Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2025
Exécuté par Bruno-PC (administrateur) sur BRUNO-PC (MSI MS-7850) (20-02-2025 11:47:14)
Exécuté depuis C:\Users\Bruno-PC\Desktop\FRST64.exe
Profils chargés: Bruno-PC
Plate-forme: Microsoft Windows 10 Entreprise Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Run: [MicrosoftEdgeAutoLaunch_90787E1C53F19B549C0194705DAEAE1E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.89\Installer\chrmstp.exe [2024-08-02] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction - Edge <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {6F18459A-7367-4D47-B092-5EE774D1AB1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {36D88AB0-B556-44CF-BEB0-31E92498A7DE} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-4RGM02B-Bruno-PC => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {7AB4EBCE-BFD4-4275-89CE-2054AFA807D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {53952460-D647-43E7-97D5-5C3E61D9BA60} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5974480 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
Task: {77164A81-5FE7-469A-BE41-C316F1625612} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{7C26854F-81AE-4D0D-8C7C-C143654A0BB5} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {87DF43FA-E5AB-418E-8E1F-E789023807B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.)
Task: {F4A08963-54AC-49EC-B54D-C018091DD8FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN1657W1P6 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {EA46588A-A6FD-4411-9E7F-9E75787369D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {205A0AFC-AA28-47D9-A130-89FE95D9CDBC} - System32\Tasks\HPCustParticipation HP DeskJet 2700 series => C:\Program Files\HP\HP DeskJet 2700 series\Bin\HPCustPartic.exe [6732960 2022-01-25] (HP Inc. -> HP Inc.)
Task: {15BC6B3E-B608-482A-8BC2-167F0A35FD38} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBEC8A64-424C-40DF-8920-CB841D93EA17} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {463C3242-8401-48BA-89C2-4730DD6037BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E65ADEDF-C3EB-4ABC-A1EF-512A180E1919} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0A22B77-27EC-4321-902A-1310865750CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8322FE52-A347-42F2-9EC8-225EF8573F90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D439283-CB00-43BD-968C-3E399B41A8C7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [194672 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {80174B2E-E9E5-4129-9661-360D66A95450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93564992-A7C5-431F-A379-2C90E3266717} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {574A5823-92F9-4D7B-A247-3B38B9DBE7FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F591FA0-0E12-4676-8718-22804ECCB2B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A558A63C-5A76-4360-99B1-8BF92F95EA17} - System32\Tasks\StartRPCService => C:\WINDOWS\system32\NET.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {EEC3964E-CB6B-43A0-BAAB-5861755EA05C} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}\7416C616879702359346337343: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{a1b52e5d-729d-4565-a330-af73b397ff6f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc10b380-aa03-4c75-ba9b-b7571906dacc}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Profile: C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-20]
Edge Extension: (Pushbullet) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-04-20]
Edge Extension: (JSON Viewer) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2021-04-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Social Video Downloader) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-04-16]
Edge Extension: (Jitsi Meetings) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kglhbbefdnlheedjiejgomgmfplipfeb [2024-06-06]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default [2025-02-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-19]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-02-19]
CHR Extension: (Web Safety) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2025-02-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-02-19]
CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-16]
CHR HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617384 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60352 2025-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S4 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-15] (HP Inc. -> HP Inc.)
S4 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9483456 2025-02-20] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{3E71D36D-D641-4653-B088-57397EE1C915} [22384 2023-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-02-17] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 DFWSIDService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\WsidService.exe [X]
S4 ElevationService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\ElevationService.exe [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
S4 WirelessBackupService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\WirelessBackupService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [75848 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [55352 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [565456 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 euimgprt; C:\WINDOWS\System32\DRIVERS\euimgprt.sys [45776 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EUSSRDVR; C:\WINDOWS\System32\drivers\EUSSRDVR.sys [119512 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 L6UX2; C:\WINDOWS\System32\Drivers\L6UX264.sys [784872 2019-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Line 6)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl574c1519; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B7C8230-C0A2-4D80-9E9F-8D106B5FA870}\MpKslDrv.sys [267552 2025-02-20] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174016 2020-06-04] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-20 11:44 - 2025-02-20 11:44 - 000304145 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.html
