Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Exécuté par DJA (administrateur) sur DJASUS (ASUSTeK COMPUTER INC. X75VD1) (28-08-2021 10:11:05)
Exécuté depuis C:\Users\DJA\Desktop\SECURITE
Profils chargés: DJA
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Computer, Inc.) [Fichier non signé] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Corel Corporation -> ) [Fichier non signé] C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera.exe <24>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera_crashreporter.exe
(Pierre GOUGELET -> XnView, hxxp://www.xnview.com) C:\Program Files (x86)\XnView\xnview.exe
(Power Technology -> ) [Fichier non signé] C:\Program Files (x86)\DFX\DFX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Protexis Inc. -> ) [Fichier non signé] C:\Windows\SysWOW64\PSIService.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe*********************************************
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (French)\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3126808 2020-09-02] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-07] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [] => [X]
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0387A80A-EEF3-4E8C-932B-C3D180424337} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [234344 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {109C5BF7-722B-4842-985F-94804D6DE2F7} - System32\Tasks\Opera scheduled Autoupdate 1554497204 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software)
Task: {16A448EC-C89D-468B-906A-696C145D7609} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [251624 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {28389DE7-695E-4DA7-B353-E9D2689F3927} - \{9DBA3937-F81B-43EF-8669-E5181DE174A1} -> Pas de fichier <==== ATTENTION
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {486B2422-F536-4554-BE58-CF8D3B6CD634} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {4E64CA03-38AE-4BFC-9205-172495D72169} - System32\Tasks\CCleanerSkipUAC - DJA => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FFEEE7F-67C0-48F0-BFFF-C480F4DC36B9} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {74456076-862C-4B74-AD4F-D2E8AD069829} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {780D84C2-F52E-4BF5-AA45-61AFEE3988F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {813EE2A9-8514-41BD-A71D-E1EF2DB1392F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651056 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {90D0B944-6DF9-424A-A3E1-EF33CA1FB0AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9283B5D1-BE88-4AFB-BEB8-8E8FDCC6EBEE} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {9AF02E1F-BE90-4C4D-951E-23E6C6ADE412} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9B4E5C17-2EE2-443D-A807-A6F01534AAD6} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1599912 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AF57DAB9-8F4A-4932-92D4-32C4AD2411C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-08-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {BA01905D-4FB4-41DD-B2C8-6A8380F4AF3C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {C721A7FB-0B2B-4403-ACC9-7ECB29F3D7CD} - System32\Tasks\Opera scheduled assistant Autoupdate 1582727068 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {CEA23D3A-A0CD-4EB9-8F72-E0C5046447D3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\DJA\Desktop\adwcleaner_8.3.0.exe
Task: {D4BCB854-BF64-490C-A7F0-9C8C0EF4CFA3} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-11-15] (Corel Corporation -> WinZip) [Fichier non signé]
Task: {EF4A374C-CC60-426A-B2AD-4530EA5DCC72} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
Task: {F2ED9946-0B68-4AD7-8C87-826257B430D0} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FA61C9C8-2AC4-479A-8DB5-4E0BA4523368} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{5EF82113-26BF-4903-85A7-2B447A565CBA}: [DhcpNameServer] 89.2.0.1 89.2.0.2
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DJA\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-28]
FireFox:
========
FF DefaultProfile: 1mcs3w4v.default
FF ProfilePath: C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default [2021-08-28]
FF Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-07-28]
FF Extension: (InvisibleHand) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2021-07-28]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-07-28]
FF Extension: (Video DownloadHelper) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable [2021-08-28]
OPR DownloadDir: C:\Users\DJA\Desktop
OPR Notifications: Opera Stable -> hxxps://en.bloggif.com; hxxps://fr.madloto.com; hxxps://fr.savefrom.net; hxxps://mycima.ch; hxxps://mycima.onl; hxxps://pu6.biz; hxxps://www.grands-meres.net; hxxps://www.tvfun.live
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (YouTube MP3 Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\danfmmfbeaomffmgdnpgofcmphkpobii [2019-05-23]
