Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2022
Exécuté par Tanjombato-9A (administrateur) sur TANJOMBATO9A-PC (Dell Inc. Inspiron 5437) (22-06-2022 22:59:18)
Exécuté depuis C:\Users\Tanjombato-9A\Desktop
Profils chargés: Tanjombato-9A
Plate-forme: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(D:\Clean Master\cmcore.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmcore.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7827256 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212816 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [cmsc] => D:\Clean Master\cmtray.exe [1598112 2021-12-20] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [AvastBrowserAutoLaunch_882441BAAA94E2E03EB9FE1BCBF2F1B0] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [{BFA17B4C-70D3-480F-8476-76197F614AB6}] => D:\Logs\Antidote\Installer Antidote.exe [1447909654 2017-05-24] (Druide informatique inc.) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Policies\Explorer: [nolowdiskspacechecks] 1
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: I - I:\Autoplay.exe -auto
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {2528bf19-a074-11eb-bd9a-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {4037ef0e-ab0d-11e5-9c9e-0c84dc899d12} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Autorun.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {912db8cf-9af0-11eb-acef-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {afeb2d86-515a-11e5-8dfd-0c84dc899d12} - F:\Setup.exe /Auto
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {b37a73e9-5915-11e5-91fb-0c84dc899d12} - G:\SETUP.EXE
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {dc8dc0c5-1e13-11e9-a156-0c84dc899d12} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {fa6fe055-eab0-11ea-b7ed-0c84dc899d12} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\Installer\chrmstp.exe [2022-06-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {26994419-55A9-466E-B42B-0506CB72A63E} - System32\Tasks\{98C724E1-02A2-4D4F-8EFE-C606C8EE9FAD} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W74_A00_Setup-NXXK2_ZPE.exe -d G:\pilote
Task: {2A7905CB-019C-4EF6-AC3B-75A496B708FC} - System32\Tasks\{95CCA941-C40F-4243-870A-22F2D254F37A} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {3306E324-0BF7-4D27-8F0F-071EECF4827B} - System32\Tasks\{E74D0858-7DE1-4D6A-ACD8-C33CD8FBA054} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {353D9DE5-7FDD-45B4-8ADB-CBDBBED5E199} - System32\Tasks\{D6A505FF-6D56-4A82-B135-18AB4B2067F6} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W84_X03_A00_Setup-X9X20_ZPE.exe -d G:\pilote
Task: {38C7EB8B-6649-4BAD-8180-B29BFA492CFA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4925264 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
Task: {4F62980E-A005-4261-ADDE-B16D5D91788E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {535EDECC-1CD1-447B-85AF-123503C724F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC)
Task: {5593254E-8636-4B2B-94F9-FF0306DC8FDE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {600E7069-1673-4E89-90BB-72485CA550B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {61EEAE88-54A4-4ECF-A1E3-AD342AC422EC} - System32\Tasks\{1B5BD473-3C2E-4AD1-B48F-C4A0A994A14A} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.7.0.102&LastError=12007
Task: {72A40CDD-A51A-4BFC-9B6C-11D72AC22CBA} - System32\Tasks\Opera scheduled Autoupdate 1441026236 => c:\program files (x86)\opera\launcher.exe [1465432 2019-02-26] (Opera Software AS -> Opera Software)
Task: {761A62B0-3A2B-4E01-A97C-A949270F12D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {838401B0-28DB-401A-8F05-58EFC2AA940F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {8A312DE9-B20B-49BF-8772-5460A617535E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {92363985-F175-4399-86DC-92DE54766FA0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {9C41B6B0-FB68-4CDE-835B-63E7D7ABEA76} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {AB6882DB-89C3-477B-9A22-33FF8D743051} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D44027A6-F2DF-4E02-8C3F-B542CE068E0B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {EC631B3C-E6EB-4BE8-812C-EECCE7C212B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EED48437-3601-4922-A21C-1C6AD1A27881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC)
Task: {F3C6845D-5E31-49DB-A933-4C6D0EAA3A56} - System32\Tasks\{9F50E050-B806-42C2-8F43-9882458F8A97} => C:\Windows\system32\pcalua.exe -a G:\pilote\qualcomm_wirleess_10.0.0.298\Setup.exe -d G:\pilote\qualcomm_wirleess_10.0.0.298
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A7BBCE69-4E14-45DA-BB88-4BF1EA2D0572}: [DhcpNameServer] 192.168.8.1 192.168.8.1
FireFox:
========
FF DefaultProfile: 4pmrslrk.default-1511159673899
FF ProfilePath: C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899 [2022-06-22]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899\Extensions\sp@avast.com.xpi [2022-05-17]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] []