2025-02-20 11:44 - 2025-02-20 11:44 - 000236249 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.txt
2025-02-20 11:07 - 2025-02-20 11:07 - 000003969 _____ C:\Users\Bruno-PC\Desktop\Malwarebytes Compte-rendu d’analyse 2025-02-20 105117.txt
2025-02-20 10:50 - 2025-02-20 11:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Malwarebytes
2025-02-20 10:50 - 2025-02-20 10:50 - 000002111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-02-20 10:50 - 2025-02-20 10:50 - 000002099 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\Program Files\Malwarebytes
2025-02-20 10:43 - 2025-02-20 10:43 - 000003285 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[C00].txt
2025-02-20 10:41 - 2025-02-20 10:41 - 000002728 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[S00].txt
2025-02-20 10:39 - 2025-02-20 10:43 - 000000000 ____D C:\AdwCleaner
2025-02-19 23:09 - 2025-02-19 23:09 - 000079110 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (R).txt
2025-02-19 23:03 - 2025-02-19 23:03 - 000079497 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (S).txt
2025-02-19 22:54 - 2025-02-19 22:54 - 000000926 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner.lnk
2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe
2025-02-19 21:06 - 2025-02-19 21:06 - 000071172 _____ C:\Users\Bruno-PC\Desktop\Shortcut.txt
2025-02-19 21:04 - 2025-02-19 21:06 - 000088232 _____ C:\Users\Bruno-PC\Desktop\Addition.txt
2025-02-19 21:02 - 2025-02-20 11:47 - 000023860 _____ C:\Users\Bruno-PC\Desktop\FRST.txt
2025-02-19 21:01 - 2025-02-20 11:47 - 000000000 ____D C:\FRST
2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe
2025-02-19 20:37 - 2025-02-20 11:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\ZHP
2025-02-19 20:37 - 2025-02-19 22:54 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\ZHP
2025-02-19 20:37 - 2025-02-19 20:37 - 000000914 _____ C:\Users\Bruno-PC\Desktop\ZHPSuite.lnk
2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_données.txt
2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_backups.txt
2025-02-19 18:52 - 2025-02-19 18:52 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_système.txt
2025-02-18 12:12 - 2025-01-20 21:26 - 001406416 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2025-02-18 12:11 - 2025-02-18 12:11 - 000000000 ____D C:\Users\Bruno-PC\Desktop\DriversCloud_Install
2025-02-18 12:06 - 2025-02-19 22:40 - 000000000 ____D C:\Program Files\Cybelsoft
2025-02-15 17:37 - 2025-02-15 17:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-02-14 19:00 - 2025-02-14 19:00 - 000001229 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 10.7.0.lnk
2025-02-14 19:00 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant
2025-02-14 19:00 - 2024-11-27 09:29 - 002566896 _____ C:\WINDOWS\ampa.exe
2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\system32\ampa.sys
2025-02-14 19:00 - 2024-04-12 20:57 - 001332728 _____ C:\WINDOWS\ddmmain.exe
2025-02-14 19:00 - 2024-04-12 20:57 - 000035760 _____ C:\WINDOWS\system32\ddmdrv.sys
2025-02-14 18:59 - 2025-02-14 19:01 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2025-02-14 18:59 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\AOMEIPA
2025-02-14 18:59 - 2025-02-14 18:59 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-02-14 18:49 - 2025-02-15 10:02 - 000000000 ____D C:\Program Files\Wondershare
2025-02-14 17:58 - 2025-02-14 17:58 - 000093936 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys
2025-02-14 17:58 - 2025-02-14 17:58 - 000079840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys
2025-02-14 17:26 - 2025-02-14 18:11 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODL
2025-02-14 17:26 - 2025-02-14 17:26 - 000001416 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free.lnk
2025-02-14 17:26 - 2025-02-14 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup
2025-02-14 17:26 - 2024-07-11 14:06 - 000119512 _____ C:\WINDOWS\system32\Drivers\EUSSRDVR.sys
2025-02-14 17:25 - 2025-01-03 01:19 - 000029632 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2025-02-14 17:25 - 2024-07-11 14:06 - 000045776 _____ C:\WINDOWS\system32\Drivers\euimgprt.sys
2025-02-04 10:51 - 2025-02-04 10:51 - 000487424 ___SH C:\EUMONBMP.SYS
2025-02-04 10:03 - 2025-02-04 10:03 - 000000000 ___HD C:\$WinREAgent
2025-01-06 12:01 - 2025-01-06 12:01 - 000134082 _____ C:\Users\Bruno-PC\Desktop\CalendrierPaiement.pdf
2025-01-04 13:32 - 2025-01-04 13:32 - 000001097 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2025-01-04 13:30 - 2025-01-04 13:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-04 10:30 - 2025-01-04 10:30 - 000004096 ___SH C:\{0F2AC79D-A978-4B35-AC1D-21F4B1A24A23}.CBM
2025-01-04 10:15 - 2025-02-04 09:49 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODI
2025-01-04 10:14 - 2024-07-11 14:06 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.6
2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\RadiantViewer
2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\ProgramData\RadiantViewer
2024-12-21 16:37 - 2024-12-21 16:37 - 000001927 _____ C:\Users\Public\Desktop\Cakewalk by BandLab.lnk