OPR Extension: (Video Downloader Prime) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\diefijfleiebcgdkmaefbjehgcokpdjl [2019-07-10]
OPR Extension: (Youtube Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\enpmcplhdgmglcikkcgoeepoalooagbg [2021-05-30]
OPR Extension: (DotVPN - mieux que VPN.) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2019-09-25]
OPR Extension: (VDP: Best Video Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2019-07-11]
OPR Extension: (Simple YouTube MP3 Button) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lpoiolmknlakaomcmopanekpndocbbci [2019-06-07]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-04-07]
OPR Extension: (SaveFrom.net Helper) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2021-08-11]
OPR Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmpmnoinbkdojlnknogfeoagmhmhgakc [2019-12-28]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [249936 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [844888 2019-09-27] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2020-01-05] (Macrovision Europe Ltd.) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
U2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [174656 2006-11-02] (Protexis Inc. -> ) [Fichier non signé]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] (Corel Corporation -> ) [Fichier non signé]
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207864 2021-08-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc. -> McAfee, Inc.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2019-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-28 10:04 - 2021-08-28 10:04 - 000418739 _____ C:\Users\DJA\Desktop\ZHPDiag.html
2021-08-28 10:04 - 2021-08-28 10:04 - 000340563 _____ C:\Users\DJA\Desktop\ZHPDiag.txt
2021-08-28 09:10 - 2021-08-28 09:10 - 006800432 _____ C:\Users\DJA\Desktop\Love-roses-2502527.zip
2021-08-28 09:09 - 2021-08-28 09:09 - 000822031 _____ C:\Users\DJA\Desktop\LUNECHATSilhouette-of-Cat-Sitting-on-15836259.zip
2021-08-27 22:36 - 2021-08-27 22:39 - 864844180 _____ C:\Users\DJA\Desktop\Ici tout commence_RTBF.be_2021_08_27_18_44.ts
2021-08-26 22:20 - 2021-08-24 10:54 - 000001977 _____ C:\Users\DJA\Desktop\MBAM.txt
2021-08-26 00:13 - 2021-08-26 00:13 - 000002800 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DJA
2021-08-24 23:21 - 2021-08-24 23:29 - 231835130 _____ C:\Users\DJA\Desktop\T 56.mp4
2021-08-24 23:10 - 2021-08-24 23:18 - 225841317 _____ C:\Users\DJA\Desktop\T 55.mp4
2021-08-24 14:42 - 2021-08-28 10:11 - 000000000 ___RD C:\Users\DJA\Desktop\SECURITE
2021-08-22 23:42 - 2021-08-24 10:46 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-22 23:42 - 2021-08-22 23:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-22 23:42 - 2021-08-22 23:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Users\DJA\AppData\Local\mbam
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-22 23:33 - 2021-08-22 23:33 - 000003094 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2021-08-22 10:14 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\FRST-OlderVersion
2021-08-22 10:13 - 2021-08-28 10:11 - 000000000 ____D C:\FRST
2021-08-21 22:50 - 2021-08-21 22:56 - 1132408412 _____ C:\Users\DJA\Desktop\Bel & bien - Bel & bien_France 2_2021_08_21_10_01.ts
2021-08-20 23:03 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\ZHPSuite
2021-08-18 14:32 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2021-08-18 14:32 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2021-08-18 10:40 - 2021-08-18 10:40 - 000098105 _____ C:\Users\DJA\Desktop\lettres_information_pcastuces_6320-6336.zip
2021-08-18 08:42 - 2021-08-18 08:42 - 060993662 _____ C:\Users\DJA\Desktop\La prière expliquée aux petits et débutants.mp4
2021-08-16 17:54 - 2019-04-07 19:59 - 000000926 _____ C:\Users\DJA\Desktop\Firefox.lnk
2021-08-15 11:02 - 2021-08-15 11:09 - 213519103 _____ C:\Users\DJA\Desktop\T 54.mp4
2021-08-11 18:42 - 2021-08-11 18:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-09 17:56 - 2021-08-09 23:27 - 000000966 _____ C:\Users\DJA\Desktop\Captvty - Raccourci.lnk
2021-08-09 17:56 - 2021-08-09 17:56 - 000000000 ____D C:\Users\DJA\AppData\Local\Intel_Corporation
2021-08-04 11:40 - 2021-08-11 22:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-19 16:14 - 2021-08-23 15:47 - 000000000 ____D C:\Users\DJA\Desktop\TOTALEMENT DIVA
2021-07-13 16:36 - 2021-07-13 16:36 - 000002646 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-06-21 11:38 - 2021-06-21 11:38 - 000003232 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-18 17:37 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2021-06-18 17:37 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-18 17:37 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-18 17:37 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-16 11:20 - 2021-06-16 11:20 - 005780594 _____ C:\Users\DJA\Desktop\recorded-6058124270919.MP4
2021-05-30 18:16 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\AppData\Local\FreemakeVideoConverter
