Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2021
Exécuté par lilvi (administrateur) sur DESKTOP-R5NPV4B (ASUSTeK COMPUTER INC. UX430UAR) (09-09-2021 11:20:13)
Exécuté depuis C:\Users\lilvi\Downloads
Profils chargés: lilvi
Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Discord Inc. -> Discord Inc.) C:\Users\lilvi\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\ElanFP\ELANFPService.exe
(EnTech Taiwan -> EnTech Taiwan) [Fichier non signé] C:\Program Files (x86)\iRotate\iRotate.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3cf4f6fdbcf7ab9d\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [13082608 2016-12-15] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [Discord] => C:\Users\lilvi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\lilvi\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-11-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13728096 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-01] (Google LLC -> Google LLC)
Startup: C:\Users\lilvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk [2018-08-13]
ShortcutTarget: iRotate.lnk -> C:\Program Files (x86)\iRotate\iRotate.exe (EnTech Taiwan -> EnTech Taiwan) [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00E9B2EC-2D5E-421E-B921-D81C0E2088EF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {016DC956-A93D-489E-B4B0-D4CFFE3D0061} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {0864B94F-59D6-45B7-A3B1-2ECD4F9F7F26} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {13DA9FCC-E5F8-4C0A-ACD9-4F08EC5B5C7E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Task: {198DB372-8E7B-4093-A133-4A3FFB622B8A} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Task: {28CD062A-2AA2-432F-B31D-519BD0F32F24} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {2CF7689D-E6E9-400E-838C-D3870EE09937} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {467D4731-CFA2-4CB5-9912-868D97AC1AFD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {561F0D07-469F-4891-8B63-D55F3928D7CF} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-07-08] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {575F80D0-CDEC-489C-A794-E4103A50692B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {62E96E2E-AE80-43F9-830A-AD689C4140B2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {63EB582D-EF41-4654-A0A7-515A3DD85FF8} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6EEB9C9A-3CEF-4BDF-93A0-E5EDB523844C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {6F27C37C-2FC4-4BEE-84A3-1973D9E964EA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71E87AE7-F65C-4F8E-AFD9-FD9B152010E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
Task: {7A41804A-DF24-4358-B603-DCA24F3421A3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {8FE94418-04D1-4558-8EE3-5CBFCEB7AE8F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1553296 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {961D7678-7B5E-4CAE-97C2-D4F1FF541923} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F468110-3693-435C-9CB0-DD57DA3E54EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-13] (Google Inc -> Google Inc.)
Task: {C5EAB0A3-328E-44F9-995D-594F9A62CD2F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C6904358-21D5-4360-9CD5-F07500A2B2C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [Fichier non signé]
Task: {CB9EFB6A-51A6-46AC-84E5-C1D32CEDF87E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-13] (Google Inc -> Google Inc.)
Task: {D065AB05-5648-4153-A8B3-1777BF8E2BC9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [77312 2017-07-21] (ASUS) [Fichier non signé]
Task: {DFB2BEDB-D8E8-4620-AD56-79A2A63D245F} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
Task: {E4ABBA1D-DA57-4335-9971-13A5A3BCA281} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FFC63BE4-9CB0-4CF2-AF1B-AD8026E31C31} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {FFD40002-1A00-4460-BB1D-DB66AC558391} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{a12bd46d-4a46-40fa-b811-0bf0d53ada3f}: [DhcpNameServer] 10.66.88.1
Tcpip\..\Interfaces\{dcfff379-4fe1-493e-bb67-7795a6e6d129}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\lilvi\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-11]
FireFox:
========
FF DefaultProfile: pkewo9xr.default-1541096324496
FF ProfilePath: C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 [2021-09-09]
FF NewTab: Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-09-18 10:06:48&bName=&bitmask=0600
FF Session Restore: Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 -> est activé.
