Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-06-2020 Exécuté par Entreprise DB (administrateur) sur ENTREPRISEDB-PC (28-06-2020 15:22:33) Exécuté depuis C:\Users\Entreprise DB\Desktop Profils chargés: Entreprise DB Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmptrap.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevUI.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2018-09-12] (QFX Software Corporation -> QFX Software Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\...\Policies\Explorer: [NoAutorun] 1 HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3681944 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-286893531-1265236653-243076813-1000\...\Policies\Explorer: [NoAutorun] 1 HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\EPSON AL-C300DN Advanced 64MonitorBE: C:\Windows\system32\E_4LMBAAE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON PGSTM 64Monitor86: C:\Windows\system32\E_L12086.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON PX830 Series 64MonitorBE: C:\Windows\system32\E_ILMHOE.DLL [120320 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2019-09-04] (Softland) [Fichier non signé] [Fichier en cours d'utilisation] BootExecute: ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {4271DF70-7CF3-4A75-9A7C-AE39A9AAD9C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {4A354486-97C4-43B1-BD46-5E194801EEAA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2596720 2018-11-26] (Microsoft Corporation -> Microsoft Corporation) Task: {7DA9C7B5-41C4-46C0-9E43-343F6023675C} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39600 2018-11-26] (Microsoft Corporation -> Microsoft) Task: {BD12E76D-98DE-41EC-9108-D7878EFDA71A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1957744 2018-11-26] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220 Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{80EB61C7-7322-4046-8AA4-29E9D1F62C28}: [DhcpNameServer] 208.67.222.222 208.67.220.220 Internet Explorer: ================== BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [Fichier non signé] [Fichier en cours d'utilisation] Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) FireFox: ======== FF DefaultProfile: fu63a1kn.default FF ProfilePath: C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default [2020-06-28] FF Homepage: Mozilla\Firefox\Profiles\fu63a1kn.default -> hxxps://www.qwant.com/?client=ext-firefox-hp FF HomepageOverride: Mozilla\Firefox\Profiles\fu63a1kn.default -> Enabled: qwantcomforfirefox@jetpack FF Extension: (Signal Spam) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@addonsignalspam.xpi [2020-03-22] FF Extension: (Facebook Container) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\@contain-facebook.xpi [2020-04-19] FF Extension: (Google search link fix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2020-06-13] FF Extension: (Oui) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\qwantcomforfirefox@jetpack.xpi [2020-06-18] FF Extension: (uBlock Origin) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\uBlock0@raymondhill.net.xpi [2020-06-08] FF Extension: (Flagfox) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-05-30] FF Extension: (Temp Mail - E-mail temporaire disponible) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{2d97895d-fcd3-41ab-82e6-6a1d4d2243f6}.xpi [2019-12-04] FF Extension: (Chameleon) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2020-06-23] FF Extension: (YouTube Pauser) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{5be9b9df-c6df-4605-89f2-492981239525}.xpi [2019-12-15] FF Extension: (Eviter les redirections Google Search) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{66ae1871-3b03-4157-96a1-dd82f8a5a045}.xpi [2018-12-28] FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%] FF Extension: (Désactivation de Google Analytics) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi.zip [2019-12-15] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%] FF Extension: (NoScript) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-06-23] FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2020-05-30] FF Extension: (Google Analytics Blocker) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{c7c3483c-0e96-45f4-8772-f84462cdc047}.xpi [2018-12-28] FF Extension: (View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google, Bing, Yandex, Gigablast, WebCite, Sogou, Memento, Naver and Yahoo Japan.) - C:\Users\Entreprise DB\AppData\Roaming\Mozilla\Firefox\Profiles\fu63a1kn.default\Extensions\{d07ccf11-c0cd-4938-a265-2a4d6ad01189}.xpi [2020-06-18] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2018-12-28] [] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY) S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-31] (Malwarebytes Inc -> Malwarebytes) R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-09-04] (Softland SRL -> Microsoft) R2 OSArmorDevSvc; C:\Program Files\NoVirusThanks\OSArmorDevSvc\OSArmorDevSvc.exe [3857024 2019-03-24] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) S2 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> ) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2019-10-15] (Invincea, Inc. -> Sandboxie Holdings, LLC) R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2019-11-01] (Reason Software Company Inc. -> Reason Software Company Inc.) