Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 Exécuté par BRUNO (administrateur) sur LENOVO-PC (LENOVO 80E3) (27-11-2023 20:32:09) Exécuté depuis C:\Users\BRUNO\Desktop\FRST64.exe Profils chargés: BRUNO Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3693 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe (C:\Program Files (x86)\kDrive\kDrive.exe ->) () [Fichier non signé] C:\Program Files (x86)\kDrive\crashpad_handler.exe <2> (C:\Program Files (x86)\kDrive\kDrive.exe ->) (Infomaniak Network SA -> Infomaniak Network SA) C:\Program Files (x86)\kDrive\kDrive_client.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (explorer.exe ->) (AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (explorer.exe ->) (Infomaniak Network SA -> Infomaniak Network SA) C:\Program Files (x86)\kDrive\kDrive.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe (services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Arcai.com) [Fichier non signé] C:\Program Files (x86)\NetCutDefender\services\aips.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe (services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities\MemfilesService.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe (services.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Fichier non signé] HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-07-26] (Realtek Semiconductor Corp -> Realtek semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files (x86)\Wondershare\Wondershare UniConverter 15 for Windows (French)\WSVCUUpdateHelper.exe (Pas de fichier) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-3954851323-185838848-2436664330-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation) HKU\S-1-5-21-3954851323-185838848-2436664330-1002\...\Run: [MicrosoftEdgeAutoLaunch_AEEF8CC71B91F8E2E251551C529CDB4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3954851323-185838848-2436664330-1002\...\Run: [kDrive] => C:\Program Files (x86)\kDrive\kDrive.exe [14153960 2023-10-23] (Infomaniak Network SA -> Infomaniak Network SA) HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) Startup: C:\Users\BRUNO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MESAGERIE Thunderbird.lnk [2021-03-04] ShortcutTarget: MESAGERIE Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) BootExecute: autocheck autochk * GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {C44EADF8-ABE8-4842-9AEF-EF39C0AAF975} - System32\Tasks\{9D267DDF-2BAD-4CBD-A0C5-D02E41B0C59B} => C:\WINDOWS\system32\pcalua.exe [53760 2023-11-18] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\The Mighty Quest For Epic Loot\LauncherData\unins000.exe" Task: {6ABDBB9B-8615-44EE-9648-954F4A4C5CDE} - System32\Tasks\2BrightSparks\SyncBackFree\Lenovo-PC-BRUNO\SyncBackFree Sauv DOCTs +ProfilThundbird SUR CarteMémoire => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [143783448 2023-10-10] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) Task: {A6434AE5-95B3-409D-B4E7-044188C45F9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {B937BA8C-48F4-4928-A886-B5AD73F23954} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Pas de fichier) Task: {8C14C56C-9001-47A3-8BEC-552E5BBA5DC9} - System32\Tasks\GUSkipUAC => C:\Program Files (x86)\Glary Utilities\Integrator.exe [920984 2023-11-20] (Glarysoft Ltd -> Glarysoft Ltd) Task: {3CC07828-2BFE-4743-B4C0-9A4A6D285EB4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe" (Pas de fichier) Task: {D20D58C7-EECB-4D62-9617-60D657EE305D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-08-17] (LENOVO -> Lenovo) Task: {E8A9D062-524E-444F-AEAE-3CD256BF71AA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier) Task: {204083A1-755E-4D5A-99D8-93187A7A734A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier) Task: {937756C9-A226-4387-978D-D4B1BEDC299F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (Pas de fichier) Task: {BDA8C4EB-12D0-468C-9A68-F805BDD38726} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-19] (Microsoft Windows -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {2A3391A7-53C3-45B7-91A6-B3F01491C966} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2023-11-18] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {D07886D2-ED4A-4B0F-9F0E-2D21957BC1FE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {72746E77-AC92-4D0B-A8C8-7AA4AD75FBEC} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {055E5B4F-5768-411B-B7FF-0FCE8F23AB87} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-18] (Microsoft Windows -> Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier) Task: {386FF7CF-5534-4EA5-9BB5-E75F1503B255} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-11-21] (Mozilla Corporation -> Mozilla Foundation) Task: {343CAE6D-526E-4FEF-9F96-9B198551ACB5} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (Pas de fichier) Task: {A8C8F446-FE68-4166-B91A-4D829ADB3874} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{30D32CEF-79C1-4515-91FD-7C0303159E4E}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{30D32CEF-79C1-4515-91FD-7C0303159E4E}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7ccb217d-1f66-437e-9504-3e65fe773bf1}: [NameServer] 198.51.100.1,198.51.100.2 Tcpip\..\Interfaces\{920B660A-1A28-4406-94A7-3A8C06DBD913}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\BRUNO\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-27] Edge Extension: (Kaspersky Protection) - C:\Users\BRUNO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-10-24] Edge Extension: (Google Docs hors connexion) - C:\Users\BRUNO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-24] Edge Extension: (Edge relevant text changes) - C:\Users\BRUNO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-24] Edge HKU\S-1-5-21-3954851323-185838848-2436664330-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: dcclmizm.default FF DefaultProfile: ehhvmses.default-1612973086393 FF ProfilePath: C:\Users\BRUNO\AppData\Roaming\Waterfox\Profiles\dcclmizm.default [2018-03-28] FF ProfilePath: C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393 [2023-11-27] FF DownloadDir: C:\Users\BRUNO\Desktop\Téléchargements FF Homepage: Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393 -> about:blank FF Extension: (AdGuard AdBlocker) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\adguardadblocker@adguard.com.xpi [2023-11-24] FF Extension: (Dictionnaire français) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2021-07-17] FF Extension: (HTTPS partout) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\https-everywhere@eff.org.xpi [2021-07-15] FF Extension: (To Google Translate) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-10-25] FF Extension: (Language: Français (French)) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-11-22] FF Extension: (Kaspersky Protection) - C:\Users\BRUNO\AppData\Roaming\Mozilla\Firefox\Profiles\ehhvmses.default-1612973086393\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2023-08-30] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signé] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-08-17] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-08-17] <==== ATTENTION Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AIPS; C:\Program Files (x86)\NetCutDefender\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Fichier non signé] S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-18] (Advanced Micro Devices, Inc.) [Fichier non signé] R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [888216 2023-11-20] (Glarysoft Ltd -> Glarysoft Ltd) R2 GUMemfilesService; C:\Program Files (x86)\Glary Utilities\MemfilesService.exe [317336 2023-11-20] (Glarysoft Ltd -> Glarysoft Ltd) S3 GUPMService; C:\Program Files (x86)\Glary Utilities\GUPMService.exe [76696 2023-11-20] (Glarysoft Ltd -> Glarysoft