FF Extension: (AdGuard AdBlocker) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\adguardadblocker@adguard.com.xpi [2021-08-26]
FF Extension: (Save webP as PNG or JPEG) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\savewebpas@jeffersonscher.com.xpi [2021-05-21]
FF Extension: (ANIMATED Sakura by candelora) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{03b45ad7-22b7-4597-a02e-b2b30f156f82}.xpi [2021-07-12]
FF Extension: (FFX Developer Ayu Dark) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{05142269-fbc1-4883-908d-f596287d95ab}.xpi [2021-04-23]
FF Extension: (Instab) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{0de715bd-3ed0-4288-bb5e-cfcbce2bbe72}.xpi [2021-04-27]
FF Extension: (Japan Rain) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{0ff34f0e-0d9e-46d1-ab94-62f39b936628}.xpi [2021-04-06]
FF Extension: (vector smoking rainbow_01 by candelora) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{1b45a408-08e8-4205-9b04-d5d8133bec36}.xpi [2021-07-13]
FF Extension: (Dark space - The best dynamic theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{22b0eca1-8c02-4c0d-a5d7-6604ddd9836e}.xpi [2021-06-04]
FF Extension: (Dark Cubes) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2021-04-23]
FF Extension: (Youtube to MP3 Converter - YTMP3.EU) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{2eded70b-8e41-4c8a-8067-771da68fe474}.xpi [2021-06-16]
FF Extension: (Dark & Purple Galaxy) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{3442137a-ac5c-4d28-a970-9446f86d1a80}.xpi [2021-04-23]
FF Extension: (Colorful Fractal) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{36c0bcea-70d9-4400-b2ea-f43c385507e6}.xpi [2019-05-13]
FF Extension: (Black Rain (Animated)) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{3e866059-1715-4a17-906c-02db9b30930e}.xpi [2021-05-12]
FF Extension: (Sweet-Dark) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{59f619c8-220b-4a27-8918-bf1537bc060a}.xpi [2021-04-23]
FF Extension: (Deep Dark Blue Forest) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-13]
FF Extension: (DarkMagic) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{5f3d72a6-5ae0-4d03-8bf4-21f2b0ab1010}.xpi [2021-04-06]
FF Extension: (Full Moon Kitty) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{61e121e7-422f-4c7d-811a-e881aaea5570}.xpi [2019-05-13]
FF Extension: ([animated] Rain Storm) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{627fb92c-9fe4-4137-a933-83b5e77df592}.xpi [2021-06-04]
FF Extension: (kanagawa wave) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{65b5f455-a810-41d4-82f7-a5e30c2d3f62}.xpi [2019-05-13]
FF Extension: (A Light in Space by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{6e68ac2f-4352-427d-ae23-bf7a2b854aed}.xpi [2021-07-23]
FF Extension: (Purple Twinkle) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{7a43f8ef-36e2-4a16-b2aa-8a8d797b716c}.xpi [2021-06-04]
FF Extension: (Sakura Blossoms & Birds by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{82f753d5-3a7c-4b9e-9bd3-675331e8250f}.xpi [2021-06-01]
FF Extension: (Pas de nom) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{8b344d1d-265c-4d48-8418-0b522359bad2}.xpi [2021-07-03]
FF Extension: (Rain Storm) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{9d7f5930-bcae-480c-bc02-64d5ea53b2ea}.xpi [2021-04-23]
FF Extension: (Web of Trust) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10]
FF Extension: (Matte Black (Red)) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-06-04]
FF Extension: (Electric Chaos) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{b19e830e-f526-4b95-ab9b-0f84327eee1b}.xpi [2019-05-13]
FF Extension: (Video DownloadHelper) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (A Purple Neon *****) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c1a22d79-f1ea-4ade-82bc-89e3bf35cc1b}.xpi [2019-05-14]
FF Extension: (Blue Grass Rain Shower Petite by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c1e85863-311d-4a55-93fa-77b3fd30c19e}.xpi [2019-05-14]
FF Extension: (The Dark Garden) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c5300544-3af9-4693-b594-d8eb015b4f7f}.xpi [2021-04-23]
FF Extension: (purple dark theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c68eb250-a25c-4433-b47c-2973582a0323}.xpi [2021-04-06]
FF Extension: (Instagram Dark Theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{d000a5ae-0f79-4728-ab65-5d950af13f40}.xpi [2021-07-21]
FF Extension: (Sakura Background) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{d5fa761a-61a5-4f5b-bfec-551196818ee2}.xpi [2021-04-06]
FF Extension: (SOFT SNOWFALL --ANIMATED--) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{da9319b6-2f4f-4fb8-b4c8-82c40245cf08}.xpi [2019-05-14]
FF Extension: (A Red Neon *****) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{e921dc82-fc66-459f-9973-3145164142ef}.xpi [2019-05-14]
FF Extension: (Summerwood) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{fb7d2936-bd43-4dcd-ae06-bf7a15401808}.xpi [2019-05-13]
FF Extension: (Dark Forest) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{fc0e85e1-2dcd-4e62-9cca-b1bf6f228df8}.xpi [2019-05-13]
FF Extension: (Katana 006) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{ff035bbc-2dc7-4c97-8630-0b6e96c70930}.xpi [2019-05-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default [2021-08-31]