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default [2022-06-22]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA=="
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA=="
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQhaUlpHFQBBbQ4JU11cFQMSdBQAUwwUDARFIVwJVg4SEQEVIR9aFQQTQkcFME0FBloEURNNfXVNAlIIY0dKJ1FM&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHARBc1oOVQwTDAIScl0VVQ9AFRgbcgxdTAgXQFASdw5bUQ1HQBNBNARaAktXUUEeJ1pNER8fHHlWI1JBI0sYRl1X
CHR Extension: (Recherche Google) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-02-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-20]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-21]
CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-22]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-22]
CHR HomePage: Profile 1 -> msn.com
CHR DefaultSearchURL: Profile 1 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-06]
CHR Extension: (Docs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-06]
CHR Extension: (Google Drive) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-06]
CHR Extension: (YouTube) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-06]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-10-06]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2021-10-06]
CHR Extension: (Sheets) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-16]
CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-06]
CHR Extension: (Gmail) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-10-06]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-22]
CHR HKU\S-1-5-21-3965708718-977226661-2995584820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
Opera:
=======
OPR Profile: C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable [2022-06-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Lucky Bright) - C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekegpojkfimccgkihlbijfdcbkkpnnao [2015-12-11] [UpdateUrl:hxxp://cdn.luckybright.net/update] <==== ATTENTION
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8432776 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\elevation_service.exe [2024032 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 cmcore; D:\Clean Master\cmcore.exe [397936 2021-08-23] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Fichier non signé]
R2 UDisk Monitor; C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe [410112 2009-08-05] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [38912 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [232648 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [382608 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [255136 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [102048 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [45072 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [271600 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548968 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111056 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [86120 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [857488 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [662160 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218608 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [321928 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [81584 2021-08-23] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WYTmtusbser; C:\Windows\System32\DRIVERS\CT_WYTMT_U_USBSER.sys [119168 2009-07-28] (Microsoft Windows Hardware Compatibility Publisher -> ZTEMT Incorporated)
S3 GENERICDRV; \??\G:\amifldrv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-22 22:59 - 2022-06-22 23:15 - 000031071 _____ C:\Users\Tanjombato-9A\Desktop\FRST.txt
2022-06-22 22:51 - 2022-06-22 23:12 - 000000000 ____D C:\FRST
2022-06-22 22:47 - 2022-06-22 22:47 - 000338309 _____ C:\Users\Public\Desktop\ZHPDiag.txt
2022-06-22 22:37 - 2022-06-22 22:47 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\ZHP
2022-06-22 22:37 - 2022-06-22 22:37 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\ZHP
2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe
2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe
2022-06-22 21:44 - 2022-06-22 21:44 - 000000000 ___RD C:\Users\Tanjombato-9A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2022-06-22 21:06 - 2022-06-22 21:06 - 411482804 _____ C:\Windows\MEMORY.DMP
2022-06-22 21:06 - 2022-06-22 21:06 - 000320832 _____ C:\Windows\Minidump\062222-32822-01.dmp
2022-06-14 16:08 - 2022-06-14 16:08 - 000396920 _____ C:\Windows\Minidump\061422-52307-01.dmp
2022-06-13 04:23 - 2022-06-13 04:23 - 000269136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-06-13 04:23 - 2022-06-13 04:23 - 000218608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-06-12 12:13 - 2022-06-12 12:13 - 000328624 _____ C:\Windows\Minidump\061222-53835-01.dmp
