - 000571024 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-05 02:13 - 2019-11-01 01:23 - 000000000 ____D C:\ProgramData\Unchecky
2020-12-05 02:13 - 2019-10-17 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2020-12-05 02:13 - 2019-10-17 00:27 - 000000000 ____D C:\Program Files\PeaZip
2020-12-04 12:31 - 2009-07-14 06:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-11-27 15:53 - 2019-10-24 23:49 - 000001945 _____ C:\Windows\epplauncher.mif
2020-11-18 14:06 - 2020-03-22 12:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-16 19:28 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
==================== Fichiers à la racine de certains dossiers ========
2019-12-07 23:59 - 2019-12-08 00:04 - 000007673 _____ () C:\Users\Entreprise DB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2019-09-04 19:25 - 2019-09-04 19:25 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll
2019-09-04 19:25 - 2019-09-04 19:25 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000075264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000063488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2012-01-23 13:15 - 2012-01-23 13:15 - 000122880 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerAg.dll
2012-01-23 13:15 - 2012-01-23 13:15 - 002478592 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerBe.dll
2019-09-07 18:18 - 2016-09-29 08:44 - 001298584 _____ C:\Windows\ddmmain.exe
2015-03-17 01:34 - 2015-03-17 01:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000065024 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-04-29 23:36 - 2013-04-29 23:36 - 000056320 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2012-01-23 13:29 - 2012-01-23 13:29 - 000122880 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerAg.dll
2012-01-23 13:29 - 2012-01-23 13:29 - 002478592 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerBe.dll
2018-12-28 15:39 - 2004-06-11 08:34 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6fr.DLL
2019-09-08 14:32 - 2019-10-24 00:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-09-08 14:32 - 2019-10-24 00:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-09-08 14:32 - 2019-10-24 00:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-12-13 01:29 - 2020-12-13 01:29 - 002289152 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-12-13 01:28 - 2020-12-13 01:28 - 003477888 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=E:
path \bootmgr
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {314aeaa6-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
osdevice unknown
systemroot \Windows
resumeobject {314aeaa5-0a81-11e9-9024-8a852e30f591}
nx OptIn
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
loadoptions DENABLE_INTEGRITY_CHECKS
testsigning No
osdevice partition=C:
systemroot \Windows
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
Chargeur de d�marrage Windows
-----------------------------
identificateur {9531bfe8-ca4d-4b1c-b706-fb0354d23dfb}
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
device partition=C:
path \Windows\system32\winresume.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {314aeaa5-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=E:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Secteur de d�marrage en mode r�el
---------------------------------
identificateur {314aeaa8-0a81-11e9-9024-8a852e30f591}
device partition=C:
path \amldr.mbr
description AOMEI Backupper
Param�tres EMS
--------------
identificateur {emssettings}
bootems Yes
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {dbff7e90-5c75-4ac4-a742-e6568cf5d32a}
ramdisksdidevice unknown
ramdisksdipath \Aomei\AomeiBoot.sdi
LastRegBack: 2020-12-13 00:19
==================== Fin de FRST.txt ========================