Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-06-2020
Exécuté par Entreprise DB (administrateur) sur ENTREPRISEDB-PC (28-06-2020 15:22:33)
Exécuté depuis C:\Users\Entreprise DB\Desktop
Profils chargés: Entreprise DB
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2018-09-12] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON AL-C300DN Advanced 64MonitorBE: C:\Windows\system32\E_4LMBAAE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor86: C:\Windows\system32\E_L12086.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PX830 Series 64MonitorBE: C:\Windows\system32\E_ILMHOE.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2019-09-04] (Softland) [Fichier non signé] [Fichier en cours d'utilisation]
BootExecute:
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4271DF70-7CF3-4A75-9A7C-AE39A9AAD9C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4A354486-97C4-43B1-BD46-5E194801EEAA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DA9C7B5-41C4-46C0-9E43-343F6023675C} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {BD12E76D-98DE-41EC-9108-D7878EFDA71A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Internet Explorer:
==================
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: fu63a1kn.default
FF ProfilePath: C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default [2020-06-28]
FF Homepage: Mozilla\Firefox\Profiles\fu63a1kn.default -> hxxps://www.qwant.com/?client=ext-firefox-hp
FF HomepageOverride: Mozilla\Firefox\Profiles\fu63a1kn.default -> Enabled: qwantcomforfirefox@jetpack
FF Extension: (Signal Spam) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@addonsignalspam.xpi [2020-03-22]
FF Extension: (Facebook Container) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@contain-facebook.xpi [2020-04-19]
FF Extension: (Google search link fix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-06-13]
FF Extension: (Oui) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\qwantcomforfirefox@jetpack.xpi [2020-06-18]
FF Extension: (uBlock Origin) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\uBlock0@raymondhill.net.xpi [2020-06-08]
FF Extension: (Flagfox) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-05-30]
FF Extension: (Temp Mail - E-mail temporaire disponible) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{2d97895d-fcd3-41ab-82e6-6a1d4d2243f6}.xpi [2019-12-04]
FF Extension: (Chameleon) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2020-06-23]
FF Extension: (YouTube Pauser) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{5be9b9df-c6df-4605-89f2-492981239525}.xpi [2019-12-15]
FF Extension: (Eviter les redirections Google Search) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{66ae1871-3b03-4157-96a1-dd82f8a5a045}.xpi [2018-12-28]
FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi.zip [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (NoScript) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-06-23]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2020-05-30]
FF Extension: (Google Analytics Blocker) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2018-12-28]
FF Extension: (View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google, Bing, Yandex, Gigablast, WebCite, Sogou, Memento, Naver and Yahoo Japan.) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{d07ccf11-c0cd-4938-a265-2a4d6ad01189}.xpi [2020-06-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2018-12-28] []
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-31] (Malwarebytes Inc -> Malwarebytes)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-09-04] (Softland SRL -> Microsoft)
R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S2 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-11-01] (Reason Software Company Inc. -> Reason Software Company Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S3 TweakingRemoveSafeBoot; C:\Users\Entreprise DB\Desktop\Windows Repair Portable\Tweaking.com - Windows Repair\files\TweakingRemoveSafeBoot_64.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [196456 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [120432 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
U5 osadevprotect; C:\Windows\system32\drivers\osadevprotect.sys [15040 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U5 OSArmorDevDrv; C:\Windows\system32\drivers\OSArmorDevDrv.sys [16064 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [223680 2019-10-17] (Invincea, Inc. -> Sandboxie Holdings, LLC)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-10-18] (Adlice -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-06-28 15:22 - 2020-06-28 15:23 - 000021297 _____ C:\Users\Entreprise DB\Desktop\FRST.txt
2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-06-28 15:19 - 2020-06-28 15:19 - 000000000 ___HD C:\Windows\AxInstSV
2020-06-28 15:18 - 2020-06-28 15:18 - 000196456 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-06-28 15:18 - 2020-06-28 15:18 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-06-28 15:18 - 2020-06-28 15:18 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\IGDump
2020-06-28 15:17 - 2020-06-28 15:17 - 000120432 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-06-27 18:24 - 2020-06-27 18:24 - 000132672 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.txt
2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