2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\Documents\Freemake
2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\ProgramData\Freemake
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-28 10:06 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Roaming\ZHP
2021-08-28 09:58 - 2019-04-06 14:44 - 000000000 ____D C:\Users\DJA\AppData\Roaming\XnView
2021-08-28 09:26 - 2019-04-05 19:15 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4147460290-4163528885-2369840599-1002
2021-08-28 09:21 - 2020-09-12 17:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-28 09:21 - 2020-09-12 17:33 - 000002208 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-28 09:09 - 2014-11-21 00:46 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-28 09:09 - 2014-11-21 00:03 - 000806842 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-28 09:09 - 2014-11-21 00:03 - 000156662 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-28 09:09 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2021-08-28 09:08 - 2019-04-16 17:00 - 000000000 ____D C:\Users\DJA\Desktop\NEW
2021-08-28 09:03 - 2019-04-11 19:13 - 000000000 ____D C:\Program Files\CCleaner
2021-08-28 09:02 - 2019-11-25 20:33 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2021-08-28 09:02 - 2019-11-25 15:52 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-08-28 09:02 - 2019-11-25 15:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-08-28 09:02 - 2013-05-15 12:11 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-28 09:01 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-27 22:36 - 2017-12-07 20:43 - 000000000 ____D C:\Users\DJA\Desktop\CAPTV
2021-08-27 14:52 - 2021-05-23 15:37 - 000001816 _____ C:\Users\DJA\Desktop\Partages.txt
2021-08-27 14:13 - 2021-04-15 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-08-27 14:13 - 2020-09-02 21:53 - 000003598 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-08-26 21:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-26 21:51 - 2019-04-11 19:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-26 10:23 - 2020-07-29 10:33 - 000000000 ____D C:\Users\DJA\Desktop\EFFECTS
2021-08-26 00:14 - 2019-04-26 10:54 - 000000000 ____D C:\Users\DJA\AppData\Local\CrashDumps
2021-08-25 09:07 - 2020-12-28 17:58 - 000000000 ____D C:\Users\DJA\Desktop\ABONDANCE
2021-08-24 23:49 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-08-24 11:22 - 2019-04-28 09:23 - 000000000 ____D C:\Users\DJA\Desktop\CRAFTS
2021-08-22 23:33 - 2012-11-27 06:09 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-08-22 22:58 - 2019-04-07 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-22 22:56 - 2012-11-27 06:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-08-22 19:29 - 2020-12-29 17:22 - 000000000 ____D C:\Users\DJA\Desktop\369
2021-08-22 10:00 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Local\ZHP
2021-08-21 18:38 - 2020-12-13 12:15 - 000000000 ____D C:\Users\DJA\Desktop\2021
2021-08-20 22:44 - 2020-12-17 10:18 - 000000000 ____D C:\Users\DJA\Desktop\REYHAN
2021-08-19 09:02 - 2019-04-07 19:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-19 09:02 - 2016-11-18 16:41 - 000000000 ____D C:\Users\DJA\AppData\LocalLow\Mozilla
2021-08-18 23:15 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-18 23:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-08-18 23:08 - 2019-04-09 15:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-18 23:05 - 2019-04-09 15:33 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-18 14:38 - 2013-08-22 16:44 - 003771816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-18 08:50 - 2020-09-12 17:33 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 08:50 - 2020-09-12 17:33 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 14:51 - 2013-08-30 10:05 - 000000000 ____D C:\Users\DJA\Documents\My PSP Files
2021-08-16 13:56 - 2019-05-06 20:31 - 000000000 ____D C:\Users\DJA
2021-08-12 11:21 - 2019-05-07 16:50 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-11 18:42 - 2019-04-07 19:59 - 000000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-10 22:30 - 2019-05-02 20:06 - 000207864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2021-08-10 18:52 - 2019-04-05 23:03 - 000000000 ____D C:\Users\DJA\AppData\Roaming\vlc
==================== Fichiers à la racine de certains dossiers ========
2003-01-30 01:23 - 2001-07-17 16:15 - 000066680 _____ () C:\Program Files (x86)\ARDS1.ttf
2019-04-07 23:21 - 2011-05-25 06:30 - 000684032 _____ (SCI Fhotoroom.) C:\Program Files (x86)\Dreamy.8bf
2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe
2002-12-27 10:47 - 2002-07-28 22:40 - 001059840 _____ (Auto FX Software) C:\Program Files (x86)\DS_Bonus_Plugin.8bf
2002-09-19 13:20 - 2003-05-01 13:59 - 001413120 _____ (Auto FX Software) C:\Program Files (x86)\DS_PlugIn.8bf
2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe
2003-01-20 13:07 - 2003-01-30 19:20 - 001396736 _____ (Auto FX Software) C:\Program Files (x86)\Mystical_PlugIn.8bf