2024-12-05 18:47 - 2025-01-04 10:10 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODF
2024-12-05 18:47 - 2024-11-14 11:09 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.5
2024-11-25 12:35 - 2024-11-25 12:35 - 000000028 _____ C:\Users\Bruno-PC\Desktop\IRM.txt
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-20 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2025-02-20 11:40 - 2021-06-19 11:34 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Everything
2025-02-20 11:38 - 2021-08-05 11:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-20 10:59 - 2023-05-20 20:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\t5AHDrZvgzCN
2025-02-20 10:59 - 2020-01-11 15:13 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2025-02-20 10:50 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-02-20 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-20 10:43 - 2023-08-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2025-02-20 10:43 - 2023-08-09 13:21 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Samsung
2025-02-20 10:43 - 2023-08-09 13:20 - 000000000 ____D C:\Program Files (x86)\Samsung
2025-02-20 10:43 - 2022-01-24 19:40 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Hewlett-Packard
2025-02-20 10:43 - 2022-01-24 19:21 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2025-02-20 10:43 - 2022-01-24 19:20 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2025-02-20 10:40 - 2021-08-05 11:52 - 000005814 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-20 10:40 - 2019-12-07 15:49 - 009214850 _____ C:\WINDOWS\system32\perfh00C.dat
2025-02-20 10:40 - 2019-12-07 15:49 - 002692416 _____ C:\WINDOWS\system32\perfc00C.dat
2025-02-20 10:35 - 2024-11-01 11:39 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-20 10:35 - 2021-08-05 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-20 10:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-19 23:13 - 2021-08-05 11:46 - 000000000 ____D C:\Users\Bruno-PC
2025-02-19 23:13 - 2021-06-19 22:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Everything
2025-02-19 23:13 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-19 23:07 - 2020-03-23 14:55 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2025-02-19 22:45 - 2021-06-14 11:22 - 000000000 ____D C:\Program Files (x86)\Java
2025-02-19 20:40 - 2020-07-08 11:42 - 000000000 ____D C:\Program Files\BIAS FX 2 Application (64bit)
2025-02-19 12:23 - 2023-04-20 22:07 - 006291456 ____H C:\Users\Bruno-PC\AppData\Local\IconCache.db.backup
2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-18 16:53 - 2019-12-29 16:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-18 12:12 - 2021-11-07 19:40 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-02-18 12:08 - 2022-01-02 10:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-18 12:06 - 2022-06-06 08:58 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\CrashDumps
2025-02-18 12:06 - 2021-07-19 07:06 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Cybelsoft
2025-02-18 12:03 - 2022-12-10 10:00 - 000000000 ____D C:\ProgramData\BrightData
2025-02-18 12:03 - 2022-07-24 11:43 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\luminati
2025-02-18 12:01 - 2022-12-10 10:01 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Unknown Organization
2025-02-16 09:43 - 2021-04-16 15:09 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 17:38 - 2021-02-22 15:23 - 000000000 ____D C:\Program Files\Microsoft Office
2025-02-15 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-02-15 16:10 - 2020-03-31 11:18 - 000227840 _____ C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2025-02-15 16:05 - 2021-10-17 07:30 - 000000000 ____D C:\Cakewalk Projects
2025-02-15 10:03 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Wondershare
2025-02-15 10:02 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2025-02-14 19:00 - 2019-08-28 15:50 - 000001024 ____H C:\AMTAG.BIN
2025-02-14 18:59 - 2019-11-15 12:11 - 000000000 ____D C:\ProgramData\AomeiBR
2025-02-14 18:50 - 2019-11-21 10:12 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Wondershare
2025-02-14 18:49 - 2022-02-23 10:49 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-02-14 18:48 - 2019-11-15 20:36 - 000033234 _____ C:\WINDOWS\GA_OF.dat
2025-02-14 18:30 - 2019-11-29 22:18 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Word
2025-02-14 18:00 - 2019-11-15 11:57 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Packages
2025-02-14 17:59 - 2020-09-06 10:30 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\PlaceholderTileLogoFolder
2025-02-04 10:51 - 2024-02-04 11:00 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-04 10:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-04 10:11 - 2019-12-29 16:41 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-04 10:09 - 2021-08-05 11:47 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-04 09:56 - 2020-06-18 19:03 - 000000000 ____D C:\Users\Bruno-PC\.dbus-keyrings
2025-01-31 21:16 - 2019-11-15 23:37 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-29 13:55 - 2019-11-15 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-01-26 10:11 - 2021-10-07 11:39 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== Fichiers à la racine de certains dossiers ========
2022-12-22 05:25 - 2022-12-22 05:25 - 000000278 _____ () C:\ProgramData\fontcacheev1.dat
2022-06-20 11:55 - 2022-06-20 11:55 - 000051896 _____ () C:\Users\Bruno-PC\AppData\Roaming\Valeurs séparées par une virgule.ADR
2020-03-09 13:51 - 2020-05-08 22:52 - 000034870 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-03-08 12:51 - 2020-03-18 18:53 - 000004655 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterDefault.xml