CHR Notifications: Default -> hxxps://www.ba-click.com; hxxps://www.gaddin.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-13]
CHR Extension: (Docs) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-13]
CHR Extension: (Google Drive) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-13]
CHR Extension: (Sheets) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-13]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2021-05-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-11]
CHR Extension: (SwagButton) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2021-07-11]
CHR Extension: (Validately Unmoderated Testing) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\melllclmaeifhnkdognllnifjhjcbila [2020-12-19]
CHR Extension: (Save Image As PNG) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2020-11-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-08] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1919472 2016-12-15] (Plex, Inc -> Plex, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35712 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-07-08] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 UcmCxRtk; C:\WINDOWS\System32\drivers\UcmCxRtk.sys [101344 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-09 11:20 - 2021-09-09 11:20 - 000035006 _____ C:\Users\lilvi\Downloads\FRST.txt
2021-09-09 11:19 - 2021-09-09 11:19 - 002302976 _____ (Farbar) C:\Users\lilvi\Downloads\FRST64.exe
2021-09-09 10:56 - 2021-09-09 11:20 - 000000000 ____D C:\FRST
2021-09-06 21:48 - 2021-09-06 21:48 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-06 21:48 - 2021-09-06 21:48 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5949ddb30a7e8cc6.tmp
2021-09-05 12:15 - 2021-09-05 12:15 - 000014666 _____ C:\Users\lilvi\Downloads\DetailMessage.pdf
2021-09-05 09:32 - 2021-09-05 09:32 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210905_093240.txt
2021-08-31 11:55 - 2021-08-31 11:55 - 000048687 _____ C:\Users\lilvi\Downloads\AttestationDroits.pdf
2021-08-31 11:40 - 2021-08-31 11:40 - 000783680 _____ C:\Users\lilvi\Downloads\CourrierDeVotreCaisse.pdf
2021-08-28 15:47 - 2021-08-28 15:47 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\Users\lilvi\AppData\Local\GOG.com
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-08-25 16:12 - 2021-08-25 16:12 - 000000000 ____D C:\ProgramData\GOG.com
2021-08-25 16:11 - 2021-08-25 16:11 - 000983624 _____ (GOG Sp. z o.o.) C:\Users\lilvi\Downloads\GOG_Galaxy_2.0.exe
2021-08-25 08:54 - 2021-08-25 08:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-24 23:00 - 2021-08-24 23:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-24 16:07 - 2021-08-24 16:07 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Contrat - Salaire
2021-08-24 16:06 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Powerpoint
2021-08-24 16:06 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Caisse assurance maladie
2021-08-24 16:05 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Document papa
2021-08-15 08:24 - 2021-08-15 08:24 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210815_082445.txt
2021-08-14 21:44 - 2021-08-14 21:44 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210814_214408.txt
2021-08-14 07:21 - 2021-08-14 07:21 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-13 07:01 - 2021-08-13 07:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 07:00 - 2021-08-13 07:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 07:00 - 2021-08-13 07:00 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 07:00 - 2021-08-13 07:00 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 06:59 - 2021-08-13 06:59 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 06:59 - 2021-08-13 06:59 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 06:57 - 2021-08-13 06:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 06:26 - 2021-08-13 06:26 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-09 11:19 - 2021-07-15 11:39 - 000002958 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2021-09-09 11:19 - 2021-04-26 20:37 - 000003368 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71f71a1590023
2021-09-09 11:19 - 2021-04-09 08:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-09 11:19 - 2021-04-09 08:59 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-09 11:19 - 2021-03-23 01:20 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-09 11:19 - 2021-03-23 01:20 - 000003518 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-09 11:19 - 2021-03-23 01:20 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-09 11:19 - 2021-03-23 01:20 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-09 11:19 - 2021-03-23 01:20 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3493289334-3301717970-4122949952-1001
2021-09-09 11:19 - 2021-03-23 01:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-09 11:19 - 2018-09-14 17:37 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\discord
2021-09-09 11:19 - 2018-02-27 18:23 - 000000000 ____D C:\Users\lilvi\AppData\LocalLow\Mozilla
2021-09-09 11:16 - 2018-09-14 17:37 - 000000000 ____D C:\Users\lilvi\AppData\Local\Discord
2021-09-09 11:10 - 2021-03-23 01:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-09 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-09 10:07 - 2019-03-13 22:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-09 09:26 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-09 09:15 - 2021-04-09 08:59 - 000000000 ____D C:\Program Files\CCleaner