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) S3 TweakingRemoveSafeBoot; C:\Users\Entreprise DB\Desktop\Windows Repair Portable\Tweaking.com - Windows Repair\files\TweakingRemoveSafeBoot_64.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes) R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation) R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-27] (Malwarebytes Inc -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [196456 2020-06-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-09] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [120432 2020-06-28] (Malwarebytes Inc -> Malwarebytes) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> ) U5 osadevprotect; C:\Windows\system32\drivers\osadevprotect.sys [15040 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) U5 OSArmorDevDrv; C:\Windows\system32\drivers\OSArmorDevDrv.sys [16064 2020-06-28] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [223680 2019-10-17] (Invincea, Inc. -> Sandboxie Holdings, LLC) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-10-18] (Adlice -> ) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) U1 aswbdisk; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-06-28 15:22 - 2020-06-28 15:23 - 000021297 _____ C:\Users\Entreprise DB\Desktop\FRST.txt 2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe 2020-06-28 15:19 - 2020-06-28 15:19 - 000000000 ___HD C:\Windows\AxInstSV 2020-06-28 15:18 - 2020-06-28 15:18 - 000196456 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-06-28 15:18 - 2020-06-28 15:18 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-06-28 15:18 - 2020-06-28 15:18 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\IGDump 2020-06-28 15:17 - 2020-06-28 15:17 - 000120432 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-06-27 18:24 - 2020-06-27 18:24 - 000132672 _____ C:\Users\Entreprise DB\Desktop\ZHPDiag.txt 2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe 2020-06-27 15:55 - 2020-06-27 15:55 - 000002838 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-06-27 07:40 - 2020-06-27 07:40 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-06-09 02:07 - 2020-06-09 02:16 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-05-28 18:30 - 2020-05-28 18:32 - 045769539 _____ C:\Users\Entreprise DB\Desktop\Husqvarna_VIKING_Accessory_User_s_Guide_-_French.pdf 2020-05-15 19:47 - 2020-05-15 19:47 - 000182178 _____ C:\Users\Entreprise DB\Desktop\document.pdf 2020-05-12 01:44 - 2020-05-12 01:44 - 000072067 _____ C:\Users\Entreprise DB\Desktop\11-05-2020-Déclaration-déplacement-FR-pdf.pdf 2020-05-10 01:40 - 2020-05-10 01:40 - 000569736 _____ C:\Users\Entreprise DB\Desktop\nuancier_sabaflex_42_1481116799.pdf 2020-05-10 01:17 - 2020-05-10 01:17 - 002457250 _____ C:\Users\Entreprise DB\Desktop\madeira_aerolock_amp_aeroflock_54_1544540083.pdf 2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\Rizonesoft 2020-05-09 01:12 - 2020-05-09 01:12 - 000000000 ____D C:\Program Files\Rizonesoft 2020-05-08 14:55 - 2020-05-08 14:54 - 004864129 _____ C:\Users\Entreprise DB\Desktop\Commande console Windows Fichier.pdf 2020-05-07 12:32 - 2014-12-06 06:17 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe 2020-05-07 01:50 - 2020-05-07 01:50 - 000000862 _____ C:\Windows\system32\termcap 2020-05-07 01:43 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Classic .NET AppPool 2020-05-07 01:43 - 2020-05-07 01:43 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage réseau 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Voisinage d'impression 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Modèles 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Mes documents 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Menu Démarrer 2020-05-07 01:43 - 2020-05-07 01:43 - 000000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-05-07 01:43 - 2011-04-12 11:27 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Media Center Programs 2020-05-03 01:22 - 2020-05-09 18:29 - 000000000 ____D C:\Users\Entreprise DB\Desktop\Tor Browser 2020-04-25 18:42 - 2020-04-25 18:42 - 000000000 ____D C:\Users\Entreprise DB\RECUP SANDBOXIE 2020-04-23 18:01 - 2020-04-23 18:06 - 000000000 ____D C:\Users\Entreprise DB\Desktop\VIDEO 2020-04-23 02:08 - 2020-05-03 01:22 - 000000817 _____ C:\Users\Entreprise DB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\Users\Public\Desktop\LibreOffice 