2020-06-27 15:55 - 2020-06-27 15:55 - 000002838 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-27 07:40 - 2020-06-27 07:40 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-09 02:07 - 2020-06-09 02:16 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-28 18:30 - 2020-05-28 18:32 - 045769539 _____ C:\Users\Entreprise DB\Desktop\Husqvarna_VIKING_Accessory_User_s_Guide_-_French.pdf
2020-05-15 19:47 - 2020-05-15 19:47 - 000182178 _____ C:\Users\Entreprise DB\Desktop\document.pdf
2020-05-12 01:44 - 2020-05-12 01:44 - 000072067 _____ C:\Users\Entreprise DB\Desktop\11-05-2020-Déclaration-déplacement-FR-pdf.pdf
2020-05-10 01:40 - 2020-05-10 01:40 - 000569736 _____ C:\Users\Entreprise DB\Desktop\nuancier_sabaflex_42_1481116799.pdf
2020-05-10 01:17 - 2020-05-10 01:17 - 002457250 _____ C:\Users\Entreprise DB\Desktop\madeira_aerolock_amp_aeroflock_54_1544540083.pdf
2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\Rizonesoft
2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Program Files\Rizonesoft
2020-05-08 14:55 - 2020-05-08 14:54 - 004864129 _____ C:\Users\Entreprise DB\Desktop\Commande console Windows Fichier.pdf
2020-05-07 12:32 - 2014-12-06 06:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe
2020-05-07 01:50 - 2020-05-07 01:50 - 000000862 _____ C:\Windows\system32\termcap
2020-05-07 01:43 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Classic .NET AppPool
2020-05-07 01:43 - 2020-05-07 01:43 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage réseau
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage d'impression
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Modèles
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Mes documents
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Menu Démarrer
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-05-07 01:43 - 2011-04-12 11:27 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Media Center Programs
2020-05-03 01:22 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Entreprise DB\Desktop\Tor Browser
2020-04-25 18:42 - 2020-04-25 18:42 - 000000000 ____D C:\Users\Entreprise DB\RECUP SANDBOXIE
2020-04-23 18:01 - 2020-04-23 18:06 - 000000000 ____D C:\Users\Entreprise DB\Desktop\VIDEO
2020-04-23 02:08 - 2020-05-03 01:22 - 000000817 _____ C:\Users\Entreprise DB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\Users\Public\Desktop\LibreOffice 6.4.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\ProgramData\Desktop\LibreOffice 6.4.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4
2020-04-19 19:51 - 2020-06-24 13:14 - 000002926 _____ C:\Windows\Sandboxie.ini
2020-04-19 19:50 - 2020-04-19 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2020-04-08 00:21 - 2020-04-08 00:21 - 000205552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2020-04-08 00:21 - 2020-04-08 00:21 - 000030960 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll
2020-03-31 19:24 - 2020-04-23 17:16 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-30 20:35 - 2020-03-29 20:50 - 001664743 _____ C:\Users\Entreprise DB\Desktop\2020 03 29 Attestation de déplacement016.pdf
2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Comments.bin
2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Aliases.bin
2020-03-30 17:07 - 2020-03-30 17:07 - 000000004 _____ C:\Users\Entreprise DB\advanced_port_scanner_MAC.bin
2020-03-30 02:45 - 2020-06-21 21:38 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL
2020-03-30 02:45 - 2020-03-30 02:45 - 000000020 ___SH C:\Users\DefaultAppPool.IIS APPPOOL\ntuser.ini
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage réseau
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage d'impression
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Modèles
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Mes documents
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Menu Démarrer
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-03-30 02:45 - 2011-04-12 11:27 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Media Center Programs
2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\Users\Public\Desktop\Document Converter.lnk
2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\ProgramData\Desktop\Document Converter.lnk
2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost
2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\Program Files (x86)\Soft4Boost
2020-03-30 02:24 - 2019-01-04 19:44 - 000799624 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Windows\SysWOW64\htmlayout.dll
2020-03-30 02:24 - 2019-01-04 19:44 - 000111560 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC2.dll
2020-03-30 02:24 - 2019-01-04 19:43 - 001911688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_42.dll
2020-03-30 02:24 - 2019-01-04 19:43 - 000041360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ceutil.dll
2020-03-30 02:24 - 2016-02-17 15:13 - 000038504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2020-03-30 02:24 - 2016-02-17 15:09 - 001714288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-06-28 15:23 - 2019-12-29 02:43 - 000000000 ____D C:\FRST
2020-06-28 15:22 - 2018-12-29 03:33 - 000833638 _____ C:\Windows\system32\perfh00A.dat
2020-06-28 15:22 - 2018-12-29 03:33 - 000197534 _____ C:\Windows\system32\perfc00A.dat
2020-06-28 15:22 - 2018-12-29 00:14 - 000789686 _____ C:\Windows\system32\perfh007.dat
2020-06-28 15:22 - 2018-12-29 00:14 - 000183010 _____ C:\Windows\system32\perfc007.dat
2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-06-28 15:22 - 2011-04-12 11:16 - 000833154 _____ C:\Windows\system32\perfh00C.dat