2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E}
2022-05-28 04:35 - 2022-05-28 04:35 - 000000000 ____D C:\Windows\system32\gf2engine
2022-05-21 16:12 - 2022-05-21 16:13 - 000766728 _____ C:\Windows\Minidump\052122-47346-01.dmp
2022-05-15 17:23 - 2022-05-15 17:24 - 000767040 _____ C:\Windows\Minidump\051522-50840-01.dmp
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignec0166358a7f531c
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignc70bbcaf4042c77d
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignb7b59ae2edeb8d5a
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign4cd57040400c074e
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign09e7348318e47856
2022-04-06 21:51 - 2022-06-14 22:01 - 000000971 _____ C:\Users\Tanjombato-9A\Desktop\Donblas.txt
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-22 22:16 - 2018-06-07 19:00 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\AVAST Software
2022-06-22 22:10 - 2015-08-31 16:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-22 21:45 - 2015-08-31 19:59 - 000000000 __SHD C:\Users\Tanjombato-9A\IntelGraphicsProfiles
2022-06-22 21:40 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-22 21:16 - 2020-05-11 23:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-06-22 21:06 - 2020-06-26 11:04 - 000000000 ____D C:\Windows\Minidump
2022-06-22 10:39 - 2016-02-01 20:14 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\CrashDumps
2022-06-20 16:47 - 2015-10-12 08:55 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-20 13:03 - 2018-08-09 20:08 - 000473306 _____ C:\Windows\system32\perfh00B.dat
2022-06-20 13:03 - 2018-08-09 20:08 - 000101388 _____ C:\Windows\system32\perfc00B.dat
2022-06-20 13:03 - 2018-08-09 19:52 - 000675558 _____ C:\Windows\system32\perfh00E.dat
2022-06-20 13:03 - 2018-08-09 19:52 - 000171142 _____ C:\Windows\system32\perfc00E.dat
2022-06-20 13:03 - 2018-08-09 19:23 - 000737260 _____ C:\Windows\system32\perfh00A.dat
2022-06-20 13:03 - 2018-08-09 19:23 - 000158342 _____ C:\Windows\system32\perfc00A.dat
2022-06-20 13:03 - 2018-08-09 19:09 - 000384148 _____ C:\Windows\system32\perfh00D.dat
2022-06-20 13:03 - 2018-08-09 19:09 - 000084626 _____ C:\Windows\system32\perfc00D.dat
2022-06-20 13:03 - 2018-08-09 18:35 - 000731850 _____ C:\Windows\system32\perfh010.dat
2022-06-20 13:03 - 2018-08-09 18:35 - 000146714 _____ C:\Windows\system32\perfc010.dat
2022-06-20 13:03 - 2018-08-09 18:22 - 000470818 _____ C:\Windows\system32\perfh001.dat
2022-06-20 13:03 - 2018-08-09 18:22 - 000094640 _____ C:\Windows\system32\perfc001.dat
2022-06-20 13:03 - 2018-08-09 17:57 - 000689012 _____ C:\Windows\system32\perfh007.dat
2022-06-20 13:03 - 2018-08-09 17:57 - 000148984 _____ C:\Windows\system32\perfc007.dat
2022-06-20 13:03 - 2010-11-21 09:19 - 000747570 _____ C:\Windows\system32\perfh00C.dat
2022-06-20 13:03 - 2010-11-21 09:19 - 000150062 _____ C:\Windows\system32\perfc00C.dat
2022-06-20 13:03 - 2009-07-14 08:13 - 006725942 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-20 13:03 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2022-06-19 18:46 - 2019-06-23 10:59 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-19 18:46 - 2019-06-23 10:59 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-19 18:46 - 2017-05-10 11:25 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-06-13 04:24 - 2019-01-15 10:52 - 000382608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-06-13 04:24 - 2018-06-29 20:40 - 000321928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-06-13 04:23 - 2020-10-14 09:41 - 000271600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-06-13 04:23 - 2020-04-15 12:05 - 000548968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-06-13 04:23 - 2019-01-04 20:57 - 000255136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-06-13 04:23 - 2019-01-04 20:57 - 000102048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-06-13 04:23 - 2018-10-20 18:05 - 000045072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000662160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000111056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000086120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-06-13 04:22 - 2019-01-04 20:57 - 000038912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-06-13 04:22 - 2018-06-29 20:40 - 000857488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-06-13 04:22 - 2018-06-29 20:40 - 000232648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-06-12 13:33 - 2019-06-29 12:17 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-06-12 13:33 - 2018-06-07 19:04 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-06-12 13:33 - 2018-06-07 19:04 - 000002384 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-06-08 14:37 - 2015-09-04 16:39 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\vlc