2021-09-09 09:15 - 2018-08-13 14:20 - 000000028 _____ C:\Users\lilvi\AppData\Roaming\iRotate.INI
2021-09-09 09:15 - 2018-02-27 16:53 - 000000000 __SHD C:\Users\lilvi\IntelGraphicsProfiles
2021-09-09 00:14 - 2018-03-03 12:37 - 000000000 ____D C:\Users\lilvi\AppData\Local\Spotify
2021-09-08 22:50 - 2018-03-03 12:36 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Spotify
2021-09-08 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-08 13:22 - 2021-03-23 01:22 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-08 13:22 - 2019-12-07 16:49 - 000794314 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-08 13:22 - 2019-12-07 16:49 - 000150428 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-08 13:06 - 2021-05-01 13:59 - 000000000 ____D C:\Users\lilvi\Downloads\Save_webP
2021-09-08 12:11 - 2018-03-02 22:26 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\vlc
2021-09-08 08:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-08 08:15 - 2021-03-23 01:20 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-07 09:23 - 2021-07-15 11:38 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-09-06 21:48 - 2020-10-24 20:45 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-06 21:48 - 2020-04-20 20:41 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-06 21:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-06 21:48 - 2019-01-09 17:18 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-06 21:48 - 2019-01-09 17:18 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-06 21:48 - 2018-10-24 20:48 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-06 21:47 - 2019-01-14 17:18 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-06 21:47 - 2019-01-09 17:18 - 000035712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-06 21:47 - 2018-02-27 17:44 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-06 21:47 - 2018-02-27 17:44 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-06 11:42 - 2018-08-01 22:16 - 000000000 ____D C:\Users\lilvi\dwhelper
2021-09-06 10:01 - 2020-01-25 15:24 - 000000000 ___RD C:\Users\lilvi\OneDrive\Documents\Scanned Documents
2021-09-05 23:49 - 2020-11-07 16:10 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Evernote
2021-09-05 14:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-05 09:32 - 2020-09-30 23:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-05 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-09-04 11:19 - 2018-07-12 23:32 - 000000000 ____D C:\Users\lilvi\AppData\Local\AVAST Software
2021-09-04 11:02 - 2020-08-02 10:14 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-30 21:48 - 2021-04-24 10:06 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Telegram Desktop
2021-08-27 13:10 - 2017-11-30 12:40 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-27 08:05 - 2018-08-29 12:23 - 000000000 ____D C:\Users\lilvi\AppData\Local\CrashDumps
2021-08-25 16:16 - 2017-11-30 12:07 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-25 08:59 - 2021-03-23 01:14 - 000002423 _____ C:\Users\lilvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-25 08:54 - 2018-02-27 18:23 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-24 16:09 - 2019-10-18 17:19 - 000000000 ____D C:\Users\lilvi\Downloads\Image Picka
2021-08-21 08:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-18 07:50 - 2018-02-27 18:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-17 01:22 - 2020-09-30 23:48 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-17 01:22 - 2020-02-19 08:54 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-15 08:40 - 2018-02-27 16:56 - 000000000 ___RD C:\Users\lilvi\OneDrive
2021-08-15 08:24 - 2021-03-23 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-15 08:24 - 2021-03-23 01:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-15 08:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-15 08:24 - 2018-02-27 17:14 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-15 08:24 - 2017-11-30 12:10 - 000000000 ___HD C:\Intel
2021-08-14 21:45 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-14 21:44 - 2021-03-23 01:13 - 000449848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-14 21:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-14 07:21 - 2021-05-28 00:14 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-14 07:21 - 2020-10-24 20:45 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw09f05b9575dfdff7.tmp
2021-08-14 07:21 - 2020-04-20 20:41 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd03d20526ce89c9d.tmp
2021-08-14 07:21 - 2019-01-14 17:18 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9c6562aafbd28109.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweec3e2138e9ffe94.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswecf4c828242ed646.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1bb56812dcec7f4b.tmp
2021-08-14 07:21 - 2018-10-24 20:48 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw794fe587476b009d.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw90f8135338adf545.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5f82227d2938f9d9.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4791ac2f21072b42.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw267e6ec4f8ddf695.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw395d5d1af5f83c10.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw639208817d8e4956.tmp
