Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-10-2022 02
Exécuté par danse (administrateur) sur LAPTOP-DRSV7C70 (HP HP Laptop 17-ak0xx) (02-11-2022 20:05:19)
Exécuté depuis C:\Users\danse\Desktop
Profils chargés: danse
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2130 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\danse\AppData\Roaming\ZHP\ZHPSuite.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9216000 2017-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2017-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1356515841-3184936768-3267695633-1001\...\Run: [MicrosoftEdgeAutoLaunch_CC5E65A2B362ED676D9942D9585950CB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-01] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {15947755-EDAB-4EF4-88D9-E5B7BEC819E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {262E3FAF-6245-4C64-BD44-DDF0D5492D17} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {42FB246C-30D0-44B1-8136-1350BE575231} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {458D844F-AA87-4B86-AA94-2D461FFA29DE} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4EB94544-D3BB-4703-AFB4-325E5E1A3A01} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {58116001-9859-43D8-BCBB-70DBF17A7120} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C1C2F7B-E0E7-4962-8B51-9E3415EFA2BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {777DA003-676B-4DB8-8448-656717CDA553} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [106528 2016-12-07] (HP Inc. -> HP Inc.)
Task: {8FD0E3F5-E5D9-4A69-B808-B745464F79EC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c (Pas de fichier)
Task: {97075331-4B90-4C4E-887E-80DF7824C36E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F63FB9-D47D-460E-A54B-24A45B57F95A} - System32\Tasks\GoogleUpdateTaskMachineCore{7C4A7D33-8756-482B-9125-DE9B20174F8C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-06] (Google LLC -> Google LLC)
Task: {A59FF70C-0270-4982-8755-A91D0CC1C7E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABE41916-6A7F-4446-9968-F94A44EC1565} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {AC57BDB7-935F-4FB2-8323-BC697732F2A0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {BDAB8D40-91A3-49C8-A2A7-69350B80FD26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC753A7C-6D41-477E-83D1-9A3686A5EF47} - System32\Tasks\GoogleUpdateTaskMachineUA{3705BF33-F7FB-438E-8E75-E148CC21B904} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-06] (Google LLC -> Google LLC)
Task: {D353450E-3137-4022-9F6E-35C5241C3F29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5C34A14-7D37-4266-AC44-604A8C410A8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {D6766AB7-EAEE-4057-AC6B-E945F65D46FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [621600 2016-12-06] (HP Inc. -> HP Inc.)
Task: {DED42CD7-FF02-4FA1-B092-DC8164B61559} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {F551A238-89EE-4B71-9D93-24D4C7F843A7} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{7ead616a-49c2-4172-b345-75b19545d26e}: [DhcpNameServer] 172.168.0.7
Tcpip\..\Interfaces\{a472c745-f393-4440-9211-aed2ccedeca3}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\danse\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-02]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default [2022-11-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-06]
CHR Profile: C:\Users\danse\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-02]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-11-02] (Malwarebytes Inc. -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Fichier non signé]
R2 tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [51224 2017-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2021-12-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469280 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-02 19:31 - 2022-11-02 19:31 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-02 17:00 - 2022-11-02 17:00 - 000002272 _____ C:\Users\danse\Desktop\mb resultat.txt
2022-11-02 16:48 - 2022-11-02 16:48 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-02 16:48 - 2022-11-02 16:48 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-02 16:48 - 2022-11-02 16:48 - 000000000 ____D C:\Users\danse\AppData\Local\mbam
2022-11-02 16:47 - 2022-11-02 16:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-02 16:47 - 2022-11-02 16:46 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-02 16:47 - 2022-11-02 16:45 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-02 16:43 - 2022-11-02 16:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-02 16:42 - 2022-11-02 16:43 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-02 16:37 - 2022-11-02 16:37 - 002632256 _____ (Malwarebytes) C:\Users\danse\Desktop\MBSetup.exe
2022-11-02 15:53 - 2022-11-02 15:59 - 000000000 ____D C:\AdwCleaner
2022-11-02 15:52 - 2022-11-02 15:53 - 008791352 _____ (Malwarebytes) C:\Users\danse\Desktop\adwcleaner_8.4.0.exe
2022-11-02 15:48 - 2022-11-02 15:48 - 000000000 ____D C:\Users\danse\AppData\LocalLow\AMD