2008-12-04 12:06 - 2008-12-16 11:44 - 001516544 _____ (Auto FX Software) C:\Program Files (x86)\PGE7_Demo_PlugIn.8bf
2019-04-07 13:55 - 2019-04-07 13:55 - 000217464 _____ () C:\Program Files (x86)\PGE7_Demo_Uninstall.log
2019-04-07 23:21 - 2009-09-22 01:47 - 002745256 _____ (Microsoft Corporation) C:\Program Files (x86)\vcredist_x86.exe
==================== SigCheckExt =========================
2019-05-08 19:18 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe
2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe
2012-12-19 13:48 - 2012-12-19 13:48 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\msvcr71.dll
2012-12-19 13:48 - 2012-12-19 13:48 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\MSVCRTD.DLL
2019-04-07 18:35 - 1999-12-17 11:13 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2013-05-15 12:26 - 2012-09-11 15:01 - 000192000 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe
2013-05-15 12:05 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2006-02-28 13:41 - 2006-02-28 13:41 - 000061440 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dns-sd.exe
2006-02-28 13:41 - 2006-02-28 13:41 - 000053248 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dnssd.dll
2012-04-20 14:59 - 2012-04-20 14:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2013-05-15 12:27 - 2013-05-15 12:27 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2013-05-15 12:27 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 001456704 _____ (Protexis Inc.) C:\WINDOWS\SysWOW64\PSIKey.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 000174656 _____ C:\WINDOWS\SysWOW64\PSIService.exe
2007-03-21 21:54 - 2007-03-21 21:54 - 000077312 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWAIN_32.DLL
2007-03-21 21:54 - 2007-03-21 21:54 - 000048560 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_16.EXE
2007-03-21 21:54 - 2007-03-21 21:54 - 000069632 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_32.EXE
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2019-06-15 18:22 - 2019-06-15 18:22 - 039926376 _____ (DownloadHelper ) C:\Users\DJA\Downloads\VdhCoAppSetup-1.2.4.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 10
Chargeur de d‚marrage Windows
-----------------------------
identificateur {819568b3-0ca1-11e3-8c88-f14ca22d013a}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-GB
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {819568be-0ca1-11e3-8c88-f14ca22d013a}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dfa40cb0-bd88-11e2-b052-bfa0a6c62be0}
device ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568aa-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568b1-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {819568b3-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568bc-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {819568ac-0ca1-11e3-8c88-f14ca22d013a}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568b4-0ca1-11e3-8c88-f14ca22d013a}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568bb-0ca1-11e3-8c88-f14ca22d013a}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568bf-0ca1-11e3-8c88-f14ca22d013a}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice unknown
ramdisksdipath \boot\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2020-09-04 11:20
==================== Fin de FRST.txt ========================
Exécuté par DJA (administrateur) sur DJASUS (ASUSTeK COMPUTER INC. X75VD1) (28-08-2021 10:11:05)
Exécuté depuis C:\Users\DJA\Desktop\SECURITE
Profils chargés: DJA
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Computer, Inc.) [Fichier non signé] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Corel Corporation -> ) [Fichier non signé] C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera.exe <24>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera_crashreporter.exe
(Pierre GOUGELET -> XnView, hxxp://www.xnview.com) C:\Program Files (x86)\XnView\xnview.exe
(Power Technology -> ) [Fichier non signé] C:\Program Files (x86)\DFX\DFX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Protexis Inc. -> ) [Fichier non signé] C:\Windows\SysWOW64\PSIService.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe*********************************************
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (French)\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3126808 2020-09-02] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-07] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [] => [X]
HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0387A80A-EEF3-4E8C-932B-C3D180424337} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [234344 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {109C5BF7-722B-4842-985F-94804D6DE2F7} - System32\Tasks\Opera scheduled Autoupdate 1554497204 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software)