2021-08-13 03:16 - 2018-02-28 14:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 03:13 - 2018-02-28 14:11 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 12:10 - 2018-02-28 14:38 - 000000000 ____D C:\Users\lilvi\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers ========
2018-08-13 14:20 - 2021-09-09 09:15 - 000000028 _____ () C:\Users\lilvi\AppData\Roaming\iRotate.INI
2018-02-27 16:54 - 2018-10-25 08:39 - 000000219 _____ () C:\Users\lilvi\AppData\Roaming\sp_data.sys
2021-04-14 23:24 - 2021-04-14 23:24 - 000006816 _____ () C:\Users\lilvi\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par lilvi (administrateur) sur DESKTOP-R5NPV4B (ASUSTeK COMPUTER INC. UX430UAR) (09-09-2021 11:20:13)
Exécuté depuis C:\Users\lilvi\Downloads
Profils chargés: lilvi
Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Discord Inc. -> Discord Inc.) C:\Users\lilvi\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\ElanFP\ELANFPService.exe
(EnTech Taiwan -> EnTech Taiwan) [Fichier non signé] C:\Program Files (x86)\iRotate\iRotate.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3cf4f6fdbcf7ab9d\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [13082608 2016-12-15] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [Discord] => C:\Users\lilvi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\lilvi\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-11-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3493289334-3301717970-4122949952-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13728096 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-01] (Google LLC -> Google LLC)
Startup: C:\Users\lilvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk [2018-08-13]
ShortcutTarget: iRotate.lnk -> C:\Program Files (x86)\iRotate\iRotate.exe (EnTech Taiwan -> EnTech Taiwan) [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00E9B2EC-2D5E-421E-B921-D81C0E2088EF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {016DC956-A93D-489E-B4B0-D4CFFE3D0061} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {0864B94F-59D6-45B7-A3B1-2ECD4F9F7F26} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {13DA9FCC-E5F8-4C0A-ACD9-4F08EC5B5C7E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Task: {198DB372-8E7B-4093-A133-4A3FFB622B8A} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Task: {28CD062A-2AA2-432F-B31D-519BD0F32F24} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {2CF7689D-E6E9-400E-838C-D3870EE09937} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {467D4731-CFA2-4CB5-9912-868D97AC1AFD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {561F0D07-469F-4891-8B63-D55F3928D7CF} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-07-08] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {575F80D0-CDEC-489C-A794-E4103A50692B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {62E96E2E-AE80-43F9-830A-AD689C4140B2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {63EB582D-EF41-4654-A0A7-515A3DD85FF8} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6EEB9C9A-3CEF-4BDF-93A0-E5EDB523844C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {6F27C37C-2FC4-4BEE-84A3-1973D9E964EA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {71E87AE7-F65C-4F8E-AFD9-FD9B152010E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
Task: {7A41804A-DF24-4358-B603-DCA24F3421A3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {8FE94418-04D1-4558-8EE3-5CBFCEB7AE8F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1553296 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {961D7678-7B5E-4CAE-97C2-D4F1FF541923} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F468110-3693-435C-9CB0-DD57DA3E54EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-13] (Google Inc -> Google Inc.)
Task: {C5EAB0A3-328E-44F9-995D-594F9A62CD2F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C6904358-21D5-4360-9CD5-F07500A2B2C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [Fichier non signé]
Task: {CB9EFB6A-51A6-46AC-84E5-C1D32CEDF87E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-13] (Google Inc -> Google Inc.)
Task: {D065AB05-5648-4153-A8B3-1777BF8E2BC9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [77312 2017-07-21] (ASUS) [Fichier non signé]
Task: {DFB2BEDB-D8E8-4620-AD56-79A2A63D245F} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
Task: {E4ABBA1D-DA57-4335-9971-13A5A3BCA281} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FFC63BE4-9CB0-4CF2-AF1B-AD8026E31C31} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {FFD40002-1A00-4460-BB1D-DB66AC558391} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-27] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{a12bd46d-4a46-40fa-b811-0bf0d53ada3f}: [DhcpNameServer] 10.66.88.1
Tcpip\..\Interfaces\{dcfff379-4fe1-493e-bb67-7795a6e6d129}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\lilvi\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-11]
FireFox:
========
FF DefaultProfile: pkewo9xr.default-1541096324496
FF ProfilePath: C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 [2021-09-09]
FF NewTab: Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-09-18 10:06:48&bName=&bitmask=0600
FF Session Restore: Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496 -> est activé.