2022-11-02 15:47 - 2022-11-02 15:47 - 000050017 _____ C:\Users\danse\Desktop\ZHPCleaner (R).txt
2022-11-02 15:42 - 2022-11-02 15:42 - 000051213 _____ C:\Users\danse\Desktop\ZHPCleaner (S).txt
2022-11-02 14:50 - 2022-11-02 14:50 - 000000882 _____ C:\Users\danse\Desktop\ZHPCleaner.lnk
2022-11-02 14:48 - 2022-11-02 14:48 - 003305160 _____ (Nicolas Coolman) C:\Users\danse\Desktop\ZHPCleaner.exe
2022-11-02 14:42 - 2022-11-02 14:42 - 000000000 ____D C:\ProgramData\Temp
2022-11-02 14:41 - 2022-11-02 14:41 - 000000000 ____D C:\Users\danse\AppData\Local\Cyberlink
2022-11-02 14:04 - 2022-11-02 14:04 - 000000000 ____D C:\Users\danse\AppData\Local\OneDrive
2022-11-02 08:11 - 2022-11-02 08:11 - 000033895 _____ C:\Users\danse\Desktop\Shortcut.txt
2022-11-02 08:07 - 2022-11-02 08:11 - 000043001 _____ C:\Users\danse\Desktop\Addition.txt
2022-11-02 07:56 - 2022-11-02 20:07 - 000017529 _____ C:\Users\danse\Desktop\FRST.txt
2022-11-02 07:56 - 2022-11-02 20:06 - 000000000 ____D C:\FRST
2022-11-02 07:51 - 2022-11-02 07:51 - 002374144 _____ (Farbar) C:\Users\danse\Desktop\FRST64.exe
2022-11-02 07:37 - 2022-11-02 07:38 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite.exe
2022-11-01 18:10 - 2022-11-01 18:10 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-11-01 18:10 - 2022-11-01 18:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-11-01 18:09 - 2022-11-01 18:09 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-11-01 18:09 - 2022-11-01 18:09 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-01 18:09 - 2022-11-01 18:09 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-11-01 18:09 - 2022-11-01 18:09 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-11-01 18:09 - 2022-11-01 18:09 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-11-01 18:09 - 2022-11-01 18:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-11-01 18:08 - 2022-11-01 18:08 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-01 18:07 - 2022-11-01 18:07 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-11-01 18:06 - 2022-11-01 18:06 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-11-01 18:05 - 2022-11-01 18:05 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-11-01 18:05 - 2022-11-01 18:05 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-11-01 18:04 - 2022-11-01 18:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-11-01 18:04 - 2022-11-01 18:04 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-11-01 18:03 - 2022-11-01 18:03 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-11-01 18:02 - 2022-11-01 18:02 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-11-01 18:01 - 2022-11-01 18:01 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-11-01 17:40 - 2022-11-02 19:43 - 000277157 _____ C:\Users\danse\Desktop\ZHPDiag.txt
2022-11-01 17:40 - 2022-11-01 18:59 - 000384456 _____ C:\Users\danse\Desktop\ZHPDiag.html
2022-11-01 17:20 - 2022-11-02 19:43 - 000000000 ____D C:\Users\danse\AppData\Roaming\ZHP
2022-11-01 17:20 - 2022-11-02 19:34 - 000000872 _____ C:\Users\danse\Desktop\ZHPSuite.lnk
2022-11-01 17:20 - 2022-11-02 14:50 - 000000000 ____D C:\Users\danse\AppData\Local\ZHP
2022-11-01 16:40 - 2022-11-01 16:40 - 000000000 ___HD C:\$WinREAgent
2022-11-01 15:05 - 2022-11-01 15:05 - 000000000 ____D C:\Users\danse\.android
2022-11-01 15:05 - 2022-11-01 15:05 - 000000000 ____D C:\Program Files\DIFX
2022-11-01 15:04 - 2022-11-01 15:04 - 000000000 ____D C:\Users\danse\AppData\Roaming\TSMonitor
2022-11-01 15:04 - 2022-11-01 15:04 - 000000000 ____D C:\tenorshare
2022-11-01 15:01 - 2022-11-01 15:02 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite (1).exe
2022-11-01 14:58 - 2022-11-01 14:58 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2022-11-01 14:57 - 2022-11-01 14:58 - 001885072 _____ (Tenorshare Co., Ltd.) C:\Users\danse\Downloads\4ukeyforandroid.exe
2022-11-01 14:41 - 2022-11-01 14:41 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\Non confirmé 861842.crdownload
2022-11-01 14:08 - 2022-11-01 14:08 - 000000000 ____D C:\Users\danse\AppData\Local\CEF
2022-11-01 14:02 - 2022-11-01 14:02 - 000000000 ____D C:\Users\danse\AppData\Roaming\WildTangent
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-02 20:04 - 2022-03-06 22:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-02 19:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-02 19:30 - 2022-02-28 21:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-02 19:30 - 2022-02-28 20:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-02 19:29 - 2022-02-27 11:50 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-11-02 19:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-02 18:58 - 2022-02-28 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-02 16:48 - 2022-02-28 21:15 - 000000000 ____D C:\Users\danse\AppData\Local\D3DSCache
2022-11-02 16:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-02 16:05 - 2017-09-03 22:44 - 000000000 ____D C:\ProgramData\McAfee
2022-11-02 15:59 - 2022-02-27 12:27 - 000000000 ____D C:\Users\danse\AppData\Roaming\Hewlett-Packard