Ltd) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> ) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 KSDE5.6; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.6\ksde.exe [447104 2022-04-12] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-23] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] (CyberLink -> ) R2 SyncBackFreeSchedulesMonitor; C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe [3389168 2023-10-10] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) U5 amd_sata; C:\Windows\System32\Drivers\amd_sata.sys [81608 2014-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) U5 amd_xata; C:\Windows\System32\Drivers\amd_xata.sys [23752 2014-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [23568 2023-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [742224 2023-09-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1896256 2023-09-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235704 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2022-04-12] (AnchorFree Inc -> The OpenVPN Project) R1 kltapflt; C:\WINDOWS\system32\DRIVERS\kltapflt.sys [48544 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [384656 2023-10-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [354640 2023-10-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [183120 2023-10-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [262712 2023-10-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-08-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-10] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-27 20:32 - 2023-11-27 20:35 - 000024530 _____ C:\Users\BRUNO\Desktop\FRST.txt 2023-11-27 20:30 - 2023-11-27 20:33 - 000000000 ____D C:\FRST 2023-11-27 20:29 - 2023-11-27 20:29 - 000224824 _____ C:\Users\BRUNO\Desktop\ZHPDiag.txt 2023-11-27 20:02 - 2023-11-27 20:02 - 000000916 _____ C:\Users\BRUNO\Desktop\ZHPSuite.lnk 2023-11-27 20:00 - 2023-11-27 20:00 - 002383872 _____ (Farbar) C:\Users\BRUNO\Desktop\FRST64.exe 2023-11-27 19:57 - 2023-11-27 19:58 - 003515040 _____ (Nicolas Coolman) C:\Users\BRUNO\Desktop\ZHPSuite.exe 2023-11-24 19:32 - 2023-11-24 19:32 - 000000000 ____D C:\Users\BRUNO\AppData\LocalLow\AMD 2023-11-24 14:48 - 2023-11-24 17:22 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2023-11-22 21:30 - 2023-11-22 21:30 - 000000000 ____D C:\WINDOWS\system32\‰£ê 2023-11-22 21:30 - 2023-11-22 21:30 - 000000000 ____D C:\WINDOWS\system32\@‰£ê 2023-11-22 20:33 - 2023-11-22 20:33 - 000003024 _____ C:\WINDOWS\system32\Tasks\GUSkipUAC 2023-11-21 22:32 - 2023-11-22 15:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-11-19 20:39 - 2023-11-19 20:39 - 000000000 ___HD C:\$WinREAgent 2023-11-11 18:39 - 2023-11-14 16:22 - 000000000 ___SD C:\Users\BRUNO\kDrive 2023-11-11 18:26 - 2023-11-11 18:39 - 000000000 ____D C:\Users\BRUNO\AppData\Local\kDrive 2023-11-11 18:22 - 2023-11-11 18:22 - 000001969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kDrive.lnk 2023-11-11 18:18 - 2023-11-11 18:22 - 000000000 ____D C:\Program Files (x86)\kDrive 2023-11-01 15:38 - 2023-11-24 16:39 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 2023-11-01 15:38 - 2023-11-22 20:33 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk 2023-11-01 15:38 - 2023-11-22 20:33 - 000001146 _____ C:\Users\Public\Desktop\Glary Utilities.lnk 2023-11-01 15:38 - 2023-11-01 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 2023-10-27 13:48 - 2023-10-27 13:48 - 000000000 ____D C:\WINDOWS\system32\‰» 2023-10-27 13:48 - 2023-10-27 13:48 - 000000000 ____D C:\WINDOWS\system32\@‰» 2023-10-22 15:57 - 2023-10-22 15:57 - 000000000 ____D C:\WINDOWS\system32\‰ÎÊ 2023-10-22 15:57 - 2023-10-22 15:57 - 000000000 ____D C:\WINDOWS\system32\@‰ÎÊ 2023-10-18 16:11 - 2023-10-18 16:15 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\ScoreCloud 2023-10-15 18:01 - 2023-10-15 18:01 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-10-14 21:19 - 2023-11-21 10:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3954851323-185838848-2436664330-1002 