2020-06-28 15:22 - 2011-04-12 11:16 - 000185176 _____ C:\Windows\system32\perfc00C.dat
2020-06-28 15:22 - 2009-07-14 07:13 - 003952852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-28 15:21 - 2019-10-27 14:51 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\Mozilla
2020-06-28 15:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-28 15:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\inetsrv
2020-06-28 15:17 - 2020-02-03 00:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2020-06-28 15:17 - 2020-02-03 00:11 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2020-06-28 15:17 - 2020-02-03 00:11 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2020-06-28 15:17 - 2019-10-21 02:45 - 000016064 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\OSArmorDevDrv.sys
2020-06-28 15:17 - 2019-10-21 02:45 - 000015040 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\osadevprotect.sys
2020-06-28 15:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-28 15:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-28 00:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-06-27 18:24 - 2019-10-17 19:56 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\ZHP
2020-06-27 18:24 - 2019-09-18 00:39 - 000000135 _____ C:\Users\Entreprise
2020-06-27 15:58 - 2019-09-08 16:20 - 000000000 ___RD C:\Users\Entreprise DB\Desktop\Icônes moins utilisées
2020-06-27 14:41 - 2020-03-25 19:31 - 000000000 ____D C:\Program Files\CCleaner
2020-06-27 14:41 - 2020-03-22 13:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-21 21:17 - 2019-09-14 19:35 - 000000000 ____D C:\Program Files (x86)\TweakNow DriveShortcut
2020-06-18 19:55 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-05-31 20:41 - 2019-11-30 02:15 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\vlc
2020-05-31 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-05-31 17:19 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
==================== Fichiers à la racine de certains dossiers ========
2019-12-08 00:59 - 2020-06-04 10:42 - 000007675 _____ () C:\Users\Entreprise DB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2019-09-04 20:25 - 2019-09-04 20:25 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll
2019-09-04 20:25 - 2019-09-04 20:25 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000075264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000063488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2012-01-23 14:15 - 2012-01-23 14:15 - 000122880 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerAg.dll
2012-01-23 14:15 - 2012-01-23 14:15 - 002478592 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerBe.dll
2019-09-07 19:18 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe
2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000065024 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000056320 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2012-01-23 14:29 - 2012-01-23 14:29 - 000122880 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerAg.dll
2012-01-23 14:29 - 2012-01-23 14:29 - 002478592 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerBe.dll
2018-12-28 16:39 - 2004-06-11 09:34 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6fr.DLL
2019-09-08 15:32 - 2019-10-24 01:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-09-08 15:32 - 2019-10-24 01:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-09-08 15:32 - 2019-10-24 01:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=E:
path \bootmgr
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {314aeaa6-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
osdevice unknown
systemroot \Windows
resumeobject {314aeaa5-0a81-11e9-9024-8a852e30f591}
nx OptIn
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
loadoptions DENABLE_INTEGRITY_CHECKS
testsigning No
osdevice partition=C:
systemroot \Windows
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
Chargeur de d�marrage Windows
-----------------------------
identificateur {9531bfe8-ca4d-4b1c-b706-fb0354d23dfb}
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
device partition=C:
path \Windows\system32\winresume.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {314aeaa5-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=E:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Secteur de d�marrage en mode r�el
---------------------------------
identificateur {314aeaa8-0a81-11e9-9024-8a852e30f591}
device partition=C:
path \amldr.mbr
description AOMEI Backupper
Param�tres EMS
--------------
identificateur {emssettings}
bootems Yes
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {dbff7e90-5c75-4ac4-a742-e6568cf5d32a}
ramdisksdidevice unknown
ramdisksdipath \Aomei\AomeiBoot.sdi
LastRegBack: 2020-06-27 15:32
==================== Fin de FRST.txt ========================
Exécuté par Entreprise DB (administrateur) sur ENTREPRISEDB-PC (28-06-2020 15:22:33)
Exécuté depuis C:\Users\Entreprise DB\Desktop
Profils chargés: Entreprise DB
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe
(NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2018-09-12] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON AL-C300DN Advanced 64MonitorBE: C:\Windows\system32\E_4LMBAAE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor86: C:\Windows\system32\E_L12086.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON PX830 Series 64MonitorBE: C:\Windows\system32\E_ILMHOE.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2019-09-04] (Softland) [Fichier non signé] [Fichier en cours d'utilisation]