2022-11-02 15:59 - 2022-02-27 12:23 - 000000000 ____D C:\Users\danse\AppData\Local\Hewlett-Packard
2022-11-02 15:59 - 2017-05-10 03:03 - 000000000 ____D C:\Program Files (x86)\HP Inc
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\ProgramData\HP
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\Program Files (x86)\HP
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-11-02 15:59 - 2017-04-18 03:30 - 000000000 ___HD C:\hp
2022-11-02 14:42 - 2017-09-03 22:40 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2022-11-02 14:42 - 2017-09-03 22:40 - 000000000 ____D C:\ProgramData\install_backup
2022-11-02 14:42 - 2017-05-10 02:59 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-11-02 14:41 - 2017-09-03 22:41 - 000000000 ____D C:\ProgramData\CyberLink
2022-11-02 14:22 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-02 14:08 - 2022-02-27 12:29 - 000000000 ____D C:\ProgramData\Packages
2022-11-02 14:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-02 14:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-02 07:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-02 07:32 - 2022-02-28 21:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-02 07:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-02 07:29 - 2022-02-28 21:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1356515841-3184936768-3267695633-1001
2022-11-02 07:29 - 2022-02-28 21:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1356515841-3184936768-3267695633-1001
2022-11-02 07:29 - 2022-02-28 20:33 - 000002428 _____ C:\Users\danse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-02 07:24 - 2022-02-28 20:47 - 002721434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-02 07:24 - 2022-02-28 19:21 - 000732488 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-02 07:24 - 2022-02-28 19:21 - 000149888 _____ C:\WINDOWS\system32\perfc007.dat
2022-11-02 07:24 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-11-02 07:24 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-11-01 23:06 - 2022-03-06 22:17 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-01 23:06 - 2022-03-06 22:17 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-01 23:05 - 2022-02-28 20:32 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-01 23:05 - 2022-02-28 20:32 - 000002247 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-01 23:01 - 2022-02-28 20:27 - 000381208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-01 22:54 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-01 22:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-01 18:37 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-11-01 18:37 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-11-01 18:00 - 2022-02-28 20:30 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-01 16:38 - 2022-02-27 12:21 - 000000000 ____D C:\Users\danse\AppData\Local\Packages
2022-11-01 15:49 - 2017-05-10 03:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-01 15:42 - 2022-02-28 23:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-01 15:40 - 2022-02-28 08:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-01 15:29 - 2022-02-28 08:41 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-01 15:28 - 2022-02-28 23:23 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-11-01 15:07 - 2022-03-06 22:16 - 000000000 ____D C:\Program Files\Google
2022-11-01 15:05 - 2022-02-28 20:33 - 000000000 ____D C:\Users\danse
2022-11-01 14:14 - 2017-09-03 22:31 - 000000000 ____D C:\ProgramData\Realtek
2022-11-01 14:05 - 2017-09-03 22:42 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-11-01 14:05 - 2017-09-03 22:42 - 000000000 ____D C:\ProgramData\WildTangent
2022-11-01 13:59 - 2022-03-06 22:15 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3705BF33-F7FB-438E-8E75-E148CC21B904}
2022-11-01 13:59 - 2022-03-06 22:15 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{7C4A7D33-8756-482B-9125-DE9B20174F8C}
2022-11-01 13:59 - 2022-03-01 02:05 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-01 13:59 - 2022-03-01 02:05 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d82cdd5281634f
==================== Fichiers à la racine de certains dossiers ========
2022-02-27 12:21 - 2022-11-02 19:29 - 000037348 _____ () C:\Users\danse\AppData\Local\BTServer.log
==================== SigCheckExt =========================
2017-09-03 22:27 - 2017-04-25 15:11 - 000103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052224 _____ (HP Inc.) C:\WINDOWS\system32\hpbmiapi.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052736 _____ (HP Inc.) C:\WINDOWS\system32\hpboid.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000012800 _____ (HP Inc.) C:\WINDOWS\system32\hpboidps.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000078848 _____ (HP Inc.) C:\WINDOWS\system32\hpbpro.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000013312 _____ (HP Inc.) C:\WINDOWS\system32\hpbprops.dll
2019-02-01 23:40 - 2019-02-01 23:40 - 000070144 _____ (HP Inc.) C:\WINDOWS\system32\HPBWSDR.DLL