Task: {16A448EC-C89D-468B-906A-696C145D7609} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [251624 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {28389DE7-695E-4DA7-B353-E9D2689F3927} - \{9DBA3937-F81B-43EF-8669-E5181DE174A1} -> Pas de fichier <==== ATTENTION
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {486B2422-F536-4554-BE58-CF8D3B6CD634} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {4E64CA03-38AE-4BFC-9205-172495D72169} - System32\Tasks\CCleanerSkipUAC - DJA => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FFEEE7F-67C0-48F0-BFFF-C480F4DC36B9} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {74456076-862C-4B74-AD4F-D2E8AD069829} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {780D84C2-F52E-4BF5-AA45-61AFEE3988F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {813EE2A9-8514-41BD-A71D-E1EF2DB1392F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651056 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {90D0B944-6DF9-424A-A3E1-EF33CA1FB0AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9283B5D1-BE88-4AFB-BEB8-8E8FDCC6EBEE} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {9AF02E1F-BE90-4C4D-951E-23E6C6ADE412} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9B4E5C17-2EE2-443D-A807-A6F01534AAD6} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1599912 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {AF57DAB9-8F4A-4932-92D4-32C4AD2411C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-08-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {BA01905D-4FB4-41DD-B2C8-6A8380F4AF3C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {C721A7FB-0B2B-4403-ACC9-7ECB29F3D7CD} - System32\Tasks\Opera scheduled assistant Autoupdate 1582727068 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {CEA23D3A-A0CD-4EB9-8F72-E0C5046447D3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\DJA\Desktop\adwcleaner_8.3.0.exe
Task: {D4BCB854-BF64-490C-A7F0-9C8C0EF4CFA3} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-11-15] (Corel Corporation -> WinZip) [Fichier non signé]
Task: {EF4A374C-CC60-426A-B2AD-4530EA5DCC72} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
Task: {F2ED9946-0B68-4AD7-8C87-826257B430D0} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FA61C9C8-2AC4-479A-8DB5-4E0BA4523368} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{5EF82113-26BF-4903-85A7-2B447A565CBA}: [DhcpNameServer] 89.2.0.1 89.2.0.2
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DJA\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-28]
FireFox:
========
FF DefaultProfile: 1mcs3w4v.default
FF ProfilePath: C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default [2021-08-28]
FF Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-07-28]
FF Extension: (InvisibleHand) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2021-07-28]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-07-28]
FF Extension: (Video DownloadHelper) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable [2021-08-28]
OPR DownloadDir: C:\Users\DJA\Desktop
OPR Notifications: Opera Stable -> hxxps://en.bloggif.com; hxxps://fr.madloto.com; hxxps://fr.savefrom.net; hxxps://mycima.ch; hxxps://mycima.onl; hxxps://pu6.biz; hxxps://www.grands-meres.net; hxxps://www.tvfun.live
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (YouTube MP3 Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\danfmmfbeaomffmgdnpgofcmphkpobii [2019-05-23]
OPR Extension: (Video Downloader Prime) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\diefijfleiebcgdkmaefbjehgcokpdjl [2019-07-10]
OPR Extension: (Youtube Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\enpmcplhdgmglcikkcgoeepoalooagbg [2021-05-30]
OPR Extension: (DotVPN - mieux que VPN.) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2019-09-25]
OPR Extension: (VDP: Best Video Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2019-07-11]
OPR Extension: (Simple YouTube MP3 Button) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lpoiolmknlakaomcmopanekpndocbbci [2019-06-07]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-04-07]
OPR Extension: (SaveFrom.net Helper) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2021-08-11]
OPR Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmpmnoinbkdojlnknogfeoagmhmhgakc [2019-12-28]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [249936 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [844888 2019-09-27] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2020-01-05] (Macrovision Europe Ltd.) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
U2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [174656 2006-11-02] (Protexis Inc. -> ) [Fichier non signé]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] (Corel Corporation -> ) [Fichier non signé]
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207864 2021-08-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc. -> McAfee, Inc.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-22] (Malwarebytes Inc -> Malwarebytes)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc. -> McAfee, Inc.)