BootExecute:
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {4271DF70-7CF3-4A75-9A7C-AE39A9AAD9C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4A354486-97C4-43B1-BD46-5E194801EEAA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DA9C7B5-41C4-46C0-9E43-343F6023675C} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft)
Task: {BD12E76D-98DE-41EC-9108-D7878EFDA71A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Internet Explorer:
==================
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: fu63a1kn.default
FF ProfilePath: C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default [2020-06-28]
FF Homepage: Mozilla\Firefox\Profiles\fu63a1kn.default -> hxxps://www.qwant.com/?client=ext-firefox-hp
FF HomepageOverride: Mozilla\Firefox\Profiles\fu63a1kn.default -> Enabled: qwantcomforfirefox@jetpack
FF Extension: (Signal Spam) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@addonsignalspam.xpi [2020-03-22]
FF Extension: (Facebook Container) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@contain-facebook.xpi [2020-04-19]
FF Extension: (Google search link fix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-06-13]
FF Extension: (Oui) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\qwantcomforfirefox@jetpack.xpi [2020-06-18]
FF Extension: (uBlock Origin) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\uBlock0@raymondhill.net.xpi [2020-06-08]
FF Extension: (Flagfox) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-05-30]
FF Extension: (Temp Mail - E-mail temporaire disponible) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{2d97895d-fcd3-41ab-82e6-6a1d4d2243f6}.xpi [2019-12-04]
FF Extension: (Chameleon) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2020-06-23]
FF Extension: (YouTube Pauser) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{5be9b9df-c6df-4605-89f2-492981239525}.xpi [2019-12-15]
FF Extension: (Eviter les redirections Google Search) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{66ae1871-3b03-4157-96a1-dd82f8a5a045}.xpi [2018-12-28]
FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi.zip [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (NoScript) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-06-23]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2020-05-30]
FF Extension: (Google Analytics Blocker) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2018-12-28]
FF Extension: (View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google, Bing, Yandex, Gigablast, WebCite, Sogou, Memento, Naver and Yahoo Japan.) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{d07ccf11-c0cd-4938-a265-2a4d6ad01189}.xpi [2020-06-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2018-12-28] []
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-31] (Malwarebytes Inc -> Malwarebytes)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-09-04] (Softland SRL -> Microsoft)
R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S2 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-11-01] (Reason Software Company Inc. -> Reason Software Company Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S3 TweakingRemoveSafeBoot; C:\Users\Entreprise DB\Desktop\Windows Repair Portable\Tweaking.com - Windows Repair\files\TweakingRemoveSafeBoot_64.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [196456 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [120432 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
U5 osadevprotect; C:\Windows\system32\drivers\osadevprotect.sys [15040 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
U5 OSArmorDevDrv; C:\Windows\system32\drivers\OSArmorDevDrv.sys [16064 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [223680 2019-10-17] (Invincea, Inc. -> Sandboxie Holdings, LLC)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-10-18] (Adlice -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-06-28 15:22 - 2020-06-28 15:23 - 000021297 _____ C:\Users\Entreprise DB\Desktop\FRST.txt
2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-06-28 15:19 - 2020-06-28 15:19 - 000000000 ___HD C:\Windows\AxInstSV
2020-06-28 15:18 - 2020-06-28 15:18 - 000196456 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-06-28 15:18 - 2020-06-28 15:18 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-06-28 15:18 - 2020-06-28 15:18 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\IGDump
2020-06-28 15:17 - 2020-06-28 15:17 - 000120432 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-06-27 18:24 - 2020-06-27 18:24 - 000132672 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.txt
2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
2020-06-27 15:55 - 2020-06-27 15:55 - 000002838 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-27 07:40 - 2020-06-27 07:40 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-09 02:07 - 2020-06-09 02:16 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-28 18:30 - 2020-05-28 18:32 - 045769539 _____ C:\Users\Entreprise DB\Desktop\Husqvarna_VIKING_Accessory_User_s_Guide_-_French.pdf
2020-05-15 19:47 - 2020-05-15 19:47 - 000182178 _____ C:\Users\Entreprise DB\Desktop\document.pdf
2020-05-12 01:44 - 2020-05-12 01:44 - 000072067 _____ C:\Users\Entreprise DB\Desktop\11-05-2020-Déclaration-déplacement-FR-pdf.pdf