2020-03-09 14:20 - 2020-03-09 14:22 - 000060110 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterPotatoDefault.xml
2020-01-06 13:05 - 2021-10-13 17:19 - 000000000 _____ () C:\Users\Bruno-PC\AppData\Local\ars.cache
2020-01-06 13:05 - 2021-10-13 17:20 - 000937017 _____ () C:\Users\Bruno-PC\AppData\Local\census.cache
2020-03-31 11:18 - 2025-02-15 16:10 - 000227840 _____ () C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-06 11:50 - 2020-01-06 11:50 - 000000036 _____ () C:\Users\Bruno-PC\AppData\Local\housecall.guid.cache
2022-02-08 14:03 - 2022-02-08 14:03 - 000000001 _____ () C:\Users\Bruno-PC\AppData\Local\llftool.4.40.agreement
2021-06-18 13:24 - 2021-06-18 13:24 - 000000218 _____ () C:\Users\Bruno-PC\AppData\Local\recently-used.xbel
2019-11-23 19:35 - 2022-08-23 09:52 - 000007601 _____ () C:\Users\Bruno-PC\AppData\Local\Resmon.ResmonCfg
2020-01-06 11:54 - 2021-10-13 17:11 - 000000010 _____ () C:\Users\Bruno-PC\AppData\Local\sponge.last.runtime.cache
2022-02-14 16:44 - 2022-02-14 16:44 - 000017408 _____ () C:\Users\Bruno-PC\AppData\Local\WebpageIcons.db
==================== SigCheckExt =========================
2009-07-14 02:25 - 2009-07-14 02:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll
2009-07-14 02:40 - 2009-07-14 02:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll
2020-03-02 13:06 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2020-05-25 11:25 - 2011-03-15 02:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLGE.DLL
2020-03-02 13:05 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLHE.DLL
2020-05-25 11:25 - 2013-10-22 03:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLGE.DLL
2020-03-02 13:06 - 2013-10-22 04:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLHE.DLL
2020-07-09 20:56 - 2012-06-20 16:38 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71u.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp70.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr70.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2009-07-14 02:41 - 2009-07-14 02:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2019-11-15 20:11 - 2006-02-24 10:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2019-11-15 20:11 - 2006-02-24 10:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-11-15 20:11 - 2006-11-30 15:49 - 000368640 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll
2019-11-15 20:11 - 2004-04-13 14:48 - 000233472 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll
2000-10-02 05:00 - 2000-10-02 05:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll
2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
1998-07-12 23:00 - 1998-07-12 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL
2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe
2024-11-11 12:58 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Bruno-PC\Desktop\NUX Cerberus Editor Software V5.exe
2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe
2021-06-26 17:15 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Public\Documents\NUX Cerberus Editor Software V5.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{e696539b-b3ae-11e9-9a36-a605b37a7623}
{64ea0c33-2aee-11ee-876d-806e6f6e6963}
{e6965399-b3ae-11e9-9a36-a605b37a7623}
timeout 1
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 10
Application logicielle (101fffff)
--------------------------------
identificateur {64ea0c33-2aee-11ee-876d-806e6f6e6963}
description CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {e6965399-b3ae-11e9-9a36-a605b37a7623}
description UEFI: Built-in EFI Shell
Application logicielle (101fffff)
--------------------------------
identificateur {e696539b-b3ae-11e9-9a36-a605b37a7623}
description Hard Drive
Chargeur de démarrage Windows
-----------------------------
identificateur {5ba00359-d898-449e-84a8-08e0f7105c98}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e}
systemroot \Windows
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {15f11bcf-af88-41e9-93d3-e091daa8ac0e}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {49600bd6-37c4-48b1-8db7-36f46010b9e0}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Macrium Reflect System Recovery
ramdisksdidevice partition=C:
ramdisksdipath \boot\Macrium\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Bruno-PC (administrateur) sur BRUNO-PC (MSI MS-7850) (20-02-2025 11:47:14)
Exécuté depuis C:\Users\Bruno-PC\Desktop\FRST64.exe
Profils chargés: Bruno-PC
Plate-forme: Microsoft Windows 10 Entreprise Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Run: [MicrosoftEdgeAutoLaunch_90787E1C53F19B549C0194705DAEAE1E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.89\Installer\chrmstp.exe [2024-08-02] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction - Edge <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {6F18459A-7367-4D47-B092-5EE774D1AB1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {36D88AB0-B556-44CF-BEB0-31E92498A7DE} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-4RGM02B-Bruno-PC => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {7AB4EBCE-BFD4-4275-89CE-2054AFA807D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {53952460-D647-43E7-97D5-5C3E61D9BA60} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5974480 2025-01-04] (Microsoft Windows -> Microsoft Corporation)
Task: {77164A81-5FE7-469A-BE41-C316F1625612} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{7C26854F-81AE-4D0D-8C7C-C143654A0BB5} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {87DF43FA-E5AB-418E-8E1F-E789023807B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.)