6.4.lnk 2020-04-20 01:40 - 2020-04-20 01:40 - 000001482 _____ C:\ProgramData\Desktop\LibreOffice 6.4.lnk 2020-04-20 01:40 - 2020-04-20 01:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4 2020-04-19 19:51 - 2020-06-24 13:14 - 000002926 _____ C:\Windows\Sandboxie.ini 2020-04-19 19:50 - 2020-04-19 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2020-04-08 00:21 - 2020-04-08 00:21 - 000205552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll 2020-04-08 00:21 - 2020-04-08 00:21 - 000030960 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll 2020-03-31 19:24 - 2020-04-23 17:16 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-03-31 19:24 - 2020-03-31 19:24 - 000001951 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-03-31 19:24 - 2020-03-31 19:24 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-03-30 20:35 - 2020-03-29 20:50 - 001664743 _____ C:\Users\Entreprise DB\Desktop\2020 03 29 Attestation de déplacement016.pdf 2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Comments.bin 2020-03-30 17:07 - 2020-03-30 17:07 - 000000015 _____ C:\Users\Entreprise DB\advanced_port_scanner_Aliases.bin 2020-03-30 17:07 - 2020-03-30 17:07 - 000000004 _____ C:\Users\Entreprise DB\advanced_port_scanner_MAC.bin 2020-03-30 02:45 - 2020-06-21 21:38 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL 2020-03-30 02:45 - 2020-03-30 02:45 - 000000020 ___SH C:\Users\DefaultAppPool.IIS APPPOOL\ntuser.ini 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage réseau 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Voisinage d'impression 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Modèles 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Mes documents 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\Menu Démarrer 2020-03-30 02:45 - 2020-03-30 02:45 - 000000000 _SHDL C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-03-30 02:45 - 2011-04-12 11:27 - 000000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Media Center Programs 2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\Users\Public\Desktop\Document Converter.lnk 2020-03-30 02:24 - 2020-03-30 02:24 - 000001278 _____ C:\ProgramData\Desktop\Document Converter.lnk 2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft4Boost 2020-03-30 02:24 - 2020-03-30 02:24 - 000000000 ____D C:\Program Files (x86)\Soft4Boost 2020-03-30 02:24 - 2019-01-04 19:44 - 000799624 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Windows\SysWOW64\htmlayout.dll 2020-03-30 02:24 - 2019-01-04 19:44 - 000111560 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC2.dll 2020-03-30 02:24 - 2019-01-04 19:43 - 001911688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_42.dll 2020-03-30 02:24 - 2019-01-04 19:43 - 000041360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ceutil.dll 2020-03-30 02:24 - 2016-02-17 15:13 - 000038504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2020-03-30 02:24 - 2016-02-17 15:09 - 001714288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-06-28 15:23 - 2019-12-29 02:43 - 000000000 ____D C:\FRST 2020-06-28 15:22 - 2018-12-29 03:33 - 000833638 _____ C:\Windows\system32\perfh00A.dat 2020-06-28 15:22 - 2018-12-29 03:33 - 000197534 _____ C:\Windows\system32\perfc00A.dat 2020-06-28 15:22 - 2018-12-29 00:14 - 000789686 _____ C:\Windows\system32\perfh007.dat 2020-06-28 15:22 - 2018-12-29 00:14 - 000183010 _____ C:\Windows\system32\perfc007.dat 2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-06-28 15:22 - 2018-12-28 12:23 - 000001200 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-06-28 15:22 - 2011-04-12 11:16 - 000833154 _____ C:\Windows\system32\perfh00C.dat 2020-06-28 15:22 - 2011-04-12 11:16 - 000185176 _____ C:\Windows\system32\perfc00C.dat 2020-06-28 15:22 - 2009-07-14 07:13 - 003952852 _____ C:\Windows\system32\PerfStringBackup.INI 2020-06-28 15:21 - 2019-10-27 14:51 - 000000000 ____D C:\Users\Entreprise DB\AppData\LocalLow\Mozilla 2020-06-28 15:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-06-28 15:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\inetsrv 2020-06-28 15:17 - 2020-02-03 00:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2020-06-28 15:17 - 2020-02-03 00:11 - 000000312 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2020-06-28 15:17 - 2020-02-03 00:11 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat 2020-06-28 15:17 - 2019-10-21 02:45 - 000016064 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\OSArmorDevDrv.sys 2020-06-28 15:17 - 2019-10-21 02:45 - 000015040 _____ (NoVirusThanks Company Srl) C:\Windows\system32\Drivers\osadevprotect.sys 2020-06-28 15:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-06-28 15:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-06-28 15:14 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-06-28 00:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2020-06-27 