2022-06-02 06:15 - 2015-11-09 06:33 - 000000496 __RSH C:\ProgramData\ntuser.pol
2022-06-01 09:35 - 2015-08-31 12:19 - 000000000 ____D C:\Users\Tanjombato-9A\Documents\Bluetooth Folder
==================== Fichiers à la racine de certains dossiers ========
2020-06-08 16:42 - 2020-06-08 16:42 - 024166400 _____ () C:\Program Files (x86)\GUT196.tmp
2020-06-04 17:48 - 2020-06-04 17:48 - 024166400 _____ () C:\Program Files (x86)\GUT3228.tmp
2020-06-02 16:51 - 2020-06-02 16:51 - 024166400 _____ () C:\Program Files (x86)\GUT64DB.tmp
2020-06-06 17:07 - 2020-06-06 17:07 - 024166400 _____ () C:\Program Files (x86)\GUT76A6.tmp
2020-06-07 06:08 - 2020-06-07 06:08 - 024166400 _____ () C:\Program Files (x86)\GUT7CCC.tmp
2021-08-25 10:44 - 2022-04-08 12:48 - 000000033 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\AdobeWLCMCache.dat
2018-07-24 17:13 - 2018-11-09 11:01 - 000000130 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\WB.CFG
2015-09-04 20:09 - 2015-09-04 20:09 - 000000017 _____ () C:\Users\Tanjombato-9A\AppData\Local\resmon.resmoncfg
2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ () C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E}
==================== SigCheckExt =========================
2012-12-28 12:09 - 2012-12-28 12:09 - 000361600 _____ (Qualcomm Atheros Commnucations) C:\Windows\system32\AthCredentialProvider.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-13 13:58 - 2014-05-13 13:58 - 000002560 _____ (Intel(R) Corporation) C:\Windows\SysWOW64\IusEventLog.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-09-12 10:07 - 2003-04-18 19:06 - 000008192 _____ C:\Windows\SysWOW64\srvany.exe
2015-08-31 15:08 - 2015-06-15 11:00 - 000041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe
2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe
2015-09-01 00:08 - 2015-09-01 00:08 - 000417064 _____ () C:\Users\Tanjombato-9A\Downloads\DellSystemDetectLauncher.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8acde8b7-4fcd-11e5-bc13-85400005b9a8}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {8acde8b7-4fcd-11e5-bc13-85400005b9a8}
device ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {8acde8b8-4fcd-11e5-bc13-85400005b9a8}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\boot.sdi
LastRegBack: 2022-06-16 00:45
==================== Fin de FRST.txt ========================
Exécuté par Tanjombato-9A (administrateur) sur TANJOMBATO9A-PC (Dell Inc. Inspiron 5437) (22-06-2022 22:59:18)
Exécuté depuis C:\Users\Tanjombato-9A\Desktop
Profils chargés: Tanjombato-9A
Plate-forme: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(D:\Clean Master\cmcore.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmcore.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7827256 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212816 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [cmsc] => D:\Clean Master\cmtray.exe [1598112 2021-12-20] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [AvastBrowserAutoLaunch_882441BAAA94E2E03EB9FE1BCBF2F1B0] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [{BFA17B4C-70D3-480F-8476-76197F614AB6}] => D:\Logs\Antidote\Installer Antidote.exe [1447909654 2017-05-24] (Druide informatique inc.) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Policies\Explorer: [nolowdiskspacechecks] 1
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: I - I:\Autoplay.exe -auto
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {2528bf19-a074-11eb-bd9a-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {4037ef0e-ab0d-11e5-9c9e-0c84dc899d12} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Autorun.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {912db8cf-9af0-11eb-acef-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {afeb2d86-515a-11e5-8dfd-0c84dc899d12} - F:\Setup.exe /Auto
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {b37a73e9-5915-11e5-91fb-0c84dc899d12} - G:\SETUP.EXE
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {dc8dc0c5-1e13-11e9-a156-0c84dc899d12} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {fa6fe055-eab0-11ea-b7ed-0c84dc899d12} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\Installer\chrmstp.exe [2022-06-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {26994419-55A9-466E-B42B-0506CB72A63E} - System32\Tasks\{98C724E1-02A2-4D4F-8EFE-C606C8EE9FAD} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W74_A00_Setup-NXXK2_ZPE.exe -d G:\pilote
Task: {2A7905CB-019C-4EF6-AC3B-75A496B708FC} - System32\Tasks\{95CCA941-C40F-4243-870A-22F2D254F37A} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {3306E324-0BF7-4D27-8F0F-071EECF4827B} - System32\Tasks\{E74D0858-7DE1-4D6A-ACD8-C33CD8FBA054} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {353D9DE5-7FDD-45B4-8ADB-CBDBBED5E199} - System32\Tasks\{D6A505FF-6D56-4A82-B135-18AB4B2067F6} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W84_X03_A00_Setup-X9X20_ZPE.exe -d G:\pilote
