Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2025 Exécuté par Bruno-PC (administrateur) sur BRUNO-PC (MSI MS-7850) (20-02-2025 11:47:14) Exécuté depuis C:\Users\Bruno-PC\Desktop\FRST64.exe Profils chargés: Bruno-PC Plate-forme: Microsoft Windows 10 Entreprise Version 22H2 19045.5371 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (explorer.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8> (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6> (explorer.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Run: [MicrosoftEdgeAutoLaunch_90787E1C53F19B549C0194705DAEAE1E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-191472196-2171759857-831586721-1001\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.89\Installer\chrmstp.exe [2024-08-02] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction - Edge <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {6F18459A-7367-4D47-B092-5EE774D1AB1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {36D88AB0-B556-44CF-BEB0-31E92498A7DE} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-4RGM02B-Bruno-PC => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {7AB4EBCE-BFD4-4275-89CE-2054AFA807D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.) Task: {53952460-D647-43E7-97D5-5C3E61D9BA60} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5974480 2025-01-04] (Microsoft Windows -> Microsoft Corporation) Task: {77164A81-5FE7-469A-BE41-C316F1625612} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{7C26854F-81AE-4D0D-8C7C-C143654A0BB5} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC) Task: {87DF43FA-E5AB-418E-8E1F-E789023807B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.) Task: {F4A08963-54AC-49EC-B54D-C018091DD8FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN1657W1P6 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.) Task: {EA46588A-A6FD-4411-9E7F-9E75787369D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145440 2022-01-20] (HP Inc. -> HP Inc.) Task: {205A0AFC-AA28-47D9-A130-89FE95D9CDBC} - System32\Tasks\HPCustParticipation HP DeskJet 2700 series => C:\Program Files\HP\HP DeskJet 2700 series\Bin\HPCustPartic.exe [6732960 2022-01-25] (HP Inc. -> HP Inc.) Task: {15BC6B3E-B608-482A-8BC2-167F0A35FD38} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {FBEC8A64-424C-40DF-8920-CB841D93EA17} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {463C3242-8401-48BA-89C2-4730DD6037BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation) Task: {E65ADEDF-C3EB-4ABC-A1EF-512A180E1919} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation) Task: {A0A22B77-27EC-4321-902A-1310865750CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {8322FE52-A347-42F2-9EC8-225EF8573F90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {4D439283-CB00-43BD-968C-3E399B41A8C7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [194672 2025-02-14] (Microsoft Corporation -> Microsoft Corporation) Task: {80174B2E-E9E5-4129-9661-360D66A95450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {93564992-A7C5-431F-A379-2C90E3266717} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {574A5823-92F9-4D7B-A247-3B38B9DBE7FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2F591FA0-0E12-4676-8718-22804ECCB2B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A558A63C-5A76-4360-99B1-8BF92F95EA17} - System32\Tasks\StartRPCService => C:\WINDOWS\system32\NET.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {EEC3964E-CB6B-43A0-BAAB-5861755EA05C} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1bb0ce06-3b66-4f2b-9fa7-5b84d5f2b08e}\7416C616879702359346337343: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{a1b52e5d-729d-4565-a330-af73b397ff6f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bc10b380-aa03-4c75-ba9b-b7571906dacc}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Profile: C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-20] Edge Extension: (Pushbullet) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-04-20] Edge Extension: (JSON Viewer) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2021-04-16] Edge Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-15] Edge Extension: (Edge