R3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2019-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-28 10:04 - 2021-08-28 10:04 - 000418739 _____ C:\Users\DJA\Desktop\ZHPDiag.html
2021-08-28 10:04 - 2021-08-28 10:04 - 000340563 _____ C:\Users\DJA\Desktop\ZHPDiag.txt
2021-08-28 09:10 - 2021-08-28 09:10 - 006800432 _____ C:\Users\DJA\Desktop\Love-roses-2502527.zip
2021-08-28 09:09 - 2021-08-28 09:09 - 000822031 _____ C:\Users\DJA\Desktop\LUNECHATSilhouette-of-Cat-Sitting-on-15836259.zip
2021-08-27 22:36 - 2021-08-27 22:39 - 864844180 _____ C:\Users\DJA\Desktop\Ici tout commence_RTBF.be_2021_08_27_18_44.ts
2021-08-26 22:20 - 2021-08-24 10:54 - 000001977 _____ C:\Users\DJA\Desktop\MBAM.txt
2021-08-26 00:13 - 2021-08-26 00:13 - 000002800 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DJA
2021-08-24 23:21 - 2021-08-24 23:29 - 231835130 _____ C:\Users\DJA\Desktop\T 56.mp4
2021-08-24 23:10 - 2021-08-24 23:18 - 225841317 _____ C:\Users\DJA\Desktop\T 55.mp4
2021-08-24 14:42 - 2021-08-28 10:11 - 000000000 ___RD C:\Users\DJA\Desktop\SECURITE
2021-08-22 23:42 - 2021-08-24 10:46 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-22 23:42 - 2021-08-22 23:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-22 23:42 - 2021-08-22 23:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Users\DJA\AppData\Local\mbam
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-22 23:33 - 2021-08-22 23:33 - 000003094 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2021-08-22 10:14 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\FRST-OlderVersion
2021-08-22 10:13 - 2021-08-28 10:11 - 000000000 ____D C:\FRST
2021-08-21 22:50 - 2021-08-21 22:56 - 1132408412 _____ C:\Users\DJA\Desktop\Bel & bien - Bel & bien_France 2_2021_08_21_10_01.ts
2021-08-20 23:03 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\ZHPSuite
2021-08-18 14:32 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2021-08-18 14:32 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2021-08-18 10:40 - 2021-08-18 10:40 - 000098105 _____ C:\Users\DJA\Desktop\lettres_information_pcastuces_6320-6336.zip
2021-08-18 08:42 - 2021-08-18 08:42 - 060993662 _____ C:\Users\DJA\Desktop\La prière expliquée aux petits et débutants.mp4
2021-08-16 17:54 - 2019-04-07 19:59 - 000000926 _____ C:\Users\DJA\Desktop\Firefox.lnk
2021-08-15 11:02 - 2021-08-15 11:09 - 213519103 _____ C:\Users\DJA\Desktop\T 54.mp4
2021-08-11 18:42 - 2021-08-11 18:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-09 17:56 - 2021-08-09 23:27 - 000000966 _____ C:\Users\DJA\Desktop\Captvty - Raccourci.lnk
2021-08-09 17:56 - 2021-08-09 17:56 - 000000000 ____D C:\Users\DJA\AppData\Local\Intel_Corporation
2021-08-04 11:40 - 2021-08-11 22:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-19 16:14 - 2021-08-23 15:47 - 000000000 ____D C:\Users\DJA\Desktop\TOTALEMENT DIVA
2021-07-13 16:36 - 2021-07-13 16:36 - 000002646 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-06-21 11:38 - 2021-06-21 11:38 - 000003232 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-18 17:37 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2021-06-18 17:37 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-18 17:37 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-18 17:37 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-16 11:20 - 2021-06-16 11:20 - 005780594 _____ C:\Users\DJA\Desktop\recorded-6058124270919.MP4
2021-05-30 18:16 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\AppData\Local\FreemakeVideoConverter
2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\Documents\Freemake
2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\ProgramData\Freemake
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-28 10:06 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Roaming\ZHP
2021-08-28 09:58 - 2019-04-06 14:44 - 000000000 ____D C:\Users\DJA\AppData\Roaming\XnView
2021-08-28 09:26 - 2019-04-05 19:15 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4147460290-4163528885-2369840599-1002