Task: {38C7EB8B-6649-4BAD-8180-B29BFA492CFA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4925264 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
Task: {4F62980E-A005-4261-ADDE-B16D5D91788E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {535EDECC-1CD1-447B-85AF-123503C724F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC)
Task: {5593254E-8636-4B2B-94F9-FF0306DC8FDE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {600E7069-1673-4E89-90BB-72485CA550B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {61EEAE88-54A4-4ECF-A1E3-AD342AC422EC} - System32\Tasks\{1B5BD473-3C2E-4AD1-B48F-C4A0A994A14A} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.7.0.102&LastError=12007
Task: {72A40CDD-A51A-4BFC-9B6C-11D72AC22CBA} - System32\Tasks\Opera scheduled Autoupdate 1441026236 => c:\program files (x86)\opera\launcher.exe [1465432 2019-02-26] (Opera Software AS -> Opera Software)
Task: {761A62B0-3A2B-4E01-A97C-A949270F12D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {838401B0-28DB-401A-8F05-58EFC2AA940F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {8A312DE9-B20B-49BF-8772-5460A617535E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {92363985-F175-4399-86DC-92DE54766FA0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {9C41B6B0-FB68-4CDE-835B-63E7D7ABEA76} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {AB6882DB-89C3-477B-9A22-33FF8D743051} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D44027A6-F2DF-4E02-8C3F-B542CE068E0B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {EC631B3C-E6EB-4BE8-812C-EECCE7C212B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EED48437-3601-4922-A21C-1C6AD1A27881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC)
Task: {F3C6845D-5E31-49DB-A933-4C6D0EAA3A56} - System32\Tasks\{9F50E050-B806-42C2-8F43-9882458F8A97} => C:\Windows\system32\pcalua.exe -a G:\pilote\qualcomm_wirleess_10.0.0.298\Setup.exe -d G:\pilote\qualcomm_wirleess_10.0.0.298
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{A7BBCE69-4E14-45DA-BB88-4BF1EA2D0572}: [DhcpNameServer] 192.168.8.1 192.168.8.1
FireFox:
========
FF DefaultProfile: 4pmrslrk.default-1511159673899
FF ProfilePath: C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899 [2022-06-22]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899\Extensions\sp@avast.com.xpi [2022-05-17]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] []
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default [2022-06-22]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA=="
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA=="
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQhaUlpHFQBBbQ4JU11cFQMSdBQAUwwUDARFIVwJVg4SEQEVIR9aFQQTQkcFME0FBloEURNNfXVNAlIIY0dKJ1FM&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHARBc1oOVQwTDAIScl0VVQ9AFRgbcgxdTAgXQFASdw5bUQ1HQBNBNARaAktXUUEeJ1pNER8fHHlWI1JBI0sYRl1X
CHR Extension: (Recherche Google) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-02-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-20]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-21]
CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-22]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-22]
CHR HomePage: Profile 1 -> msn.com
CHR DefaultSearchURL: Profile 1 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-06]
CHR Extension: (Docs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-06]
CHR Extension: (Google Drive) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-06]
CHR Extension: (YouTube) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-06]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-10-06]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2021-10-06]
CHR Extension: (Sheets) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-16]
CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-06]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-06]
CHR Extension: (Gmail) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-10-06]
CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-22]
CHR HKU\S-1-5-21-3965708718-977226661-2995584820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
Opera:
=======
OPR Profile: C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable [2022-06-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Lucky Bright) - C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekegpojkfimccgkihlbijfdcbkkpnnao [2015-12-11] [UpdateUrl:hxxp://cdn.luckybright.net/update] <==== ATTENTION
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8432776 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\elevation_service.exe [2024032 2022-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 cmcore; D:\Clean Master\cmcore.exe [397936 2021-08-23] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Fichier non signé]