FF Extension: (AdGuard AdBlocker) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\adguardadblocker@adguard.com.xpi [2021-08-26]
FF Extension: (Save webP as PNG or JPEG) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\savewebpas@jeffersonscher.com.xpi [2021-05-21]
FF Extension: (ANIMATED Sakura by candelora) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{03b45ad7-22b7-4597-a02e-b2b30f156f82}.xpi [2021-07-12]
FF Extension: (FFX Developer Ayu Dark) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{05142269-fbc1-4883-908d-f596287d95ab}.xpi [2021-04-23]
FF Extension: (Instab) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{0de715bd-3ed0-4288-bb5e-cfcbce2bbe72}.xpi [2021-04-27]
FF Extension: (Japan Rain) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{0ff34f0e-0d9e-46d1-ab94-62f39b936628}.xpi [2021-04-06]
FF Extension: (vector smoking rainbow_01 by candelora) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{1b45a408-08e8-4205-9b04-d5d8133bec36}.xpi [2021-07-13]
FF Extension: (Dark space - The best dynamic theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{22b0eca1-8c02-4c0d-a5d7-6604ddd9836e}.xpi [2021-06-04]
FF Extension: (Dark Cubes) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2021-04-23]
FF Extension: (Youtube to MP3 Converter - YTMP3.EU) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{2eded70b-8e41-4c8a-8067-771da68fe474}.xpi [2021-06-16]
FF Extension: (Dark & Purple Galaxy) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{3442137a-ac5c-4d28-a970-9446f86d1a80}.xpi [2021-04-23]
FF Extension: (Colorful Fractal) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{36c0bcea-70d9-4400-b2ea-f43c385507e6}.xpi [2019-05-13]
FF Extension: (Black Rain (Animated)) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{3e866059-1715-4a17-906c-02db9b30930e}.xpi [2021-05-12]
FF Extension: (Sweet-Dark) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{59f619c8-220b-4a27-8918-bf1537bc060a}.xpi [2021-04-23]
FF Extension: (Deep Dark Blue Forest) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-13]
FF Extension: (DarkMagic) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{5f3d72a6-5ae0-4d03-8bf4-21f2b0ab1010}.xpi [2021-04-06]
FF Extension: (Full Moon Kitty) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{61e121e7-422f-4c7d-811a-e881aaea5570}.xpi [2019-05-13]
FF Extension: ([animated] Rain Storm) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{627fb92c-9fe4-4137-a933-83b5e77df592}.xpi [2021-06-04]
FF Extension: (kanagawa wave) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{65b5f455-a810-41d4-82f7-a5e30c2d3f62}.xpi [2019-05-13]
FF Extension: (A Light in Space by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{6e68ac2f-4352-427d-ae23-bf7a2b854aed}.xpi [2021-07-23]
FF Extension: (Purple Twinkle) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{7a43f8ef-36e2-4a16-b2aa-8a8d797b716c}.xpi [2021-06-04]
FF Extension: (Sakura Blossoms & Birds by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{82f753d5-3a7c-4b9e-9bd3-675331e8250f}.xpi [2021-06-01]
FF Extension: (Pas de nom) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{8b344d1d-265c-4d48-8418-0b522359bad2}.xpi [2021-07-03]
FF Extension: (Rain Storm) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{9d7f5930-bcae-480c-bc02-64d5ea53b2ea}.xpi [2021-04-23]
FF Extension: (Web of Trust) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-05-10]
FF Extension: (Matte Black (Red)) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2021-06-04]
FF Extension: (Electric Chaos) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{b19e830e-f526-4b95-ab9b-0f84327eee1b}.xpi [2019-05-13]
FF Extension: (Video DownloadHelper) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (A Purple Neon *****) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c1a22d79-f1ea-4ade-82bc-89e3bf35cc1b}.xpi [2019-05-14]
FF Extension: (Blue Grass Rain Shower Petite by MaDonna) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c1e85863-311d-4a55-93fa-77b3fd30c19e}.xpi [2019-05-14]
FF Extension: (The Dark Garden) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c5300544-3af9-4693-b594-d8eb015b4f7f}.xpi [2021-04-23]
FF Extension: (purple dark theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{c68eb250-a25c-4433-b47c-2973582a0323}.xpi [2021-04-06]
FF Extension: (Instagram Dark Theme) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{d000a5ae-0f79-4728-ab65-5d950af13f40}.xpi [2021-07-21]
FF Extension: (Sakura Background) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{d5fa761a-61a5-4f5b-bfec-551196818ee2}.xpi [2021-04-06]
FF Extension: (SOFT SNOWFALL --ANIMATED--) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{da9319b6-2f4f-4fb8-b4c8-82c40245cf08}.xpi [2019-05-14]
FF Extension: (A Red Neon *****) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{e921dc82-fc66-459f-9973-3145164142ef}.xpi [2019-05-14]
FF Extension: (Summerwood) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{fb7d2936-bd43-4dcd-ae06-bf7a15401808}.xpi [2019-05-13]
FF Extension: (Dark Forest) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{fc0e85e1-2dcd-4e62-9cca-b1bf6f228df8}.xpi [2019-05-13]
FF Extension: (Katana 006) - C:\Users\lilvi\AppData\Roaming\Mozilla\Firefox\Profiles\pkewo9xr.default-1541096324496\Extensions\{ff035bbc-2dc7-4c97-8630-0b6e96c70930}.xpi [2019-05-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default [2021-08-31]
CHR Notifications: Default -> hxxps://www.ba-click.com; hxxps://www.gaddin.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-13]
CHR Extension: (Docs) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-13]
CHR Extension: (Google Drive) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-13]