2019-02-01 23:10 - 2019-02-01 23:10 - 000180736 _____ (HP Inc.) C:\WINDOWS\system32\hplbddrv.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000067072 _____ (HP Inc.) C:\WINDOWS\system32\HPZidr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000050688 _____ (HP Inc.) C:\WINDOWS\system32\HPZinw12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000066048 _____ (HP Inc.) C:\WINDOWS\system32\HPZipm12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000047104 _____ (HP Inc.) C:\WINDOWS\system32\HPZipr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000038400 _____ (HP Inc.) C:\WINDOWS\system32\hpzipt12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000024064 _____ (HP Inc.) C:\WINDOWS\system32\hpzisn12.dll
2017-09-03 22:31 - 2017-01-11 15:57 - 000051044 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 08:01 - 000056212 _____ C:\WINDOWS\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 08:04 - 000037496 _____ C:\WINDOWS\system32\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 07:59 - 000047244 _____ C:\WINDOWS\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:29 - 2013-04-01 22:19 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2017-09-03 22:31 - 2016-09-20 18:00 - 000001156 _____ C:\WINDOWS\PidVid_List.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000055296 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPZidr12.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000039424 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPZipr12.dll
2017-09-03 22:37 - 2017-03-18 21:56 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2017-09-03 22:29 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2022-11-02 07:51 - 2022-11-02 07:51 - 002374144 _____ (Farbar) C:\Users\danse\Desktop\FRST64.exe
2022-11-02 14:48 - 2022-11-02 14:48 - 003305160 _____ (Nicolas Coolman) C:\Users\danse\Desktop\ZHPCleaner.exe
2018-01-17 10:36 - 2018-01-17 10:47 - 132403128 _____ C:\Users\danse\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe
2022-11-01 15:01 - 2022-11-01 15:02 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite (1).exe
2022-11-02 07:37 - 2022-11-02 07:38 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{a67ce44a-9589-11ec-995e-806e6f6e6963}
{4076b45f-6672-11ec-995d-806e6f6e6963}
{4076b460-6672-11ec-995d-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {51129662-98cc-11ec-b380-e46a553e6a4f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {4076b45f-6672-11ec-995d-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {4076b460-6672-11ec-995d-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {a67ce44a-9589-11ec-995e-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {961261cd-98cc-11ec-9947-c9f2871b9956}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {51129662-98cc-11ec-b380-e46a553e6a4f}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {961261cd-98cc-11ec-9947-c9f2871b9956}
device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{961261ce-98cc-11ec-9947-c9f2871b9956}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{961261ce-98cc-11ec-9947-c9f2871b9956}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {51129662-98cc-11ec-b380-e46a553e6a4f}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {961261cd-98cc-11ec-9947-c9f2871b9956}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {961261ce-98cc-11ec-9947-c9f2871b9956}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume7
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par danse (administrateur) sur LAPTOP-DRSV7C70 (HP HP Laptop 17-ak0xx) (02-11-2022 20:05:19)
Exécuté depuis C:\Users\danse\Desktop
Profils chargés: danse
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2130 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\danse\AppData\Roaming\ZHP\ZHPSuite.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_011e273f4453e6ec\B367342\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9216000 2017-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2017-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1356515841-3184936768-3267695633-1001\...\Run: [MicrosoftEdgeAutoLaunch_CC5E65A2B362ED676D9942D9585950CB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-01] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {15947755-EDAB-4EF4-88D9-E5B7BEC819E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {262E3FAF-6245-4C64-BD44-DDF0D5492D17} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {42FB246C-30D0-44B1-8136-1350BE575231} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {458D844F-AA87-4B86-AA94-2D461FFA29DE} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4EB94544-D3BB-4703-AFB4-325E5E1A3A01} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {58116001-9859-43D8-BCBB-70DBF17A7120} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C1C2F7B-E0E7-4962-8B51-9E3415EFA2BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {777DA003-676B-4DB8-8448-656717CDA553} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [106528 2016-12-07] (HP Inc. -> HP Inc.)