2021-08-28 09:21 - 2020-09-12 17:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-28 09:21 - 2020-09-12 17:33 - 000002208 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-28 09:09 - 2014-11-21 00:46 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-28 09:09 - 2014-11-21 00:03 - 000806842 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-28 09:09 - 2014-11-21 00:03 - 000156662 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-28 09:09 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2021-08-28 09:08 - 2019-04-16 17:00 - 000000000 ____D C:\Users\DJA\Desktop\NEW
2021-08-28 09:03 - 2019-04-11 19:13 - 000000000 ____D C:\Program Files\CCleaner
2021-08-28 09:02 - 2019-11-25 20:33 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2021-08-28 09:02 - 2019-11-25 15:52 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-08-28 09:02 - 2019-11-25 15:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-08-28 09:02 - 2013-05-15 12:11 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-28 09:01 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-27 22:36 - 2017-12-07 20:43 - 000000000 ____D C:\Users\DJA\Desktop\CAPTV
2021-08-27 14:52 - 2021-05-23 15:37 - 000001816 _____ C:\Users\DJA\Desktop\Partages.txt
2021-08-27 14:13 - 2021-04-15 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-08-27 14:13 - 2020-09-02 21:53 - 000003598 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-08-26 21:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-26 21:51 - 2019-04-11 19:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-26 10:23 - 2020-07-29 10:33 - 000000000 ____D C:\Users\DJA\Desktop\EFFECTS
2021-08-26 00:14 - 2019-04-26 10:54 - 000000000 ____D C:\Users\DJA\AppData\Local\CrashDumps
2021-08-25 09:07 - 2020-12-28 17:58 - 000000000 ____D C:\Users\DJA\Desktop\ABONDANCE
2021-08-24 23:49 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-08-24 11:22 - 2019-04-28 09:23 - 000000000 ____D C:\Users\DJA\Desktop\CRAFTS
2021-08-22 23:33 - 2012-11-27 06:09 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-08-22 22:58 - 2019-04-07 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-22 22:56 - 2012-11-27 06:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-08-22 19:29 - 2020-12-29 17:22 - 000000000 ____D C:\Users\DJA\Desktop\369
2021-08-22 10:00 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Local\ZHP
2021-08-21 18:38 - 2020-12-13 12:15 - 000000000 ____D C:\Users\DJA\Desktop\2021
2021-08-20 22:44 - 2020-12-17 10:18 - 000000000 ____D C:\Users\DJA\Desktop\REYHAN
2021-08-19 09:02 - 2019-04-07 19:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-19 09:02 - 2016-11-18 16:41 - 000000000 ____D C:\Users\DJA\AppData\LocalLow\Mozilla
2021-08-18 23:15 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-18 23:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-08-18 23:08 - 2019-04-09 15:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-18 23:05 - 2019-04-09 15:33 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-18 14:38 - 2013-08-22 16:44 - 003771816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-18 08:50 - 2020-09-12 17:33 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 08:50 - 2020-09-12 17:33 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 14:51 - 2013-08-30 10:05 - 000000000 ____D C:\Users\DJA\Documents\My PSP Files
2021-08-16 13:56 - 2019-05-06 20:31 - 000000000 ____D C:\Users\DJA
2021-08-12 11:21 - 2019-05-07 16:50 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-11 18:42 - 2019-04-07 19:59 - 000000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-10 22:30 - 2019-05-02 20:06 - 000207864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2021-08-10 18:52 - 2019-04-05 23:03 - 000000000 ____D C:\Users\DJA\AppData\Roaming\vlc
==================== Fichiers à la racine de certains dossiers ========
2003-01-30 01:23 - 2001-07-17 16:15 - 000066680 _____ () C:\Program Files (x86)\ARDS1.ttf
2019-04-07 23:21 - 2011-05-25 06:30 - 000684032 _____ (SCI Fhotoroom.) C:\Program Files (x86)\Dreamy.8bf