relevant text changes) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (Social Video Downloader) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-04-16] Edge Extension: (Jitsi Meetings) - C:\Users\Bruno-PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kglhbbefdnlheedjiejgomgmfplipfeb [2024-06-06] FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-02-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default [2025-02-20] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-19] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2025-02-19] CHR Extension: (Web Safety) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2025-02-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-02-19] CHR Profile: C:\Users\Bruno-PC\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-16] CHR HKU\S-1-5-21-191472196-2171759857-831586721-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617384 2025-02-08] (Microsoft Corporation -> Microsoft Corporation) S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60352 2025-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S4 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [756216 2022-01-20] (HP Inc. -> HP Inc.) S4 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.) S4 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [753184 2022-01-20] (HP Inc. -> HP Inc.) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-01-15] (HP Inc. -> HP Inc.) S4 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [755192 2022-01-20] (HP Inc. -> HP Inc.) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9483456 2025-02-20] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-20] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [Fichier non signé] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S4 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{3E71D36D-D641-4653-B088-57397EE1C915} [22384 2023-12-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-02-17] (Wondershare Technology Co.,Ltd -> Wondershare) S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) S4 DFWSIDService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\WsidService.exe [X] S4 ElevationService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\ElevationService.exe [X] S4 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation S4 WirelessBackupService; C:\Program Files (x86)\Wondershare\Dr.Fone - Sauvegarde de téléphone (iOS)\Addins\Backup\WirelessBackupService.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2024-04-12] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [75848 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [55352 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [565456 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 euimgprt; C:\WINDOWS\System32\DRIVERS\euimgprt.sys [45776 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EUSSRDVR; C:\WINDOWS\System32\drivers\EUSSRDVR.sys [119512 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 L6UX2; C:\WINDOWS\System32\Drivers\L6UX264.sys [784872 2019-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Line 6) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl574c1519; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B7C8230-C0A2-4D80-9E9F-8D106B5FA870}\MpKslDrv.sys [267552 2025-02-20] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.) R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174016 2020-06-04] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-02-20 11:44 - 2025-02-20 11:44 - 000304145 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.html 2025-02-20 11:44 - 2025-02-20 11:44 - 000236249 _____ C:\Users\Bruno-PC\Desktop\ZHPDiag.txt 2025-02-20 11:07 - 2025-02-20 11:07 - 000003969 _____ C:\Users\Bruno-PC\Desktop\Malwarebytes Compte-rendu d’analyse 2025-02-20 105117.txt 2025-02-20 10:50 - 2025-02-20 11:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Malwarebytes 2025-02-20 10:50 - 2025-02-20 10:50 - 000002111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2025-02-20 10:50 - 2025-02-20 10:50 - 000002099 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\ProgramData\Malwarebytes 2025-02-20 10:50 - 2025-02-20 10:50 - 000000000 ____D C:\Program