2020-05-10 01:40 - 2020-05-10 01:40 - 000569736 _____ C:\Users\Entreprise DB\Desktop\nuancier_sabaflex_42_1481116799.pdf
2020-05-10 01:17 - 2020-05-10 01:17 - 002457250 _____ C:\Users\Entreprise DB\Desktop\madeira_aerolock_amp_aeroflock_54_1544540083.pdf
2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\Rizonesoft
2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Program Files\Rizonesoft
2020-05-08 14:55 - 2020-05-08 14:54 - 004864129 _____ C:\Users\Entreprise DB\Desktop\Commande console Windows Fichier.pdf
2020-05-07 12:32 - 2014-12-06 06:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe
2020-05-07 01:50 - 2020-05-07 01:50 - 000000862 _____ C:\Windows\system32\termcap
2020-05-07 01:43 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Classic .NET AppPool
2020-05-07 01:43 - 2020-05-07 01:43 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage réseau
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage d'impression
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Modèles
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Mes documents
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Menu Démarrer
2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-05-07 01:43 - 2011-04-12 11:27 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Media Center Programs
2020-05-03 01:22 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Entreprise DB\Desktop\Tor Browser
2020-04-25 18:42 - 2020-04-25 18:42 - 000000000 ____D C:\Users\Entreprise DB\RECUP SANDBOXIE
2020-04-23 18:01 - 2020-04-23 18:06 - 000000000 ____D C:\Users\Entreprise DB\Desktop\VIDEO
2020-04-23 02:08 - 2020-05-03 01:22 - 000000817 _____ C:\Users\Entreprise DB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\Users\Public\Desktop\LibreOffice 6.4.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\ProgramData\Desktop\LibreOffice 6.4.lnk
2020-04-20 01:40 - 2020-04-20 01:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4
2020-04-19 19:51 - 2020-06-24 13:14 - 000002926 _____ C:\Windows\Sandboxie.ini
2020-04-19 19:50 - 2020-04-19 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2020-04-08 00:21 - 2020-04-08 00:21 - 000205552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2020-04-08 00:21 - 2020-04-08 00:21 - 000030960 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll
2020-03-31 19:24 - 2020-04-23 17:16 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-30 20:35 - 2020-03-29 20:50 - 001664743 _____ C:\Users\Entreprise DB\Desktop\2020 03 29 Attestation de déplacement016.pdf
2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Comments.bin
2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Aliases.bin
2020-03-30 17:07 - 2020-03-30 17:07 - 000000004 _____ C:\Users\Entreprise DB\advanced_port_scanner_MAC.bin
2020-03-30 02:45 - 2020-06-21 21:38 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL
2020-03-30 02:45 - 2020-03-30 02:45 - 000000020 ___SH C:\Users\DefaultAppPool.IIS APPPOOL\ntuser.ini
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage réseau
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage d'impression
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Modèles
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Mes documents
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Menu Démarrer
2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2020-03-30 02:45 - 2011-04-12 11:27 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Media Center Programs
2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\Users\Public\Desktop\Document Converter.lnk
2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\ProgramData\Desktop\Document Converter.lnk
2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost
2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\Program Files (x86)\Soft4Boost
2020-03-30 02:24 - 2019-01-04 19:44 - 000799624 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Windows\SysWOW64\htmlayout.dll
2020-03-30 02:24 - 2019-01-04 19:44 - 000111560 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC2.dll
2020-03-30 02:24 - 2019-01-04 19:43 - 001911688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_42.dll
2020-03-30 02:24 - 2019-01-04 19:43 - 000041360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ceutil.dll
2020-03-30 02:24 - 2016-02-17 15:13 - 000038504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2020-03-30 02:24 - 2016-02-17 15:09 - 001714288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-06-28 15:23 - 2019-12-29 02:43 - 000000000 ____D C:\FRST
2020-06-28 15:22 - 2018-12-29 03:33 - 000833638 _____ C:\Windows\system32\perfh00A.dat
2020-06-28 15:22 - 2018-12-29 03:33 - 000197534 _____ C:\Windows\system32\perfc00A.dat
2020-06-28 15:22 - 2018-12-29 00:14 - 000789686 _____ C:\Windows\system32\perfh007.dat
2020-06-28 15:22 - 2018-12-29 00:14 - 000183010 _____ C:\Windows\system32\perfc007.dat
2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-06-28 15:22 - 2011-04-12 11:16 - 000833154 _____ C:\Windows\system32\perfh00C.dat
2020-06-28 15:22 - 2011-04-12 11:16 - 000185176 _____ C:\Windows\system32\perfc00C.dat
2020-06-28 15:22 - 2009-07-14 07:13 - 003952852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-28 15:21 - 2019-10-27 14:51 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\Mozilla
2020-06-28 15:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-28 15:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\inetsrv