2023-10-13 15:42 - 2023-10-13 15:45 - 000000000 ____D C:\Wondershare UniConverter 15 2023-10-13 15:36 - 2023-10-13 15:52 - 000000000 ____D C:\Users\BRUNO\AppData\Local\Wondershare 2023-10-13 15:36 - 2023-10-13 15:40 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\Wondershare 2023-10-13 15:33 - 2023-10-13 15:50 - 000000000 ____D C:\ProgramData\Wondershare 2023-10-13 15:33 - 2023-10-13 15:50 - 000000000 ____D C:\Program Files (x86)\Wondershare 2023-10-13 15:22 - 2023-10-13 15:38 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2023-10-13 14:43 - 2023-10-13 14:43 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\NCH Software 2023-10-12 14:27 - 2023-10-12 14:27 - 000000000 ____D C:\ProgramData\PLUG 2023-10-07 19:18 - 2023-10-07 19:18 - 000000000 ____D C:\WINDOWS\system32\‰×Ô 2023-10-07 19:18 - 2023-10-07 19:18 - 000000000 ____D C:\WINDOWS\system32\@‰×Ô 2023-10-07 07:47 - 2023-10-07 07:47 - 000000000 ____D C:\WINDOWS\system32\‰Ô~ 2023-10-07 07:47 - 2023-10-07 07:47 - 000000000 ____D C:\WINDOWS\system32\@‰Ô~ 2023-10-02 16:41 - 2023-10-02 16:41 - 000000000 ____D C:\WINDOWS\system32\‰¶i 2023-10-02 16:41 - 2023-10-02 16:41 - 000000000 ____D C:\WINDOWS\system32\@‰¶i 2023-09-29 20:30 - 2023-09-29 20:30 - 000000000 ____D C:\WINDOWS\system32\‰—‰ 2023-09-29 20:30 - 2023-09-29 20:30 - 000000000 ____D C:\WINDOWS\system32\@‰—‰ 2023-09-14 12:28 - 2023-09-14 12:28 - 000000000 ____D C:\WINDOWS\system32\‰ûõ 2023-09-14 12:28 - 2023-09-14 12:28 - 000000000 ____D C:\WINDOWS\system32\@‰ûõ 2023-09-13 18:16 - 2023-09-13 18:16 - 000000000 ____D C:\WINDOWS\system32\‰T 2023-09-13 18:16 - 2023-09-13 18:16 - 000000000 ____D C:\WINDOWS\system32\@‰T 2023-09-10 15:50 - 2023-09-10 15:50 - 000001134 _____ C:\Users\Public\Desktop\GRAVER.lnk 2023-09-10 14:57 - 2023-09-10 14:57 - 000000000 ____D C:\WINDOWS\system32\‰Ø‹ 2023-09-10 14:57 - 2023-09-10 14:57 - 000000000 ____D C:\WINDOWS\system32\@‰Ø‹ 2023-09-07 17:03 - 2023-09-07 17:03 - 000000000 ____D C:\WINDOWS\system32\‰Ñ 2023-09-07 17:03 - 2023-09-07 17:03 - 000000000 ____D C:\WINDOWS\system32\@‰Ñ ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-27 20:29 - 2021-05-24 19:51 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\ZHP 2023-11-27 20:29 - 2020-06-09 01:13 - 000000000 ___RD C:\Users\BRUNO\Desktop\Téléchargements 2023-11-27 20:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-27 20:02 - 2021-05-24 19:51 - 000000000 ____D C:\Users\BRUNO\AppData\Local\ZHP 2023-11-27 19:50 - 2022-02-10 17:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-11-27 19:48 - 2015-07-31 23:54 - 000000000 ___SD C:\Users\BRUNO\AppData\Roaming\Microsoft\Credentials 2023-11-27 19:45 - 2023-07-02 20:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-11-27 19:45 - 2020-06-09 00:18 - 000008192 ___SH C:\DumpStack.log.tmp 2023-11-27 18:43 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-11-27 18:43 - 2015-01-23 01:46 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2023-11-27 18:40 - 2023-07-02 19:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-11-24 18:22 - 2020-06-09 08:35 - 000000000 ____D C:\Users\BRUNO\Documents\PRIERES 2023-11-24 17:53 - 2023-07-02 19:47 - 000000000 ____D C:\Users\BRUNO 2023-11-24 17:53 - 2021-09-12 18:16 - 003346080 _____ (Nicolas Coolman) C:\Users\BRUNO\ZHPCleaner.exe 2023-11-24 17:53 - 2021-08-17 11:07 - 000000785 _____ C:\Users\BRUNO\Desktop\ZHPCleaner.lnk 2023-11-24 17:22 - 2020-06-10 20:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-11-24 16:55 - 2023-08-01 13:45 - 000000000 ____D C:\WINDOWS\Minidump 2023-11-24 16:35 - 2020-06-11 10:50 - 000000000 ____D C:\Téléchargements 2023-11-24 14:49 - 2021-02-27 17:15 - 000001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2023-11-22 20:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-22 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-22 10:22 - 2020-06-10 20:28 