Files\Malwarebytes 2025-02-20 10:43 - 2025-02-20 10:43 - 000003285 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[C00].txt 2025-02-20 10:41 - 2025-02-20 10:41 - 000002728 _____ C:\Users\Bruno-PC\Desktop\AdwCleaner[S00].txt 2025-02-20 10:39 - 2025-02-20 10:43 - 000000000 ____D C:\AdwCleaner 2025-02-19 23:09 - 2025-02-19 23:09 - 000079110 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (R).txt 2025-02-19 23:03 - 2025-02-19 23:03 - 000079497 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner (S).txt 2025-02-19 22:54 - 2025-02-19 22:54 - 000000926 _____ C:\Users\Bruno-PC\Desktop\ZHPCleaner.lnk 2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe 2025-02-19 21:06 - 2025-02-19 21:06 - 000071172 _____ C:\Users\Bruno-PC\Desktop\Shortcut.txt 2025-02-19 21:04 - 2025-02-19 21:06 - 000088232 _____ C:\Users\Bruno-PC\Desktop\Addition.txt 2025-02-19 21:02 - 2025-02-20 11:47 - 000023860 _____ C:\Users\Bruno-PC\Desktop\FRST.txt 2025-02-19 21:01 - 2025-02-20 11:47 - 000000000 ____D C:\FRST 2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe 2025-02-19 20:37 - 2025-02-20 11:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\ZHP 2025-02-19 20:37 - 2025-02-19 22:54 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\ZHP 2025-02-19 20:37 - 2025-02-19 20:37 - 000000914 _____ C:\Users\Bruno-PC\Desktop\ZHPSuite.lnk 2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_données.txt 2025-02-19 18:53 - 2025-02-19 18:53 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_backups.txt 2025-02-19 18:52 - 2025-02-19 18:52 - 000023839 _____ C:\Users\Bruno-PC\Documents\CrystalDiskInfo_système.txt 2025-02-18 12:12 - 2025-01-20 21:26 - 001406416 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2025-02-18 12:11 - 2025-02-18 12:11 - 000000000 ____D C:\Users\Bruno-PC\Desktop\DriversCloud_Install 2025-02-18 12:06 - 2025-02-19 22:40 - 000000000 ____D C:\Program Files\Cybelsoft 2025-02-15 17:37 - 2025-02-15 17:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2025-02-14 19:00 - 2025-02-14 19:00 - 000001229 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 10.7.0.lnk 2025-02-14 19:00 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant 2025-02-14 19:00 - 2024-11-27 09:29 - 002566896 _____ C:\WINDOWS\ampa.exe 2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys 2025-02-14 19:00 - 2024-04-12 20:59 - 000038320 _____ C:\WINDOWS\system32\ampa.sys 2025-02-14 19:00 - 2024-04-12 20:57 - 001332728 _____ C:\WINDOWS\ddmmain.exe 2025-02-14 19:00 - 2024-04-12 20:57 - 000035760 _____ C:\WINDOWS\system32\ddmdrv.sys 2025-02-14 18:59 - 2025-02-14 19:01 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant 2025-02-14 18:59 - 2025-02-14 19:00 - 000000000 ____D C:\ProgramData\AOMEIPA 2025-02-14 18:59 - 2025-02-14 18:59 - 000000000 ____D C:\ProgramData\boost_interprocess 2025-02-14 18:49 - 2025-02-15 10:02 - 000000000 ____D C:\Program Files\Wondershare 2025-02-14 17:58 - 2025-02-14 17:58 - 000093936 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys 2025-02-14 17:58 - 2025-02-14 17:58 - 000079840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys 2025-02-14 17:26 - 2025-02-14 18:11 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODL 2025-02-14 17:26 - 2025-02-14 17:26 - 000001416 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free.lnk 2025-02-14 17:26 - 2025-02-14 17:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 2025-02-14 17:26 - 2024-07-11 14:06 - 000119512 _____ C:\WINDOWS\system32\Drivers\EUSSRDVR.sys 2025-02-14 17:25 - 2025-01-03 01:19 - 000029632 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe 2025-02-14 17:25 - 2024-07-11 14:06 - 000045776 _____ C:\WINDOWS\system32\Drivers\euimgprt.sys 2025-02-04 10:51 - 2025-02-04 10:51 - 000487424 ___SH C:\EUMONBMP.SYS 2025-02-04 10:03 - 2025-02-04 10:03 - 000000000 ___HD C:\$WinREAgent 2025-01-06 12:01 - 2025-01-06 12:01 - 000134082 _____ C:\Users\Bruno-PC\Desktop\CalendrierPaiement.pdf 2025-01-04 13:32 - 2025-01-04 13:32 - 000001097 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2025-01-04 13:30 - 2025-01-04 13:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-01-04 10:30 - 2025-01-04 10:30 - 000004096 ___SH