CHR Extension: (Sheets) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-13]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2021-05-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-11]
CHR Extension: (SwagButton) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2021-07-11]
CHR Extension: (Validately Unmoderated Testing) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\melllclmaeifhnkdognllnifjhjcbila [2020-12-19]
CHR Extension: (Save Image As PNG) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2020-11-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\lilvi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-19] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-08] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1919472 2016-12-15] (Plex, Inc -> Plex, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35712 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-06] (Avast Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-07-08] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 UcmCxRtk; C:\WINDOWS\System32\drivers\UcmCxRtk.sys [101344 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-09 11:20 - 2021-09-09 11:20 - 000035006 _____ C:\Users\lilvi\Downloads\FRST.txt
2021-09-09 11:19 - 2021-09-09 11:19 - 002302976 _____ (Farbar) C:\Users\lilvi\Downloads\FRST64.exe
2021-09-09 10:56 - 2021-09-09 11:20 - 000000000 ____D C:\FRST
2021-09-06 21:48 - 2021-09-06 21:48 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-06 21:48 - 2021-09-06 21:48 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5949ddb30a7e8cc6.tmp
2021-09-05 12:15 - 2021-09-05 12:15 - 000014666 _____ C:\Users\lilvi\Downloads\DetailMessage.pdf
2021-09-05 09:32 - 2021-09-05 09:32 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210905_093240.txt
2021-08-31 11:55 - 2021-08-31 11:55 - 000048687 _____ C:\Users\lilvi\Downloads\AttestationDroits.pdf
2021-08-31 11:40 - 2021-08-31 11:40 - 000783680 _____ C:\Users\lilvi\Downloads\CourrierDeVotreCaisse.pdf
2021-08-28 15:47 - 2021-08-28 15:47 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\Users\lilvi\AppData\Local\GOG.com
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2021-08-25 16:16 - 2021-08-25 16:16 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-08-25 16:12 - 2021-08-25 16:12 - 000000000 ____D C:\ProgramData\GOG.com
2021-08-25 16:11 - 2021-08-25 16:11 - 000983624 _____ (GOG Sp. z o.o.) C:\Users\lilvi\Downloads\GOG_Galaxy_2.0.exe
2021-08-25 08:54 - 2021-08-25 08:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-24 23:00 - 2021-08-24 23:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-24 16:07 - 2021-08-24 16:07 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Contrat - Salaire
2021-08-24 16:06 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Powerpoint
2021-08-24 16:06 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Caisse assurance maladie
2021-08-24 16:05 - 2021-08-24 16:06 - 000000000 ____D C:\Users\lilvi\OneDrive\Documents\Document papa
2021-08-15 08:24 - 2021-08-15 08:24 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210815_082445.txt
2021-08-14 21:44 - 2021-08-14 21:44 - 000000000 ____T C:\WINDOWS\system32\Elan_FP_Image_20210814_214408.txt
2021-08-14 07:21 - 2021-08-14 07:21 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-13 07:01 - 2021-08-13 07:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 07:00 - 2021-08-13 07:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 07:00 - 2021-08-13 07:00 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 07:00 - 2021-08-13 07:00 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 06:59 - 2021-08-13 06:59 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 06:59 - 2021-08-13 06:59 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 06:57 - 2021-08-13 06:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 06:26 - 2021-08-13 06:26 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-09 11:19 - 2021-07-15 11:39 - 000002958 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2021-09-09 11:19 - 2021-04-26 20:37 - 000003368 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71f71a1590023
2021-09-09 11:19 - 2021-04-09 08:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-09 11:19 - 2021-04-09 08:59 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-09 11:19 - 2021-03-23 01:20 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-09 11:19 - 2021-03-23 01:20 - 000003518 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-09 11:19 - 2021-03-23 01:20 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-09 11:19 - 2021-03-23 01:20 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-09 11:19 - 2021-03-23 01:20 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3493289334-3301717970-4122949952-1001
2021-09-09 11:19 - 2021-03-23 01:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-09 11:19 - 2018-09-14 17:37 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\discord
2021-09-09 11:19 - 2018-02-27 18:23 - 000000000 ____D C:\Users\lilvi\AppData\LocalLow\Mozilla
2021-09-09 11:16 - 2018-09-14 17:37 - 000000000 ____D C:\Users\lilvi\AppData\Local\Discord
2021-09-09 11:10 - 2021-03-23 01:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-09 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-09 10:07 - 2019-03-13 22:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-09 09:26 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-09 09:15 - 2021-04-09 08:59 - 000000000 ____D C:\Program Files\CCleaner
2021-09-09 09:15 - 2018-08-13 14:20 - 000000028 _____ C:\Users\lilvi\AppData\Roaming\iRotate.INI
2021-09-09 09:15 - 2018-02-27 16:53 - 000000000 __SHD C:\Users\lilvi\IntelGraphicsProfiles
2021-09-09 00:14 - 2018-03-03 12:37 - 000000000 ____D C:\Users\lilvi\AppData\Local\Spotify
2021-09-08 22:50 - 2018-03-03 12:36 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Spotify