Task: {8FD0E3F5-E5D9-4A69-B808-B745464F79EC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c (Pas de fichier)
Task: {97075331-4B90-4C4E-887E-80DF7824C36E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F63FB9-D47D-460E-A54B-24A45B57F95A} - System32\Tasks\GoogleUpdateTaskMachineCore{7C4A7D33-8756-482B-9125-DE9B20174F8C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-06] (Google LLC -> Google LLC)
Task: {A59FF70C-0270-4982-8755-A91D0CC1C7E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABE41916-6A7F-4446-9968-F94A44EC1565} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {AC57BDB7-935F-4FB2-8323-BC697732F2A0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {BDAB8D40-91A3-49C8-A2A7-69350B80FD26} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC753A7C-6D41-477E-83D1-9A3686A5EF47} - System32\Tasks\GoogleUpdateTaskMachineUA{3705BF33-F7FB-438E-8E75-E148CC21B904} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-06] (Google LLC -> Google LLC)
Task: {D353450E-3137-4022-9F6E-35C5241C3F29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5C34A14-7D37-4266-AC44-604A8C410A8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {D6766AB7-EAEE-4057-AC6B-E945F65D46FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [621600 2016-12-06] (HP Inc. -> HP Inc.)
Task: {DED42CD7-FF02-4FA1-B092-DC8164B61559} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {F551A238-89EE-4B71-9D93-24D4C7F843A7} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{7ead616a-49c2-4172-b345-75b19545d26e}: [DhcpNameServer] 172.168.0.7
Tcpip\..\Interfaces\{a472c745-f393-4440-9211-aed2ccedeca3}: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\danse\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-02]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default [2022-11-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\danse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-06]
CHR Profile: C:\Users\danse\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-02]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-11-02] (Malwarebytes Inc. -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Fichier non signé]
R2 tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [51224 2017-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2021-12-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469280 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-02 19:31 - 2022-11-02 19:31 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-02 17:00 - 2022-11-02 17:00 - 000002272 _____ C:\Users\danse\Desktop\mb resultat.txt
2022-11-02 16:48 - 2022-11-02 16:48 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-02 16:48 - 2022-11-02 16:48 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-02 16:48 - 2022-11-02 16:48 - 000000000 ____D C:\Users\danse\AppData\Local\mbam
2022-11-02 16:47 - 2022-11-02 16:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-02 16:47 - 2022-11-02 16:46 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-02 16:47 - 2022-11-02 16:45 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-02 16:43 - 2022-11-02 16:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-02 16:42 - 2022-11-02 16:43 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-02 16:37 - 2022-11-02 16:37 - 002632256 _____ (Malwarebytes) C:\Users\danse\Desktop\MBSetup.exe
2022-11-02 15:53 - 2022-11-02 15:59 - 000000000 ____D C:\AdwCleaner
2022-11-02 15:52 - 2022-11-02 15:53 - 008791352 _____ (Malwarebytes) C:\Users\danse\Desktop\adwcleaner_8.4.0.exe
2022-11-02 15:48 - 2022-11-02 15:48 - 000000000 ____D C:\Users\danse\AppData\LocalLow\AMD
2022-11-02 15:47 - 2022-11-02 15:47 - 000050017 _____ C:\Users\danse\Desktop\ZHPCleaner (R).txt
2022-11-02 15:42 - 2022-11-02 15:42 - 000051213 _____ C:\Users\danse\Desktop\ZHPCleaner (S).txt
2022-11-02 14:50 - 2022-11-02 14:50 - 000000882 _____ C:\Users\danse\Desktop\ZHPCleaner.lnk
2022-11-02 14:48 - 2022-11-02 14:48 - 003305160 _____ (Nicolas Coolman) C:\Users\danse\Desktop\ZHPCleaner.exe
2022-11-02 14:42 - 2022-11-02 14:42 - 000000000 ____D C:\ProgramData\Temp
2022-11-02 14:41 - 2022-11-02 14:41 - 000000000 ____D C:\Users\danse\AppData\Local\Cyberlink
2022-11-02 14:04 - 2022-11-02 14:04 - 000000000 ____D C:\Users\danse\AppData\Local\OneDrive
2022-11-02 08:11 - 2022-11-02 08:11 - 000033895 _____ C:\Users\danse\Desktop\Shortcut.txt
2022-11-02 08:07 - 2022-11-02 08:11 - 000043001 _____ C:\Users\danse\Desktop\Addition.txt