R2 UDisk Monitor; C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe [410112 2009-08-05] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [38912 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [232648 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [382608 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [255136 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [102048 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [45072 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [271600 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548968 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111056 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [86120 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [857488 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [662160 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218608 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [321928 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [81584 2021-08-23] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 WYTmtusbser; C:\Windows\System32\DRIVERS\CT_WYTMT_U_USBSER.sys [119168 2009-07-28] (Microsoft Windows Hardware Compatibility Publisher -> ZTEMT Incorporated)
S3 GENERICDRV; \??\G:\amifldrv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-22 22:59 - 2022-06-22 23:15 - 000031071 _____ C:\Users\Tanjombato-9A\Desktop\FRST.txt
2022-06-22 22:51 - 2022-06-22 23:12 - 000000000 ____D C:\FRST
2022-06-22 22:47 - 2022-06-22 22:47 - 000338309 _____ C:\Users\Public\Desktop\ZHPDiag.txt
2022-06-22 22:37 - 2022-06-22 22:47 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\ZHP
2022-06-22 22:37 - 2022-06-22 22:37 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\ZHP
2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe
2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe
2022-06-22 21:44 - 2022-06-22 21:44 - 000000000 ___RD C:\Users\Tanjombato-9A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2022-06-22 21:06 - 2022-06-22 21:06 - 411482804 _____ C:\Windows\MEMORY.DMP
2022-06-22 21:06 - 2022-06-22 21:06 - 000320832 _____ C:\Windows\Minidump\062222-32822-01.dmp
2022-06-14 16:08 - 2022-06-14 16:08 - 000396920 _____ C:\Windows\Minidump\061422-52307-01.dmp
2022-06-13 04:23 - 2022-06-13 04:23 - 000269136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-06-13 04:23 - 2022-06-13 04:23 - 000218608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-06-12 12:13 - 2022-06-12 12:13 - 000328624 _____ C:\Windows\Minidump\061222-53835-01.dmp
2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E}
2022-05-28 04:35 - 2022-05-28 04:35 - 000000000 ____D C:\Windows\system32\gf2engine
2022-05-21 16:12 - 2022-05-21 16:13 - 000766728 _____ C:\Windows\Minidump\052122-47346-01.dmp
2022-05-15 17:23 - 2022-05-15 17:24 - 000767040 _____ C:\Windows\Minidump\051522-50840-01.dmp
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignec0166358a7f531c
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignc70bbcaf4042c77d
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignb7b59ae2edeb8d5a
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign4cd57040400c074e
2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign09e7348318e47856
2022-04-06 21:51 - 2022-06-14 22:01 - 000000971 _____ C:\Users\Tanjombato-9A\Desktop\Donblas.txt
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-22 22:16 - 2018-06-07 19:00 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\AVAST Software
2022-06-22 22:10 - 2015-08-31 16:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-22 21:45 - 2015-08-31 19:59 - 000000000 __SHD C:\Users\Tanjombato-9A\IntelGraphicsProfiles
2022-06-22 21:40 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-22 21:16 - 2020-05-11 23:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-06-22 21:06 - 2020-06-26 11:04 - 000000000 ____D C:\Windows\Minidump
2022-06-22 10:39 - 2016-02-01 20:14 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\CrashDumps
2022-06-20 16:47 - 2015-10-12 08:55 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-20 13:03 - 2018-08-09 20:08 - 000473306 _____ C:\Windows\system32\perfh00B.dat
2022-06-20 13:03 - 2018-08-09 20:08 - 000101388 _____ C:\Windows\system32\perfc00B.dat
2022-06-20 13:03 - 2018-08-09 19:52 - 000675558 _____ C:\Windows\system32\perfh00E.dat
2022-06-20 13:03 - 2018-08-09 19:52 - 000171142 _____ C:\Windows\system32\perfc00E.dat
2022-06-20 13:03 - 2018-08-09 19:23 - 000737260 _____ C:\Windows\system32\perfh00A.dat
2022-06-20 13:03 - 2018-08-09 19:23 - 000158342 _____ C:\Windows\system32\perfc00A.dat
2022-06-20 13:03 - 2018-08-09 19:09 - 000384148 _____ C:\Windows\system32\perfh00D.dat
2022-06-20 13:03 - 2018-08-09 19:09 - 000084626 _____ C:\Windows\system32\perfc00D.dat
2022-06-20 13:03 - 2018-08-09 18:35 - 000731850 _____ C:\Windows\system32\perfh010.dat
2022-06-20 13:03 - 2018-08-09 18:35 - 000146714 _____ C:\Windows\system32\perfc010.dat
2022-06-20 13:03 - 2018-08-09 18:22 - 000470818 _____ C:\Windows\system32\perfh001.dat