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-11-21 10:53 - 2020-06-09 08:27 - 000000000 ____D C:\Users\BRUNO\Documents\Documents JOSETTE 2023-11-21 10:25 - 2020-03-04 16:53 - 000000000 ____D C:\ProgramData\CanonIJPLM 2023-11-21 10:20 - 2023-07-02 20:58 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3954851323-185838848-2436664330-1002 2023-11-21 10:20 - 2023-07-02 19:47 - 000002468 _____ C:\Users\BRUNO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-11-21 09:14 - 2023-07-02 20:04 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-21 09:14 - 2019-12-07 15:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat 2023-11-21 09:14 - 2019-12-07 15:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat 2023-11-21 09:14 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-11-20 15:11 - 2020-06-09 08:21 - 000000000 ____D C:\Users\BRUNO\Documents\Documents BRUNO 2023-11-20 11:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-11-20 11:14 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-11-20 10:51 - 2023-07-02 19:36 - 000347328 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-11-20 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-11-20 10:42 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-11-20 10:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-11-20 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-11-20 10:40 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-11-20 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-11-20 10:38 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-11-20 10:38 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-20 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-11-20 10:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2023-11-19 22:41 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-11-19 22:41 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2023-11-19 22:41 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2023-11-19 15:33 - 2020-08-27 18:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-18 21:09 - 2023-07-02 19:42 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-11-16 17:00 - 2015-08-02 09:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-16 16:48 - 2015-08-02 09:23 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-11-16 16:18 - 2023-07-02 20:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-11-16 16:17 - 2023-04-01 09:28 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-11-16 16:17 - 2022-10-14 10:17 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-11-15 20:36 - 2015-09-17 16:42 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\MuseScore 2023-11-14 14:40 - 2020-06-09 08:14 - 000000000 ____D C:\Users\BRUNO\Documents\ADMINISTRATIF 2023-11-12 20:58 - 2017-09-14 13:06 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\Audacity 2023-11-11 21:10 - 2018-11-22 18:53 - 000000000 ____D C:\Program Files (x86)\Audacity 2023-11-11 21:09 - 2018-11-22 18:53 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2023-11-11 21:09 - 2018-11-22 18:53 - 000001087 _____ C:\Users\Public\Desktop\Audacity.lnk 2023-11-11 18:22 - 2015-07-31 23:51 - 000000000 ____D C:\Users\BRUNO\AppData\Local\Packages 2023-11-11 16:08 - 2019-01-17 15:18 - 000000000 ____D C:\Users\BRUNO\AppData\Roaming\GlarySoft 2023-11-11 16:07 - 2020-06-09 08:38 - 000000000 ___RD C:\Users\BRUNO\OneDrive 2023-11-11 15:59 - 2020-06-09 01:13 - 000000000 ____D C:\ProgramData\Packages 2023-11-11 15:58 - 2015-01-23 01:44 - 000000000 ____D C:\ProgramData\Package Cache 2023-11-04 08:22 - 2021-01-24 10:56 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-11-01 15:39 - 2019-01-17 15:26 - 000000000 ____D C:\ProgramData\GlarySoft ==================== Fichiers à la racine de certains dossiers ======== 2021-09-12 18:16 - 2023-11-24 17:53 - 003346080 _____ (Nicolas Coolman) C:\Users\BRUNO\ZHPCleaner.exe 2021-01-09 07:37 - 2021-01-09 07:37 - 123474793 _____ () C:\Program Files (x86)\openoffice1.cab 2021-01-09 07:34 - 2021-01-09 07:34 - 002469888 _____ () C:\Program Files (x86)\openoffice419.msi 2021-01-09 07:34 - 2021-01-09 07:34 - 000000279 _____ () C:\Program Files (x86)\setup.ini 2017-12-23 15:37 - 2017-12-23 16:18 - 000000115 _____ () C:\Users\BRUNO\AppData\Roaming\LogFile.txt 2017-11-14 16:07 - 2017-11-14 16:07 - 000001480 _____ () C:\Users\BRUNO\AppData\Roaming\uni.txt 2018-08-14 10:41 - 2020-06-08 23:23 - 007018808 _____ () C:\Users\BRUNO\AppData\Local\BTServer.log 2015-08-30 14:17 - 2020-06-27 10:23 - 000006144 _____ () C:\Users\BRUNO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-09-16 17:31 - 2018-09-16 17:31 - 000000017 _____ () C:\Users\BRUNO\AppData\Local\resmon.resmoncfg ==================== FLock ============================== 2016-01-29 21:05 C:\Users\BRUNO\Start Menu ==================== SigCheckExt ========================= 2019-03-13 10:32 - 2019-02-26 07:25 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy(820).dll 2015-01-23 02:01 - 2013-04-23 13:55 - 000003372 _____ C:\WINDOWS\system32\bt_only_chip_bt40_fw_asic_rom_patch.dll 2013-08-22 13:37 - 2013-06-18 16:03 - 000032256 _____ (CANON INC.) C:\WINDOWS\system32\CNHI10A.DLL 2013-08-22 13:37 - 2013-06-18 16:03 - 000180224 _____ (CANON INC.) C:\WINDOWS\system32\CNHL250.DLL 2013-08-22 13:37 - 2013-06-18 16:03 - 000206848 _____ (CANON INC.) C:\WINDOWS\system32\CNHLCL1.DLL 2013-08-22 13:37 - 2013-06-18 16:03 - 000019968 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCAN.DLL 2013-08-22 13:37 - 2013-06-18 16:03 - 000107520 _____ (CANON INC.) C:\WINDOWS\system32\CNHWCL1.DLL 2019-11-13 11:16 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(828).dll 2014-04-18 22:56 - 2014-04-18 22:56 - 000051200 _____ C:\WINDOWS\system32\kdbsdk64.dll 2019-06-19 08:50 - 2019-05-11 16:50 - 001441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(829).dll 2015-01-23 02:01 - 2013-10-08 16:00 - 000040916 _____ C:\WINDOWS\system32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll 2015-01-23 02:01 - 2013-05-20 16:55 - 000006752 _____ C:\WINDOWS\system32\rtl8723b_chip_bt40_fw_asic_rom_patch.dll 2015-01-23 02:01 - 2014-01-07 15:40 - 000041696 _____ C:\WINDOWS\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-01-23 02:01 - 2013-12-17 15:59 - 000049272 _____ C:\WINDOWS\system32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll 2015-01-23 02:01 - 2013-12-17 15:59 - 000049272 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll 2015-01-23 02:01 - 2013-12-17 15:59 - 000043376 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll 2015-01-23 02:01 - 2013-12-17 15:59 - 000051632 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll 2015-01-23 02:01 - 2013-12-17 15:59 - 000047316 _____ C:\WINDOWS\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-01-23 02:01 - 2014-01-17 17:44 - 000030384 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-01-23 01:57 - 2013-04-01 22:19 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll 2019-10-09 09:59 - 2019-08-31 17:50 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64(834).dll 2015-01-23 01:57 - 2014-03-24 11:37 - 000422400 _____ (Realtek) C:\WINDOWS\SwUSB.exe 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2019-11-13 11:16 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(838).dll 2015-01-23 01:50 - 2014-09-02 14:08 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll 2015-01-23 01:57 - 2010-12-01 08:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2014-04-18 22:51 - 2014-04-18 22:51 - 000038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll 2019-12-21 18:42 - 2003-08-07 15:01 - 000237568 _____ C:\WINDOWS\SysWOW64\lame_enc.dll 1998-07-12 23:00 - 1998-07-12 23:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL 1998-07-12 23:00 - 1998-07-12 23:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL 2001-08-28 13:00 - 2001-08-28 13:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll 2015-01-23 02:58 - 2016-03-05 17:10 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2018-09-12 17:06 - 2002-01-05 15:37 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2015-01-23 02:58 - 2016-03-05 17:10 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2019-12-21 18:42 - 2007-10-24 18:57 - 000835584 _____ (NCT) C:\WINDOWS\SysWOW64\NCTAudioCDGrabber2.dll 2019-12-21 18:42 - 2007-10-24 18:57 - 001986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTAudioFile2.dll 2019-12-21 18:42 - 2007-10-16 15:38 - 001212416 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTAudioInformation2.dll 2019-12-21 18:42 - 2005-02-24 11:51 - 000348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\NCTWMAFile2.dll 2000-10-02 05:00 - 2000-10-01 23:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 1998-07-12 23:00 - 1998-07-12 23:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKFR.DLL 2020-03-04 16:59 - 2015-03-12 05:00 - 000030208 _____ (CANON INC.) C:\WINDOWS\system32\spool\prtprocs\x64\1_CNMPDCT.DLL 2020-03-04 16:59 - 2015-03-12 05:00 - 000030208 _____ (CANON INC.) C:\WINDOWS\system32\spool\prtprocs\x64\2_CNMPDCT.DLL 2021-09-12 18:16 - 2023-11-24 17:53 - 003346080 _____ (Nicolas Coolman) C:\Users\BRUNO\ZHPCleaner.exe 2023-11-27 20:00 - 2023-11-27 20:00 - 002383872 _____ (Farbar) C:\Users\BRUNO\Desktop\FRST64.exe 2011-09-21 15:50 - 2021-09-16 13:02 - 001510400 _____ (The Shchuka's Place) C:\Users\BRUNO\Desktop\MergeMP3.exe 2023-11-27 19:57 - 2023-11-27 19:58 - 003515040 _____ (Nicolas Coolman) C:\Users\BRUNO\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {81aae6d6-a2dd-11e4-b0f1-806e6f6e6963} {81aae6d7-a2dd-11e4-b0f1-806e6f6e6963} {81aae6d4-a2dd-11e4-b0f1-806e6f6e6963} {81aae6d5-a2dd-11e4-b0f1-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {86e98d98-190f-11ee-9782-97b875b9b84c} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {81aae6d4-a2dd-11e4-b0f1-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {81aae6d5-a2dd-11e4-b0f1-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {81aae6d6-a2dd-11e4-b0f1-806e6f6e6963} description EFI Network Application logicielle (101fffff) -------------------------------- identificateur {81aae6d7-a2dd-11e4-b0f1-806e6f6e6963} description EFI USB Device (SanDisk) Application logicielle (101fffff) -------------------------------- identificateur {81aae6d8-a2dd-11e4-b0f1-806e6f6e6963} description EFI Network 0 for IPv4 (68-F7-28-6F-53-A7) Application logicielle (101fffff) -------------------------------- identificateur {81aae6d9-a2dd-11e4-b0f1-806e6f6e6963} description EFI Network 0 for IPv6 (68-F7-28-6F-53-A7) Chargeur de démarrage Windows ----------------------------- identificateur {7989d8ce-c7b1-442e-a50b-71aa29490904} device ramdisk=[C:]\Aomei\AomeiBoot.wim,{19df46f4-2c6b-4e24-880b-afb350a2e2af} description Aomei PE osdevice ramdisk=[C:]\Aomei\AomeiBoot.wim,{19df46f4-2c6b-4e24-880b-afb350a2e2af} systemroot \Windows nx OptIn detecthal Yes winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {9beda83f-1907-11ee-9e44-d5aeb6991ef0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {86e98d98-190f-11ee-9782-97b875b9b84c} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {9beda83f-1907-11ee-9e44-d5aeb6991ef0} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9beda840-1907-11ee-9e44-d5aeb6991ef0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{9beda840-1907-11ee-9e44-d5aeb6991ef0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {86e98d98-190f-11ee-9782-97b875b9b84c} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {9beda83f-1907-11ee-9e44-d5aeb6991ef0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {19df46f4-2c6b-4e24-880b-afb350a2e2af} ramdisksdidevice partition=C: ramdisksdipath \Aomei\AomeiBoot.sdi Options de périphérique ----------------------- identificateur {9beda840-1907-11ee-9e44-d5aeb6991ef0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================