2022-11-02 07:56 - 2022-11-02 20:07 - 000017529 _____ C:\Users\danse\Desktop\FRST.txt
2022-11-02 07:56 - 2022-11-02 20:06 - 000000000 ____D C:\FRST
2022-11-02 07:51 - 2022-11-02 07:51 - 002374144 _____ (Farbar) C:\Users\danse\Desktop\FRST64.exe
2022-11-02 07:37 - 2022-11-02 07:38 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite.exe
2022-11-01 18:10 - 2022-11-01 18:10 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-11-01 18:10 - 2022-11-01 18:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-11-01 18:09 - 2022-11-01 18:09 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-11-01 18:09 - 2022-11-01 18:09 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-01 18:09 - 2022-11-01 18:09 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-11-01 18:09 - 2022-11-01 18:09 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-11-01 18:09 - 2022-11-01 18:09 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-11-01 18:09 - 2022-11-01 18:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-11-01 18:08 - 2022-11-01 18:08 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-11-01 18:08 - 2022-11-01 18:08 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-11-01 18:08 - 2022-11-01 18:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-01 18:07 - 2022-11-01 18:07 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-11-01 18:06 - 2022-11-01 18:06 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-11-01 18:05 - 2022-11-01 18:05 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-11-01 18:05 - 2022-11-01 18:05 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-11-01 18:04 - 2022-11-01 18:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-11-01 18:04 - 2022-11-01 18:04 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-11-01 18:03 - 2022-11-01 18:03 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-11-01 18:03 - 2022-11-01 18:03 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-11-01 18:02 - 2022-11-01 18:02 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-11-01 18:01 - 2022-11-01 18:01 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-11-01 18:01 - 2022-11-01 18:01 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-11-01 17:40 - 2022-11-02 19:43 - 000277157 _____ C:\Users\danse\Desktop\ZHPDiag.txt
2022-11-01 17:40 - 2022-11-01 18:59 - 000384456 _____ C:\Users\danse\Desktop\ZHPDiag.html
2022-11-01 17:20 - 2022-11-02 19:43 - 000000000 ____D C:\Users\danse\AppData\Roaming\ZHP
2022-11-01 17:20 - 2022-11-02 19:34 - 000000872 _____ C:\Users\danse\Desktop\ZHPSuite.lnk
2022-11-01 17:20 - 2022-11-02 14:50 - 000000000 ____D C:\Users\danse\AppData\Local\ZHP
2022-11-01 16:40 - 2022-11-01 16:40 - 000000000 ___HD C:\$WinREAgent
2022-11-01 15:05 - 2022-11-01 15:05 - 000000000 ____D C:\Users\danse\.android
2022-11-01 15:05 - 2022-11-01 15:05 - 000000000 ____D C:\Program Files\DIFX
2022-11-01 15:04 - 2022-11-01 15:04 - 000000000 ____D C:\Users\danse\AppData\Roaming\TSMonitor
2022-11-01 15:04 - 2022-11-01 15:04 - 000000000 ____D C:\tenorshare
2022-11-01 15:01 - 2022-11-01 15:02 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite (1).exe
2022-11-01 14:58 - 2022-11-01 14:58 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2022-11-01 14:57 - 2022-11-01 14:58 - 001885072 _____ (Tenorshare Co., Ltd.) C:\Users\danse\Downloads\4ukeyforandroid.exe
2022-11-01 14:41 - 2022-11-01 14:41 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\Non confirmé 861842.crdownload
2022-11-01 14:08 - 2022-11-01 14:08 - 000000000 ____D C:\Users\danse\AppData\Local\CEF
2022-11-01 14:02 - 2022-11-01 14:02 - 000000000 ____D C:\Users\danse\AppData\Roaming\WildTangent
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-11-02 20:04 - 2022-03-06 22:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-02 19:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-02 19:30 - 2022-02-28 21:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-02 19:30 - 2022-02-28 20:27 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-02 19:29 - 2022-02-27 11:50 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-11-02 19:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-02 18:58 - 2022-02-28 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-02 16:48 - 2022-02-28 21:15 - 000000000 ____D C:\Users\danse\AppData\Local\D3DSCache
2022-11-02 16:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-02 16:05 - 2017-09-03 22:44 - 000000000 ____D C:\ProgramData\McAfee