Task: {F4A08963-54AC-49EC-B54D-C018091DD8FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN1657W1P6 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {EA46588A-A6FD-4411-9E7F-9E75787369D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.)
Task: {205A0AFC-AA28-47D9-A130-89FE95D9CDBC} - System32\Tasks\HPCustParticipation HP DeskJet 2700 series => C:\Program Files\HP\HP DeskJet 2700 series\Bin\HPCustPartic.exe [6732960 2022-01-25] (HP Inc. -> HP Inc.)
Task: {15BC6B3E-B608-482A-8BC2-167F0A35FD38} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBEC8A64-424C-40DF-8920-CB841D93EA17} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {463C3242-8401-48BA-89C2-4730DD6037BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E65ADEDF-C3EB-4ABC-A1EF-512A180E1919} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0A22B77-27EC-4321-902A-1310865750CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8322FE52-A347-42F2-9EC8-225EF8573F90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D439283-CB00-43BD-968C-3E399B41A8C7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [194672 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {80174B2E-E9E5-4129-9661-360D66A95450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93564992-A7C5-431F-A379-2C90E3266717} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {574A5823-92F9-4D7B-A247-3B38B9DBE7FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F591FA0-0E12-4676-8718-22804ECCB2B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A558A63C-5A76-4360-99B1-8BF92F95EA17} - System32\Tasks\StartRPCService => C:\WINDOWS\system32\NET.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {EEC3964E-CB6B-43A0-BAAB-5861755EA05C} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}\7416C616879702359346337343: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{a1b52e5d-729d-4565-a330-af73b397ff6f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc10b380-aa03-4c75-ba9b-b7571906dacc}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Profile: C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-20]
Edge Extension: (Pushbullet) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-04-20]
Edge Extension: (JSON Viewer) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2021-04-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Social Video Downloader) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-04-16]
Edge Extension: (Jitsi Meetings) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kglhbbefdnlheedjiejgomgmfplipfeb [2024-06-06]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default [2025-02-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-19]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-02-19]
CHR Extension: (Web Safety) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2025-02-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-02-19]
CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-16]
CHR HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617384 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60352 2025-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S4 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2022-01-20] (HP Inc. -> HP Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-15] (HP Inc. -> HP Inc.)
S4 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9483456 2025-02-20] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{3E71D36D-D641-4653-B088-57397EE1C915} [22384 2023-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-02-17] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 DFWSIDService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\WsidService.exe [X]
S4 ElevationService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\ElevationService.exe [X]
S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
S4 WirelessBackupService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\WirelessBackupService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [75848 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [55352 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [565456 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 euimgprt; C:\WINDOWS\System32\DRIVERS\euimgprt.sys [45776 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EUSSRDVR; C:\WINDOWS\System32\drivers\EUSSRDVR.sys [119512 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 L6UX2; C:\WINDOWS\System32\Drivers\L6UX264.sys [784872 2019-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Line 6)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl574c1519; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B7C8230-C0A2-4D80-9E9F-8D106B5FA870}\MpKslDrv.sys [267552 2025-02-20] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174016 2020-06-04] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-20 11:44 - 2025-02-20 11:44 - 000304145 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.html
2025-02-20 11:44 - 2025-02-20 11:44 - 000236249 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.txt
2025-02-20 11:07 - 2025-02-20 11:07 - 000003969 _____ C:\Users\Bruno-PC\Desktop\Malwarebytes Compte-rendu d’analyse 2025-02-20 105117.txt