2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe
2002-12-27 10:47 - 2002-07-28 22:40 - 001059840 _____ (Auto FX Software) C:\Program Files (x86)\DS_Bonus_Plugin.8bf
2002-09-19 13:20 - 2003-05-01 13:59 - 001413120 _____ (Auto FX Software) C:\Program Files (x86)\DS_PlugIn.8bf
2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe
2003-01-20 13:07 - 2003-01-30 19:20 - 001396736 _____ (Auto FX Software) C:\Program Files (x86)\Mystical_PlugIn.8bf
2008-12-04 12:06 - 2008-12-16 11:44 - 001516544 _____ (Auto FX Software) C:\Program Files (x86)\PGE7_Demo_PlugIn.8bf
2019-04-07 13:55 - 2019-04-07 13:55 - 000217464 _____ () C:\Program Files (x86)\PGE7_Demo_Uninstall.log
2019-04-07 23:21 - 2009-09-22 01:47 - 002745256 _____ (Microsoft Corporation) C:\Program Files (x86)\vcredist_x86.exe
==================== SigCheckExt =========================
2019-05-08 19:18 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe
2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe
2012-12-19 13:48 - 2012-12-19 13:48 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\msvcr71.dll
2012-12-19 13:48 - 2012-12-19 13:48 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\MSVCRTD.DLL
2019-04-07 18:35 - 1999-12-17 11:13 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2013-05-15 12:26 - 2012-09-11 15:01 - 000192000 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe
2013-05-15 12:05 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2006-02-28 13:41 - 2006-02-28 13:41 - 000061440 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dns-sd.exe
2006-02-28 13:41 - 2006-02-28 13:41 - 000053248 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dnssd.dll
2012-04-20 14:59 - 2012-04-20 14:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2013-05-15 12:27 - 2013-05-15 12:27 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2013-05-15 12:27 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 001456704 _____ (Protexis Inc.) C:\WINDOWS\SysWOW64\PSIKey.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 000174656 _____ C:\WINDOWS\SysWOW64\PSIService.exe
2007-03-21 21:54 - 2007-03-21 21:54 - 000077312 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWAIN_32.DLL
2007-03-21 21:54 - 2007-03-21 21:54 - 000048560 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_16.EXE
2007-03-21 21:54 - 2007-03-21 21:54 - 000069632 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_32.EXE
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2019-06-15 18:22 - 2019-06-15 18:22 - 039926376 _____ (DownloadHelper ) C:\Users\DJA\Downloads\VdhCoAppSetup-1.2.4.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 10
Chargeur de d‚marrage Windows
-----------------------------
identificateur {819568b3-0ca1-11e3-8c88-f14ca22d013a}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-GB
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {819568be-0ca1-11e3-8c88-f14ca22d013a}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dfa40cb0-bd88-11e2-b052-bfa0a6c62be0}
device ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
osdevice ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568aa-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568b1-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {819568b3-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {819568bc-0ca1-11e3-8c88-f14ca22d013a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {819568ac-0ca1-11e3-8c88-f14ca22d013a}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568b4-0ca1-11e3-8c88-f14ca22d013a}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568bb-0ca1-11e3-8c88-f14ca22d013a}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {819568bf-0ca1-11e3-8c88-f14ca22d013a}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk options
ramdisksdidevice unknown
ramdisksdipath \boot\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {dfa40cb2-bd88-11e2-b052-bfa0a6c62be0}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2020-09-04 11:20
==================== Fin de FRST.txt ========================