18:24 - 2019-10-17 19:56 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\ZHP 2020-06-27 18:24 - 2019-09-18 00:39 - 000000135 _____ C:\Users\Entreprise 2020-06-27 15:58 - 2019-09-08 16:20 - 000000000 ___RD C:\Users\Entreprise DB\Desktop\Icônes moins utilisées 2020-06-27 14:41 - 2020-03-25 19:31 - 000000000 ____D C:\Program Files\CCleaner 2020-06-27 14:41 - 2020-03-22 13:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-06-21 21:17 - 2019-09-14 19:35 - 000000000 ____D C:\Program Files (x86)\TweakNow DriveShortcut 2020-06-18 19:55 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-05-31 20:41 - 2019-11-30 02:15 - 000000000 ____D C:\Users\Entreprise DB\AppData\Roaming\vlc 2020-05-31 19:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2020-05-31 17:19 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp ==================== Fichiers à la racine de certains dossiers ======== 2019-12-08 00:59 - 2020-06-04 10:42 - 000007675 _____ () C:\Users\Entreprise DB\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll 2016-09-14 15:31 - 2016-09-14 15:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll 2019-09-04 20:25 - 2019-09-04 20:25 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll 2019-09-04 20:25 - 2019-09-04 20:25 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll 2013-04-30 00:36 - 2013-04-30 00:36 - 000075264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2013-04-30 00:36 - 2013-04-30 00:36 - 000063488 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2012-01-23 14:15 - 2012-01-23 14:15 - 000122880 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerAg.dll 2012-01-23 14:15 - 2012-01-23 14:15 - 002478592 _____ (Multicore Ware) C:\Windows\system32\SlotMaximizerBe.dll 2019-09-07 19:18 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe 2015-03-17 02:34 - 2015-03-17 02:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL 2015-03-17 02:34 - 2015-03-17 02:34 - 001047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2013-04-30 00:36 - 2013-04-30 00:36 - 000065024 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2013-04-30 00:36 - 2013-04-30 00:36 - 000056320 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2012-01-23 14:29 - 2012-01-23 14:29 - 000122880 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerAg.dll 2012-01-23 14:29 - 2012-01-23 14:29 - 002478592 _____ (Multicore Ware) C:\Windows\SysWOW64\SlotMaximizerBe.dll 2018-12-28 16:39 - 2004-06-11 09:34 - 000119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6fr.DLL 2019-09-08 15:32 - 2019-10-24 01:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe 2019-09-08 15:32 - 2019-10-24 01:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2019-09-08 15:32 - 2019-10-24 01:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2020-06-28 15:19 - 2020-06-28 15:19 - 002291200 _____ (Farbar) C:\Users\Entreprise DB\Desktop\FRST64.exe 2020-06-27 18:19 - 2020-06-27 18:19 - 003442048 _____ (Nicolas Coolman) C:\Users\Entreprise DB\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=E: path \bootmgr description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d�marrage Windows ----------------------------- identificateur {314aeaa6-0a81-11e9-9024-8a852e30f591} device unknown path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} osdevice unknown systemroot \Windows resumeobject {314aeaa5-0a81-11e9-9024-8a852e30f591} nx OptIn Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 Ultimate (r�cup�r�) locale fr-FR loadoptions DENABLE_INTEGRITY_CHECKS testsigning No osdevice partition=C: systemroot \Windows resumeobject {3080cd69-d1a4-11e9-9e13-806e6f6e6963} Chargeur de d�marrage Windows ----------------------------- identificateur {9531bfe8-ca4d-4b1c-b706-fb0354d23dfb} Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {3080cd69-d1a4-11e9-9e13-806e6f6e6963} device partition=C: path \Windows\system32\winresume.exe description Windows 7 Ultimate (r�cup�r�) locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {314aeaa5-0a81-11e9-9024-8a852e30f591} device unknown path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice unknown filepath \hiberfil.sys debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=E: path \boot\memtest.exe description Diagnostics m�moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Secteur de d�marrage en mode r�el --------------------------------- identificateur {314aeaa8-0a81-11e9-9024-8a852e30f591} device partition=C: path \amldr.mbr description AOMEI Backupper Param�tres EMS -------------- identificateur {emssettings} bootems Yes Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p�riph�rique ----------------------- identificateur {dbff7e90-5c75-4ac4-a742-e6568cf5d32a} ramdisksdidevice unknown ramdisksdipath \Aomei\AomeiBoot.sdi LastRegBack: 2020-06-27 15:32 ==================== Fin de FRST.txt ========================