2020-06-28 15:17 - 2020-02-03 00:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2020-06-28 15:17 - 2020-02-03 00:11 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2020-06-28 15:17 - 2020-02-03 00:11 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2020-06-28 15:17 - 2019-10-21 02:45 - 000016064 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\OSArmorDevDrv.sys
2020-06-28 15:17 - 2019-10-21 02:45 - 000015040 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\osadevprotect.sys
2020-06-28 15:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-28 15:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-28 00:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-06-27 18:24 - 2019-10-17 19:56 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\ZHP
2020-06-27 18:24 - 2019-09-18 00:39 - 000000135 _____ C:\Users\Entreprise
2020-06-27 15:58 - 2019-09-08 16:20 - 000000000 ___RD C:\Users\Entreprise DB\Desktop\Icônes moins utilisées
2020-06-27 14:41 - 2020-03-25 19:31 - 000000000 ____D C:\Program Files\CCleaner
2020-06-27 14:41 - 2020-03-22 13:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-21 21:17 - 2019-09-14 19:35 - 000000000 ____D C:\Program Files (x86)\TweakNow DriveShortcut
2020-06-18 19:55 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-05-31 20:41 - 2019-11-30 02:15 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\vlc
2020-05-31 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-05-31 17:19 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
==================== Fichiers à la racine de certains dossiers ========
2019-12-08 00:59 - 2020-06-04 10:42 - 000007675 _____ () C:\Users\Entreprise DB\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2019-09-04 20:25 - 2019-09-04 20:25 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll
2019-09-04 20:25 - 2019-09-04 20:25 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000075264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000063488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2012-01-23 14:15 - 2012-01-23 14:15 - 000122880 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerAg.dll
2012-01-23 14:15 - 2012-01-23 14:15 - 002478592 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerBe.dll
2019-09-07 19:18 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe
2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000065024 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2013-04-30 00:36 - 2013-04-30 00:36 - 000056320 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2012-01-23 14:29 - 2012-01-23 14:29 - 000122880 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerAg.dll
2012-01-23 14:29 - 2012-01-23 14:29 - 002478592 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerBe.dll
2018-12-28 16:39 - 2004-06-11 09:34 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6fr.DLL
2019-09-08 15:32 - 2019-10-24 01:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2019-09-08 15:32 - 2019-10-24 01:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2019-09-08 15:32 - 2019-10-24 01:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe
2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d�marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=E:
path \bootmgr
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d�marrage Windows
-----------------------------
identificateur {314aeaa6-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
osdevice unknown
systemroot \Windows
resumeobject {314aeaa5-0a81-11e9-9024-8a852e30f591}
nx OptIn
Chargeur de d�marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
loadoptions DENABLE_INTEGRITY_CHECKS
testsigning No
osdevice partition=C:
systemroot \Windows
resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
Chargeur de d�marrage Windows
-----------------------------
identificateur {9531bfe8-ca4d-4b1c-b706-fb0354d23dfb}
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {3080cd69-d1a4-11e9-9e13-806e6f6e6963}
device partition=C:
path \Windows\system32\winresume.exe
description Windows 7 Ultimate (r�cup�r�)
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Reprendre � partir de la mise en veille prolong�e
-------------------------------------------------
identificateur {314aeaa5-0a81-11e9-9024-8a852e30f591}
device unknown
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice unknown
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m�moire Windows
--------------------------
identificateur {memdiag}
device partition=E:
path \boot\memtest.exe
description Diagnostics m�moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Secteur de d�marrage en mode r�el
---------------------------------
identificateur {314aeaa8-0a81-11e9-9024-8a852e30f591}
device partition=C:
path \amldr.mbr
description AOMEI Backupper
Param�tres EMS
--------------
identificateur {emssettings}
bootems Yes
Param�tres du d�bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m�moire RAM
----------------------
identificateur {badmemory}
Param�tres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Param�tres du chargeur de d�marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Param�tres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Param�tres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p�riph�rique
-----------------------
identificateur {dbff7e90-5c75-4ac4-a742-e6568cf5d32a}
ramdisksdidevice unknown
ramdisksdipath \Aomei\AomeiBoot.sdi
LastRegBack: 2020-06-27 15:32
==================== Fin de FRST.txt ========================