2025-02-20 10:50 - 2025-02-20 11:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Malwarebytes
2025-02-20 10:50 - 2025-02-20 10:50 - 000002111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-02-20 10:50 - 2025-02-20 10:50 - 000002099 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\Program Files\Malwarebytes
2025-02-20 10:43 - 2025-02-20 10:43 - 000003285 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[C00].txt
2025-02-20 10:41 - 2025-02-20 10:41 - 000002728 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[S00].txt
2025-02-20 10:39 - 2025-02-20 10:43 - 000000000 ____D C:\AdwCleaner
2025-02-19 23:09 - 2025-02-19 23:09 - 000079110 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (R).txt
2025-02-19 23:03 - 2025-02-19 23:03 - 000079497 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (S).txt
2025-02-19 22:54 - 2025-02-19 22:54 - 000000926 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner.lnk
2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe
2025-02-19 21:06 - 2025-02-19 21:06 - 000071172 _____ C:\Users\Bruno-PC\Desktop\Shortcut.txt
2025-02-19 21:04 - 2025-02-19 21:06 - 000088232 _____ C:\Users\Bruno-PC\Desktop\Addition.txt
2025-02-19 21:02 - 2025-02-20 11:47 - 000023860 _____ C:\Users\Bruno-PC\Desktop\FRST.txt
2025-02-19 21:01 - 2025-02-20 11:47 - 000000000 ____D C:\FRST
2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe
2025-02-19 20:37 - 2025-02-20 11:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\ZHP
2025-02-19 20:37 - 2025-02-19 22:54 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\ZHP
2025-02-19 20:37 - 2025-02-19 20:37 - 000000914 _____ C:\Users\Bruno-PC\Desktop\ZHPSuite.lnk
2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_données.txt
2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_backups.txt
2025-02-19 18:52 - 2025-02-19 18:52 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_système.txt
2025-02-18 12:12 - 2025-01-20 21:26 - 001406416 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2025-02-18 12:11 - 2025-02-18 12:11 - 000000000 ____D C:\Users\Bruno-PC\Desktop\DriversCloud_Install
2025-02-18 12:06 - 2025-02-19 22:40 - 000000000 ____D C:\Program Files\Cybelsoft
2025-02-15 17:37 - 2025-02-15 17:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-02-14 19:00 - 2025-02-14 19:00 - 000001229 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 10.7.0.lnk
2025-02-14 19:00 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant
2025-02-14 19:00 - 2024-11-27 09:29 - 002566896 _____ C:\WINDOWS\ampa.exe
2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\system32\ampa.sys
2025-02-14 19:00 - 2024-04-12 20:57 - 001332728 _____ C:\WINDOWS\ddmmain.exe
2025-02-14 19:00 - 2024-04-12 20:57 - 000035760 _____ C:\WINDOWS\system32\ddmdrv.sys
2025-02-14 18:59 - 2025-02-14 19:01 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2025-02-14 18:59 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\AOMEIPA
2025-02-14 18:59 - 2025-02-14 18:59 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-02-14 18:49 - 2025-02-15 10:02 - 000000000 ____D C:\Program Files\Wondershare
2025-02-14 17:58 - 2025-02-14 17:58 - 000093936 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys
2025-02-14 17:58 - 2025-02-14 17:58 - 000079840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys
2025-02-14 17:26 - 2025-02-14 18:11 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODL
2025-02-14 17:26 - 2025-02-14 17:26 - 000001416 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free.lnk
2025-02-14 17:26 - 2025-02-14 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup
2025-02-14 17:26 - 2024-07-11 14:06 - 000119512 _____ C:\WINDOWS\system32\Drivers\EUSSRDVR.sys
2025-02-14 17:25 - 2025-01-03 01:19 - 000029632 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2025-02-14 17:25 - 2024-07-11 14:06 - 000045776 _____ C:\WINDOWS\system32\Drivers\euimgprt.sys
2025-02-04 10:51 - 2025-02-04 10:51 - 000487424 ___SH C:\EUMONBMP.SYS
2025-02-04 10:03 - 2025-02-04 10:03 - 000000000 ___HD C:\$WinREAgent
2025-01-06 12:01 - 2025-01-06 12:01 - 000134082 _____ C:\Users\Bruno-PC\Desktop\CalendrierPaiement.pdf
2025-01-04 13:32 - 2025-01-04 13:32 - 000001097 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2025-01-04 13:30 - 2025-01-04 13:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-01-04 10:30 - 2025-01-04 10:30 - 000004096 ___SH C:\{0F2AC79D-A978-4B35-AC1D-21F4B1A24A23}.CBM
2025-01-04 10:15 - 2025-02-04 09:49 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODI
2025-01-04 10:14 - 2024-07-11 14:06 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.6
2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\RadiantViewer
2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\ProgramData\RadiantViewer
2024-12-21 16:37 - 2024-12-21 16:37 - 000001927 _____ C:\Users\Public\Desktop\Cakewalk by BandLab.lnk
2024-12-05 18:47 - 2025-01-04 10:10 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODF
2024-12-05 18:47 - 2024-11-14 11:09 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.5
2024-11-25 12:35 - 2024-11-25 12:35 - 000000028 _____ C:\Users\Bruno-PC\Desktop\IRM.txt