C:\{0F2AC79D-A978-4B35-AC1D-21F4B1A24A23}.CBM 2025-01-04 10:15 - 2025-02-04 09:49 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODI 2025-01-04 10:14 - 2024-07-11 14:06 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.6 2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2025-01-04 10:05 - 2025-01-04 10:05 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\RadiantViewer 2025-01-03 17:24 - 2025-01-03 17:24 - 000000000 ____D C:\ProgramData\RadiantViewer 2024-12-21 16:37 - 2024-12-21 16:37 - 000001927 _____ C:\Users\Public\Desktop\Cakewalk by BandLab.lnk 2024-12-05 18:47 - 2025-01-04 10:10 - 000000048 _____ C:\WINDOWS\SysWOW64\EUTB.TODF 2024-12-05 18:47 - 2024-11-14 11:09 - 000565456 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys.5 2024-11-25 12:35 - 2024-11-25 12:35 - 000000028 _____ C:\Users\Bruno-PC\Desktop\IRM.txt ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-02-20 11:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2025-02-20 11:40 - 2021-06-19 11:34 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Everything 2025-02-20 11:38 - 2021-08-05 11:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-02-20 10:59 - 2023-05-20 20:13 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\t5AHDrZvgzCN 2025-02-20 10:59 - 2020-01-11 15:13 - 000000000 ____D C:\Program Files (x86)\FormatFactory 2025-02-20 10:50 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-02-20 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2025-02-20 10:43 - 2023-08-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2025-02-20 10:43 - 2023-08-09 13:21 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Samsung 2025-02-20 10:43 - 2023-08-09 13:20 - 000000000 ____D C:\Program Files (x86)\Samsung 2025-02-20 10:43 - 2022-01-24 19:40 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Hewlett-Packard 2025-02-20 10:43 - 2022-01-24 19:21 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2025-02-20 10:43 - 2022-01-24 19:20 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2025-02-20 10:40 - 2021-08-05 11:52 - 000005814 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-02-20 10:40 - 2019-12-07 15:49 - 009214850 _____ C:\WINDOWS\system32\perfh00C.dat 2025-02-20 10:40 - 2019-12-07 15:49 - 002692416 _____ C:\WINDOWS\system32\perfc00C.dat 2025-02-20 10:35 - 2024-11-01 11:39 - 000008192 ___SH C:\DumpStack.log.tmp 2025-02-20 10:35 - 2021-08-05 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-02-20 10:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-02-19 23:13 - 2021-08-05 11:46 - 000000000 ____D C:\Users\Bruno-PC 2025-02-19 23:13 - 2021-06-19 22:44 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Everything 2025-02-19 23:13 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-02-19 23:07 - 2020-03-23 14:55 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls 2025-02-19 22:45 - 2021-06-14 11:22 - 000000000 ____D C:\Program Files (x86)\Java 2025-02-19 20:40 - 2020-07-08 11:42 - 000000000 ____D C:\Program Files\BIAS FX 2 Application (64bit) 2025-02-19 12:23 - 2023-04-20 22:07 - 006291456 ____H C:\Users\Bruno-PC\AppData\Local\IconCache.db.backup 2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-02-19 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-02-18 16:53 - 2019-12-29 16:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-02-18 12:12 - 2021-11-07 19:40 - 000000000 ____D C:\Program Files (x86)\Realtek 2025-02-18 12:08 - 2022-01-02 10:38 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-02-18 12:06 - 2022-06-06 08:58 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\CrashDumps 2025-02-18 12:06 - 2021-07-19 07:06 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Cybelsoft 2025-02-18 12:03 - 2022-12-10 10:00 - 000000000 ____D C:\ProgramData\BrightData 2025-02-18 12:03 - 2022-07-24 11:43 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\luminati 2025-02-18 12:01 - 2022-12-10 10:01 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Unknown Organization 2025-02-16 09:43 - 2021-04-16 15:09 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-02-15 17:38 - 2021-02-22 15:23 - 000000000 ____D C:\Program Files\Microsoft Office 2025-02-15 