2022-11-02 15:59 - 2022-02-27 12:27 - 000000000 ____D C:\Users\danse\AppData\Roaming\Hewlett-Packard
2022-11-02 15:59 - 2022-02-27 12:23 - 000000000 ____D C:\Users\danse\AppData\Local\Hewlett-Packard
2022-11-02 15:59 - 2017-05-10 03:03 - 000000000 ____D C:\Program Files (x86)\HP Inc
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\ProgramData\HP
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\Program Files (x86)\HP
2022-11-02 15:59 - 2017-05-10 02:59 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-11-02 15:59 - 2017-04-18 03:30 - 000000000 ___HD C:\hp
2022-11-02 14:42 - 2017-09-03 22:40 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2022-11-02 14:42 - 2017-09-03 22:40 - 000000000 ____D C:\ProgramData\install_backup
2022-11-02 14:42 - 2017-05-10 02:59 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-11-02 14:41 - 2017-09-03 22:41 - 000000000 ____D C:\ProgramData\CyberLink
2022-11-02 14:22 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-02 14:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-02 14:08 - 2022-02-27 12:29 - 000000000 ____D C:\ProgramData\Packages
2022-11-02 14:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-02 14:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-02 07:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-02 07:32 - 2022-02-28 21:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-02 07:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-02 07:29 - 2022-02-28 21:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1356515841-3184936768-3267695633-1001
2022-11-02 07:29 - 2022-02-28 21:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1356515841-3184936768-3267695633-1001
2022-11-02 07:29 - 2022-02-28 20:33 - 000002428 _____ C:\Users\danse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-02 07:24 - 2022-02-28 20:47 - 002721434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-02 07:24 - 2022-02-28 19:21 - 000732488 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-02 07:24 - 2022-02-28 19:21 - 000149888 _____ C:\WINDOWS\system32\perfc007.dat
2022-11-02 07:24 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-11-02 07:24 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-11-01 23:06 - 2022-03-06 22:17 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-01 23:06 - 2022-03-06 22:17 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-01 23:05 - 2022-02-28 20:32 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-01 23:05 - 2022-02-28 20:32 - 000002247 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-01 23:01 - 2022-02-28 20:27 - 000381208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-01 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-01 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-01 22:54 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-01 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-01 22:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-01 18:37 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-11-01 18:37 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-11-01 18:00 - 2022-02-28 20:30 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-01 16:38 - 2022-02-27 12:21 - 000000000 ____D C:\Users\danse\AppData\Local\Packages
2022-11-01 15:49 - 2017-05-10 03:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-01 15:42 - 2022-02-28 23:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-01 15:40 - 2022-02-28 08:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-01 15:29 - 2022-02-28 08:41 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-01 15:28 - 2022-02-28 23:23 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-11-01 15:07 - 2022-03-06 22:16 - 000000000 ____D C:\Program Files\Google
2022-11-01 15:05 - 2022-02-28 20:33 - 000000000 ____D C:\Users\danse
2022-11-01 14:14 - 2017-09-03 22:31 - 000000000 ____D C:\ProgramData\Realtek
2022-11-01 14:05 - 2017-09-03 22:42 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-11-01 14:05 - 2017-09-03 22:42 - 000000000 ____D C:\ProgramData\WildTangent
2022-11-01 13:59 - 2022-03-06 22:15 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3705BF33-F7FB-438E-8E75-E148CC21B904}
2022-11-01 13:59 - 2022-03-06 22:15 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{7C4A7D33-8756-482B-9125-DE9B20174F8C}
2022-11-01 13:59 - 2022-03-01 02:05 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-01 13:59 - 2022-03-01 02:05 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d82cdd5281634f