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-02-20 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2025-02-20 11:40 - 2021-06-19 11:34 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Everything
2025-02-20 11:38 - 2021-08-05 11:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-20 10:59 - 2023-05-20 20:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\t5AHDrZvgzCN
2025-02-20 10:59 - 2020-01-11 15:13 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2025-02-20 10:50 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-02-20 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-20 10:43 - 2023-08-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2025-02-20 10:43 - 2023-08-09 13:21 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Samsung
2025-02-20 10:43 - 2023-08-09 13:20 - 000000000 ____D C:\Program Files (x86)\Samsung
2025-02-20 10:43 - 2022-01-24 19:40 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Hewlett-Packard
2025-02-20 10:43 - 2022-01-24 19:21 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2025-02-20 10:43 - 2022-01-24 19:20 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2025-02-20 10:40 - 2021-08-05 11:52 - 000005814 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-20 10:40 - 2019-12-07 15:49 - 009214850 _____ C:\WINDOWS\system32\perfh00C.dat
2025-02-20 10:40 - 2019-12-07 15:49 - 002692416 _____ C:\WINDOWS\system32\perfc00C.dat
2025-02-20 10:35 - 2024-11-01 11:39 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-20 10:35 - 2021-08-05 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-20 10:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-19 23:13 - 2021-08-05 11:46 - 000000000 ____D C:\Users\Bruno-PC
2025-02-19 23:13 - 2021-06-19 22:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Everything
2025-02-19 23:13 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-19 23:07 - 2020-03-23 14:55 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2025-02-19 22:45 - 2021-06-14 11:22 - 000000000 ____D C:\Program Files (x86)\Java
2025-02-19 20:40 - 2020-07-08 11:42 - 000000000 ____D C:\Program Files\BIAS FX 2 Application (64bit)
2025-02-19 12:23 - 2023-04-20 22:07 - 006291456 ____H C:\Users\Bruno-PC\AppData\Local\IconCache.db.backup
2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-18 16:53 - 2019-12-29 16:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-18 12:12 - 2021-11-07 19:40 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-02-18 12:08 - 2022-01-02 10:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-18 12:06 - 2022-06-06 08:58 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\CrashDumps
2025-02-18 12:06 - 2021-07-19 07:06 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Cybelsoft
2025-02-18 12:03 - 2022-12-10 10:00 - 000000000 ____D C:\ProgramData\BrightData
2025-02-18 12:03 - 2022-07-24 11:43 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\luminati
2025-02-18 12:01 - 2022-12-10 10:01 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Unknown Organization
2025-02-16 09:43 - 2021-04-16 15:09 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 17:38 - 2021-02-22 15:23 - 000000000 ____D C:\Program Files\Microsoft Office
2025-02-15 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-02-15 16:10 - 2020-03-31 11:18 - 000227840 _____ C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2025-02-15 16:05 - 2021-10-17 07:30 - 000000000 ____D C:\Cakewalk Projects
2025-02-15 10:03 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Wondershare
2025-02-15 10:02 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2025-02-14 19:00 - 2019-08-28 15:50 - 000001024 ____H C:\AMTAG.BIN
2025-02-14 18:59 - 2019-11-15 12:11 - 000000000 ____D C:\ProgramData\AomeiBR
2025-02-14 18:50 - 2019-11-21 10:12 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Wondershare
2025-02-14 18:49 - 2022-02-23 10:49 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-02-14 18:48 - 2019-11-15 20:36 - 000033234 _____ C:\WINDOWS\GA_OF.dat
2025-02-14 18:30 - 2019-11-29 22:18 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Word
2025-02-14 18:00 - 2019-11-15 11:57 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Packages
2025-02-14 17:59 - 2020-09-06 10:30 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\PlaceholderTileLogoFolder
2025-02-04 10:51 - 2024-02-04 11:00 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-04 10:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-04 10:11 - 2019-12-29 16:41 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-04 10:09 - 2021-08-05 11:47 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-04 09:56 - 2020-06-18 19:03 - 000000000 ____D C:\Users\Bruno-PC\.dbus-keyrings
2025-01-31 21:16 - 2019-11-15 23:37 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Skype for Desktop
2025-01-29 13:55 - 2019-11-15 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-01-26 10:11 - 2021-10-07 11:39 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== Fichiers à la racine de certains dossiers ========
2022-12-22 05:25 - 2022-12-22 05:25 - 000000278 _____ () C:\ProgramData\fontcacheev1.dat