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2025-02-15 16:10 - 2020-03-31 11:18 - 000227840 _____ C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2025-02-15 16:05 - 2021-10-17 07:30 - 000000000 ____D C:\Cakewalk Projects 2025-02-15 10:03 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Wondershare 2025-02-15 10:02 - 2019-11-21 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2025-02-14 19:00 - 2019-08-28 15:50 - 000001024 ____H C:\AMTAG.BIN 2025-02-14 18:59 - 2019-11-15 12:11 - 000000000 ____D C:\ProgramData\AomeiBR 2025-02-14 18:50 - 2019-11-21 10:12 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Wondershare 2025-02-14 18:49 - 2022-02-23 10:49 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2025-02-14 18:48 - 2019-11-15 20:36 - 000033234 _____ C:\WINDOWS\GA_OF.dat 2025-02-14 18:30 - 2019-11-29 22:18 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Word 2025-02-14 18:00 - 2019-11-15 11:57 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\Packages 2025-02-14 17:59 - 2020-09-06 10:30 - 000000000 ____D C:\Users\Bruno-PC\AppData\Local\PlaceholderTileLogoFolder 2025-02-04 10:51 - 2024-02-04 11:00 - 000000000 ____D C:\WINDOWS\system32\config\regsave 2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2025-02-04 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-02-04 10:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-02-04 10:11 - 2019-12-29 16:41 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2025-02-04 10:09 - 2021-08-05 11:47 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-02-04 09:56 - 2020-06-18 19:03 - 000000000 ____D C:\Users\Bruno-PC\.dbus-keyrings 2025-01-31 21:16 - 2019-11-15 23:37 - 000000000 ____D C:\Users\Bruno-PC\AppData\Roaming\Microsoft\Skype for Desktop 2025-01-29 13:55 - 2019-11-15 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2025-01-26 10:11 - 2021-10-07 11:39 - 000000000 ____D C:\Program Files\HPPrintScanDoctor ==================== Fichiers à la racine de certains dossiers ======== 2022-12-22 05:25 - 2022-12-22 05:25 - 000000278 _____ () C:\ProgramData\fontcacheev1.dat 2022-06-20 11:55 - 2022-06-20 11:55 - 000051896 _____ () C:\Users\Bruno-PC\AppData\Roaming\Valeurs séparées par une virgule.ADR 2020-03-09 13:51 - 2020-05-08 22:52 - 000034870 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterBananaDefault.xml 2020-03-08 12:51 - 2020-03-18 18:53 - 000004655 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterDefault.xml 2020-03-09 14:20 - 2020-03-09 14:22 - 000060110 _____ () C:\Users\Bruno-PC\AppData\Roaming\VoiceMeeterPotatoDefault.xml 2020-01-06 13:05 - 2021-10-13 17:19 - 000000000 _____ () C:\Users\Bruno-PC\AppData\Local\ars.cache 2020-01-06 13:05 - 2021-10-13 17:20 - 000937017 _____ () C:\Users\Bruno-PC\AppData\Local\census.cache 2020-03-31 11:18 - 2025-02-15 16:10 - 000227840 _____ () C:\Users\Bruno-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-01-06 11:50 - 2020-01-06 11:50 - 000000036 _____ () C:\Users\Bruno-PC\AppData\Local\housecall.guid.cache 2022-02-08 14:03 - 2022-02-08 14:03 - 000000001 _____ () C:\Users\Bruno-PC\AppData\Local\llftool.4.40.agreement 2021-06-18 13:24 - 2021-06-18 13:24 - 000000218 _____ () C:\Users\Bruno-PC\AppData\Local\recently-used.xbel 2019-11-23 19:35 - 2022-08-23 09:52 - 000007601 _____ () C:\Users\Bruno-PC\AppData\Local\Resmon.ResmonCfg 2020-01-06 11:54 - 2021-10-13 17:11 - 000000010 _____ () C:\Users\Bruno-PC\AppData\Local\sponge.last.runtime.cache 2022-02-14 16:44 - 2022-02-14 16:44 - 000017408 _____ () C:\Users\Bruno-PC\AppData\Local\WebpageIcons.db ==================== SigCheckExt ========================= 2009-07-14 02:25 - 2009-07-14 02:25 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CardGames.dll 2009-07-14 02:40 - 2009-07-14 02:40 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmncliM.dll 2020-03-02 13:06 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2020-05-25 11:25 - 2011-03-15 02:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLGE.DLL 2020-03-02 13:05 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLHE.DLL 2020-05-25 11:25 - 2013-10-22 03:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLGE.DLL 2020-03-02 13:06 - 2013-10-22 04:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLHE.DLL 2020-07-09 20:56 - 2012-06-20 16:38 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll 2020-07-09 20:56 - 2012-06-20 16:38 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71u.dll 2020-07-09 20:56 - 2012-06-20 16:38 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp70.dll 2020-07-09 20:56 - 2012-06-20 16:38 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll 2020-07-09 20:56 - 2012-06-20 16:38 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr70.dll 2020-07-09 20:56 - 2012-06-20 16:38 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2009-07-14 02:41 - 2009-07-14 02:41 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\zgmprxy.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2007-04-27 09:43 - 2007-04-27 09:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL 2015-03-17 01:34 - 2015-03-17 01:34 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL 2019-11-15 20:11 - 2006-02-24 10:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2019-11-15 20:11 - 2006-02-24 10:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2019-11-15 20:11 - 2006-11-30 15:49 - 000368640 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll 2019-11-15 20:11 - 2004-04-13 14:48 - 000233472 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll 2000-10-02 05:00 - 2000-10-02 05:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll 2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 1998-07-12 23:00 - 1998-07-12 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL 2025-02-19 20:59 - 2025-02-19 21:00 - 002403840 _____ (Farbar) C:\Users\Bruno-PC\Desktop\FRST64.exe 2024-11-11 12:58 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Bruno-PC\Desktop\NUX Cerberus Editor Software V5.exe 2025-02-19 22:52 - 2025-02-19 22:52 - 003366088 _____ (Nicolas Coolman) C:\Users\Bruno-PC\Desktop\ZHPCleaner.exe 2021-06-26 17:15 - 2019-06-11 11:21 - 011353088 _____ (Cherub Technology Co.,Ltd All Right Reserved.) C:\Users\Public\Documents\NUX Cerberus Editor Software V5.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {e696539b-b3ae-11e9-9a36-a605b37a7623} {64ea0c33-2aee-11ee-876d-806e6f6e6963} {e6965399-b3ae-11e9-9a36-a605b37a7623} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031} displayorder {current} toolsdisplayorder {memdiag} timeout 10 Application logicielle (101fffff) -------------------------------- identificateur {64ea0c33-2aee-11ee-876d-806e6f6e6963} description CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {e6965399-b3ae-11e9-9a36-a605b37a7623} description UEFI: Built-in EFI Shell Application logicielle (101fffff) -------------------------------- identificateur {e696539b-b3ae-11e9-9a36-a605b37a7623} description Hard Drive Chargeur de démarrage Windows ----------------------------- identificateur {5ba00359-d898-449e-84a8-08e0f7105c98} device ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e} description Aomei PE osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{15f11bcf-af88-41e9-93d3-e091daa8ac0e} systemroot \Windows detecthal Yes winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {7d7ee9c5-f5e2-11eb-9534-d93a98a57031} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {7d7ee9c7-f5e2-11eb-9534-d93a98a57031} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{7d7ee9c8-f5e2-11eb-9534-d93a98a57031} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {7d7ee9c5-f5e2-11eb-9534-d93a98a57031} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {7d7ee9c7-f5e2-11eb-9534-d93a98a57031} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {15f11bcf-af88-41e9-93d3-e091daa8ac0e} ramdisksdidevice partition=C: ramdisksdipath \Aomei\AomeiBoot.sdi Options de périphérique ----------------------- identificateur {49600bd6-37c4-48b1-8db7-36f46010b9e0} ramdisksdidevice partition=C: ramdisksdipath \Aomei\AomeiBoot.sdi Options de périphérique ----------------------- identificateur {7d7ee9c8-f5e2-11eb-9534-d93a98a57031} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Macrium Reflect System Recovery ramdisksdidevice partition=C: ramdisksdipath \boot\Macrium\boot.sdi ==================== Fin de FRST.txt ========================