2022-06-20 13:03 - 2018-08-09 18:22 - 000094640 _____ C:\Windows\system32\perfc001.dat
2022-06-20 13:03 - 2018-08-09 17:57 - 000689012 _____ C:\Windows\system32\perfh007.dat
2022-06-20 13:03 - 2018-08-09 17:57 - 000148984 _____ C:\Windows\system32\perfc007.dat
2022-06-20 13:03 - 2010-11-21 09:19 - 000747570 _____ C:\Windows\system32\perfh00C.dat
2022-06-20 13:03 - 2010-11-21 09:19 - 000150062 _____ C:\Windows\system32\perfc00C.dat
2022-06-20 13:03 - 2009-07-14 08:13 - 006725942 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-20 13:03 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2022-06-19 18:46 - 2019-06-23 10:59 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-19 18:46 - 2019-06-23 10:59 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-19 18:46 - 2017-05-10 11:25 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-06-13 04:24 - 2019-01-15 10:52 - 000382608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-06-13 04:24 - 2018-06-29 20:40 - 000321928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-06-13 04:23 - 2020-10-14 09:41 - 000271600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-06-13 04:23 - 2020-04-15 12:05 - 000548968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-06-13 04:23 - 2019-01-04 20:57 - 000255136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-06-13 04:23 - 2019-01-04 20:57 - 000102048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-06-13 04:23 - 2018-10-20 18:05 - 000045072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000662160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000111056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-06-13 04:23 - 2018-06-29 20:40 - 000086120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-06-13 04:22 - 2019-01-04 20:57 - 000038912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-06-13 04:22 - 2018-06-29 20:40 - 000857488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-06-13 04:22 - 2018-06-29 20:40 - 000232648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-06-12 13:33 - 2019-06-29 12:17 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-06-12 13:33 - 2018-06-07 19:04 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-06-12 13:33 - 2018-06-07 19:04 - 000002384 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-06-08 14:37 - 2015-09-04 16:39 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\vlc
2022-06-02 06:15 - 2015-11-09 06:33 - 000000496 __RSH C:\ProgramData\ntuser.pol
2022-06-01 09:35 - 2015-08-31 12:19 - 000000000 ____D C:\Users\Tanjombato-9A\Documents\Bluetooth Folder
==================== Fichiers à la racine de certains dossiers ========
2020-06-08 16:42 - 2020-06-08 16:42 - 024166400 _____ () C:\Program Files (x86)\GUT196.tmp
2020-06-04 17:48 - 2020-06-04 17:48 - 024166400 _____ () C:\Program Files (x86)\GUT3228.tmp
2020-06-02 16:51 - 2020-06-02 16:51 - 024166400 _____ () C:\Program Files (x86)\GUT64DB.tmp
2020-06-06 17:07 - 2020-06-06 17:07 - 024166400 _____ () C:\Program Files (x86)\GUT76A6.tmp
2020-06-07 06:08 - 2020-06-07 06:08 - 024166400 _____ () C:\Program Files (x86)\GUT7CCC.tmp
2021-08-25 10:44 - 2022-04-08 12:48 - 000000033 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\AdobeWLCMCache.dat
2018-07-24 17:13 - 2018-11-09 11:01 - 000000130 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\WB.CFG
2015-09-04 20:09 - 2015-09-04 20:09 - 000000017 _____ () C:\Users\Tanjombato-9A\AppData\Local\resmon.resmoncfg
2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ () C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E}
==================== SigCheckExt =========================
2012-12-28 12:09 - 2012-12-28 12:09 - 000361600 _____ (Qualcomm Atheros Commnucations) C:\Windows\system32\AthCredentialProvider.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-13 13:58 - 2014-05-13 13:58 - 000002560 _____ (Intel(R) Corporation) C:\Windows\SysWOW64\IusEventLog.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-31 20:05 - 2015-08-07 14:06 - 001423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-09-12 10:07 - 2003-04-18 19:06 - 000008192 _____ C:\Windows\SysWOW64\srvany.exe
2015-08-31 15:08 - 2015-06-15 11:00 - 000041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe
2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe
2015-09-01 00:08 - 2015-09-01 00:08 - 000417064 _____ () C:\Users\Tanjombato-9A\Downloads\DellSystemDetectLauncher.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8acde8b7-4fcd-11e5-bc13-85400005b9a8}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {8acde8b7-4fcd-11e5-bc13-85400005b9a8}
device ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {8acde8b5-4fcd-11e5-bc13-85400005b9a8}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {8acde8b8-4fcd-11e5-bc13-85400005b9a8}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\boot.sdi
LastRegBack: 2022-06-16 00:45
==================== Fin de FRST.txt ========================