2021-09-08 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-08 13:22 - 2021-03-23 01:22 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-08 13:22 - 2019-12-07 16:49 - 000794314 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-08 13:22 - 2019-12-07 16:49 - 000150428 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-08 13:06 - 2021-05-01 13:59 - 000000000 ____D C:\Users\lilvi\Downloads\Save_webP
2021-09-08 12:11 - 2018-03-02 22:26 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\vlc
2021-09-08 08:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-08 08:15 - 2021-03-23 01:20 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-07 09:23 - 2021-07-15 11:38 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-09-06 21:48 - 2020-10-24 20:45 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-06 21:48 - 2020-04-20 20:41 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-06 21:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-06 21:48 - 2019-01-09 17:18 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-06 21:48 - 2019-01-09 17:18 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-06 21:48 - 2018-10-24 20:48 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-06 21:48 - 2018-02-27 17:44 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-06 21:47 - 2019-01-14 17:18 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-06 21:47 - 2019-01-09 17:18 - 000035712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-06 21:47 - 2018-02-27 17:44 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-06 21:47 - 2018-02-27 17:44 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-06 11:42 - 2018-08-01 22:16 - 000000000 ____D C:\Users\lilvi\dwhelper
2021-09-06 10:01 - 2020-01-25 15:24 - 000000000 ___RD C:\Users\lilvi\OneDrive\Documents\Scanned Documents
2021-09-05 23:49 - 2020-11-07 16:10 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Evernote
2021-09-05 14:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-05 09:32 - 2020-09-30 23:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-05 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-09-04 11:19 - 2018-07-12 23:32 - 000000000 ____D C:\Users\lilvi\AppData\Local\AVAST Software
2021-09-04 11:02 - 2020-08-02 10:14 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-30 21:48 - 2021-04-24 10:06 - 000000000 ____D C:\Users\lilvi\AppData\Roaming\Telegram Desktop
2021-08-27 13:10 - 2017-11-30 12:40 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-27 08:05 - 2018-08-29 12:23 - 000000000 ____D C:\Users\lilvi\AppData\Local\CrashDumps
2021-08-25 16:16 - 2017-11-30 12:07 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-25 08:59 - 2021-03-23 01:14 - 000002423 _____ C:\Users\lilvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-25 08:54 - 2018-02-27 18:23 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-24 16:09 - 2019-10-18 17:19 - 000000000 ____D C:\Users\lilvi\Downloads\Image Picka
2021-08-21 08:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-18 07:50 - 2018-02-27 18:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-17 01:22 - 2020-09-30 23:48 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-17 01:22 - 2020-02-19 08:54 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-15 08:40 - 2018-02-27 16:56 - 000000000 ___RD C:\Users\lilvi\OneDrive
2021-08-15 08:24 - 2021-03-23 01:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-15 08:24 - 2021-03-23 01:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-15 08:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-15 08:24 - 2018-02-27 17:14 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-15 08:24 - 2017-11-30 12:10 - 000000000 ___HD C:\Intel
2021-08-14 21:45 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-14 21:44 - 2021-03-23 01:13 - 000449848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-14 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-14 21:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-14 07:21 - 2021-05-28 00:14 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-14 07:21 - 2020-10-24 20:45 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw09f05b9575dfdff7.tmp
2021-08-14 07:21 - 2020-04-20 20:41 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd03d20526ce89c9d.tmp
2021-08-14 07:21 - 2019-01-14 17:18 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9c6562aafbd28109.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweec3e2138e9ffe94.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswecf4c828242ed646.tmp
2021-08-14 07:21 - 2019-01-09 17:18 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1bb56812dcec7f4b.tmp
2021-08-14 07:21 - 2018-10-24 20:48 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw794fe587476b009d.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw90f8135338adf545.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5f82227d2938f9d9.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4791ac2f21072b42.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw267e6ec4f8ddf695.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw395d5d1af5f83c10.tmp
2021-08-14 07:21 - 2018-02-27 17:44 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw639208817d8e4956.tmp
2021-08-13 03:16 - 2018-02-28 14:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 03:13 - 2018-02-28 14:11 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 12:10 - 2018-02-28 14:38 - 000000000 ____D C:\Users\lilvi\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers ========
2018-08-13 14:20 - 2021-09-09 09:15 - 000000028 _____ () C:\Users\lilvi\AppData\Roaming\iRotate.INI
2018-02-27 16:54 - 2018-10-25 08:39 - 000000219 _____ () C:\Users\lilvi\AppData\Roaming\sp_data.sys
2021-04-14 23:24 - 2021-04-14 23:24 - 000006816 _____ () C:\Users\lilvi\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================