2022-06-20 11:55 - 2022-06-20 11:55 - 000051896 _____ () C:\Users\Bruno-PC\AppData\Roaming\Valeurs séparées par une virgule.ADR
2020-03-09 13:51 - 2020-05-08 22:52 - 000034870 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-03-08 12:51 - 2020-03-18 18:53 - 000004655 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterDefault.xml
2020-03-09 14:20 - 2020-03-09 14:22 - 000060110 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterPotatoDefault.xml
2020-01-06 13:05 - 2021-10-13 17:19 - 000000000 _____ () C:\Users\Bruno-PC\AppData\Local\ars.cache
2020-01-06 13:05 - 2021-10-13 17:20 - 000937017 _____ () C:\Users\Bruno-PC\AppData\Local\census.cache
2020-03-31 11:18 - 2025-02-15 16:10 - 000227840 _____ () C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-06 11:50 - 2020-01-06 11:50 - 000000036 _____ () C:\Users\Bruno-PC\AppData\Local\housecall.guid.cache
2022-02-08 14:03 - 2022-02-08 14:03 - 000000001 _____ () C:\Users\Bruno-PC\AppData\Local\llftool.4.40.agreement
2021-06-18 13:24 - 2021-06-18 13:24 - 000000218 _____ () C:\Users\Bruno-PC\AppData\Local\recently-used.xbel
2019-11-23 19:35 - 2022-08-23 09:52 - 000007601 _____ () C:\Users\Bruno-PC\AppData\Local\Resmon.ResmonCfg
2020-01-06 11:54 - 2021-10-13 17:11 - 000000010 _____ () C:\Users\Bruno-PC\AppData\Local\sponge.last.runtime.cache
2022-02-14 16:44 - 2022-02-14 16:44 - 000017408 _____ () C:\Users\Bruno-PC\AppData\Local\WebpageIcons.db
==================== SigCheckExt =========================
2009-07-14 02:25 - 2009-07-14 02:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll
2009-07-14 02:40 - 2009-07-14 02:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll
2020-03-02 13:06 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2020-05-25 11:25 - 2011-03-15 02:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLGE.DLL
2020-03-02 13:05 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLHE.DLL
2020-05-25 11:25 - 2013-10-22 03:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLGE.DLL
2020-03-02 13:06 - 2013-10-22 04:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLHE.DLL
2020-07-09 20:56 - 2012-06-20 16:38 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71u.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp70.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr70.dll
2020-07-09 20:56 - 2012-06-20 16:38 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2009-07-14 02:41 - 2009-07-14 02:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2015-03-17 01:34 - 2015-03-17 01:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2019-11-15 20:11 - 2006-02-24 10:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2019-11-15 20:11 - 2006-02-24 10:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-11-15 20:11 - 2006-11-30 15:49 - 000368640 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll
2019-11-15 20:11 - 2004-04-13 14:48 - 000233472 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll
2000-10-02 05:00 - 2000-10-02 05:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll
2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
1998-07-12 23:00 - 1998-07-12 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL
2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe
2024-11-11 12:58 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Bruno-PC\Desktop\NUX Cerberus Editor Software V5.exe
2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe
2021-06-26 17:15 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Public\Documents\NUX Cerberus Editor Software V5.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{e696539b-b3ae-11e9-9a36-a605b37a7623}
{64ea0c33-2aee-11ee-876d-806e6f6e6963}
{e6965399-b3ae-11e9-9a36-a605b37a7623}
timeout 1
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 10
Application logicielle (101fffff)
--------------------------------
identificateur {64ea0c33-2aee-11ee-876d-806e6f6e6963}
description CD/DVD Drive
Application logicielle (101fffff)
--------------------------------
identificateur {e6965399-b3ae-11e9-9a36-a605b37a7623}
description UEFI: Built-in EFI Shell
Application logicielle (101fffff)
--------------------------------
identificateur {e696539b-b3ae-11e9-9a36-a605b37a7623}
description Hard Drive
Chargeur de démarrage Windows
-----------------------------
identificateur {5ba00359-d898-449e-84a8-08e0f7105c98}
device ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e}
description Aomei PE
osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e}
systemroot \Windows
detecthal Yes
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {7d7ee9c5-f5e2-11eb-9534-d93a98a57031}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {15f11bcf-af88-41e9-93d3-e091daa8ac0e}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {49600bd6-37c4-48b1-8db7-36f46010b9e0}
ramdisksdidevice partition=C:
ramdisksdipath \Aomei\AomeiBoot.sdi
Options de périphérique
-----------------------
identificateur {7d7ee9c8-f5e2-11eb-9534-d93a98a57031}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Macrium Reflect System Recovery
ramdisksdidevice partition=C:
ramdisksdipath \boot\Macrium\boot.sdi
==================== Fin de FRST.txt ========================