==================== Fichiers à la racine de certains dossiers ========
2022-02-27 12:21 - 2022-11-02 19:29 - 000037348 _____ () C:\Users\danse\AppData\Local\BTServer.log
==================== SigCheckExt =========================
2017-09-03 22:27 - 2017-04-25 15:11 - 000103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052224 _____ (HP Inc.) C:\WINDOWS\system32\hpbmiapi.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000052736 _____ (HP Inc.) C:\WINDOWS\system32\hpboid.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000012800 _____ (HP Inc.) C:\WINDOWS\system32\hpboidps.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000078848 _____ (HP Inc.) C:\WINDOWS\system32\hpbpro.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000013312 _____ (HP Inc.) C:\WINDOWS\system32\hpbprops.dll
2019-02-01 23:40 - 2019-02-01 23:40 - 000070144 _____ (HP Inc.) C:\WINDOWS\system32\HPBWSDR.DLL
2019-02-01 23:10 - 2019-02-01 23:10 - 000180736 _____ (HP Inc.) C:\WINDOWS\system32\hplbddrv.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000067072 _____ (HP Inc.) C:\WINDOWS\system32\HPZidr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000050688 _____ (HP Inc.) C:\WINDOWS\system32\HPZinw12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000066048 _____ (HP Inc.) C:\WINDOWS\system32\HPZipm12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000047104 _____ (HP Inc.) C:\WINDOWS\system32\HPZipr12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000038400 _____ (HP Inc.) C:\WINDOWS\system32\hpzipt12.dll
2019-02-01 23:42 - 2019-02-01 23:42 - 000024064 _____ (HP Inc.) C:\WINDOWS\system32\hpzisn12.dll
2017-09-03 22:31 - 2017-01-11 15:57 - 000051044 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 08:01 - 000056212 _____ C:\WINDOWS\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 08:04 - 000037496 _____ C:\WINDOWS\system32\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:31 - 2017-01-20 07:59 - 000047244 _____ C:\WINDOWS\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2017-09-03 22:29 - 2013-04-01 22:19 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2017-09-03 22:31 - 2016-09-20 18:00 - 000001156 _____ C:\WINDOWS\PidVid_List.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000055296 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPZidr12.dll
2019-02-01 23:41 - 2019-02-01 23:41 - 000039424 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPZipr12.dll
2017-09-03 22:37 - 2017-03-18 21:56 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2017-09-03 22:29 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2022-11-02 07:51 - 2022-11-02 07:51 - 002374144 _____ (Farbar) C:\Users\danse\Desktop\FRST64.exe
2022-11-02 14:48 - 2022-11-02 14:48 - 003305160 _____ (Nicolas Coolman) C:\Users\danse\Desktop\ZHPCleaner.exe
2018-01-17 10:36 - 2018-01-17 10:47 - 132403128 _____ C:\Users\danse\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe
2022-11-01 15:01 - 2022-11-01 15:02 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite (1).exe
2022-11-02 07:37 - 2022-11-02 07:38 - 003509960 _____ (Nicolas Coolman) C:\Users\danse\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{a67ce44a-9589-11ec-995e-806e6f6e6963}
{4076b45f-6672-11ec-995d-806e6f6e6963}
{4076b460-6672-11ec-995d-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {51129662-98cc-11ec-b380-e46a553e6a4f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {4076b45f-6672-11ec-995d-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {4076b460-6672-11ec-995d-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {a67ce44a-9589-11ec-995e-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {961261cd-98cc-11ec-9947-c9f2871b9956}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {51129662-98cc-11ec-b380-e46a553e6a4f}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {961261cd-98cc-11ec-9947-c9f2871b9956}
device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{961261ce-98cc-11ec-9947-c9f2871b9956}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{961261ce-98cc-11ec-9947-c9f2871b9956}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {51129662-98cc-11ec-b380-e46a553e6a4f}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {961261cd-98cc-11ec-9947-c9f2871b9956}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {961261ce-98cc-11ec-9947-c9f2871b9956}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume7
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================