Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Exécuté par Héloise (administrateur) sur EDENLUNA (Hewlett-Packard HP Pavilion 15 Notebook PC) (02-09-2022 12:42:15)
Exécuté depuis C:\Users\Héloise\Desktop
Profils chargés: Héloise
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (MobiSystems, Inc. -> MobiSystems Inc.) C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIKE.EXE
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (RealVNC Limited -> RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [OfficeSuite] => C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe [339152 2022-06-14] (MobiSystems, Inc. -> MobiSystems Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Héloise\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3245499168-2350251440-594027931-1005\...\Run: [Avast Browser] => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserUpdateCore.exe [521176 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3245499168-2350251440-594027931-1005\...\Run: [AvastBrowserAutoLaunch_41F42E4588060852330FD542E30C8FE3] => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [365568 2012-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.52\Installer\chrmstp.exe [2022-08-31] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03729F7B-612E-4BF0-81BA-C26F433B5786} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2059272 2015-07-27] (Symantec Corporation -> Symantec Corporation)
Task: {0594731A-1E8A-4BC9-BB07-7F73CCF388BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {07058C2E-B672-4ACF-BDBC-3FA3835CAD0D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-3245499168-2350251440-594027931-1005 => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B138126-29EC-4788-869E-B8FB5399EEFC} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> Pas de fichier <==== ATTENTION
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1A34F697-A564-4403-A5BA-4A0A71B8655C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /InstallUpdates (Pas de fichier)
Task: {20D143FF-D4BF-41B9-B360-ACEABB4C5DBB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B766B9D-D434-455D-96FD-CF65A24C5649} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {45F35097-C9B9-4F8C-9CD8-1B5312A2D3B8} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-3245499168-2350251440-594027931-1005Core => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {7D196D87-DB48-4DCA-9F26-950C8A3267AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {89A0D9A3-EED2-4082-BA5F-8271419D9041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {922D7385-AC79-4FFE-BE64-1565F85954CB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [54096 2013-06-04] (Symantec Corporation -> Symantec Corporation)
Task: {96749168-827E-48B1-BE1B-46CA8F1D66A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {A1D7D181-0FDD-44A8-8B2B-5D8724965150} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {A29ED696-1E69-4997-8B41-A2E2DD122505} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-3245499168-2350251440-594027931-1005UA => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {A84E99AE-04B4-471E-8C48-1F9607E6BFC6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {B11ECAE6-9493-4758-9FE2-6CEE3C6351ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {B4AD386B-E0CE-4A64-AF0F-BD8047C0F306} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF39CEA7-143C-4E5B-BA59-3F96DC85B0B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C42F67D0-A5B6-4D70-BFB8-1DFF090A35F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107072 2016-05-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {CCD9AAE6-21BC-4EF8-9EFD-F93DA004C06A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4B5403D-39D7-4B98-B01B-1A1C41D48F60} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {E84CEE9C-FFDA-4AE8-8DDD-B8CE9E2229F5} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [54096 2013-06-04] (Symantec Corporation -> Symantec Corporation)
Task: {ED84A6C4-4A2E-468E-9335-E6350619291C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{82D48583-B463-43DA-BB88-A49DD1875F82}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{C93EADBD-15DE-476F-824F-72E4A074FB2A}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Héloise\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-01]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF => non trouvé(e)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3245499168-2350251440-594027931-1005: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-3245499168-2350251440-594027931-1005: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Extension: (Wolf) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccehekadeelebinmfibpahmllbjnnip [2022-09-01]
CHR Extension: (Norton Security Toolbar) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2016-01-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-17]
CHR Extension: (Plus) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2022-09-01]
CHR Extension: (Simple Files Downloader) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpndcdieibcjamippljnmmiibeaimfof [2022-06-22]
CHR Extension: (FUT Nation | Import des ventes FUT) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddhphgbpdgnokdbaeapmmcafekhedgc [2022-09-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-12]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [Fichier non signé]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Fichier non signé]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (Hewlett-Packard Company -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-01] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Limited -> RealVNC Ltd.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288840 2013-04-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 12:42 - 2022-09-02 12:43 - 000021725 _____ C:\Users\Héloise\Desktop\FRST.txt
2022-09-02 12:22 - 2022-09-02 12:22 - 000366097 _____ C:\Users\Héloise\Desktop\ZHPDiag.html
2022-09-02 12:22 - 2022-09-02 12:22 - 000296816 _____ C:\Users\Héloise\Desktop\ZHPDiag.txt
2022-09-02 00:16 - 2022-09-02 00:16 - 000001958 _____ C:\Users\Héloise\Desktop\MBAM.txt
2022-09-01 22:45 - 2022-09-01 23:09 - 000000000 ____D C:\Users\Héloise\AppData\LocalLow\IGDump
2022-09-01 22:40 - 2022-09-01 22:40 - 000000000 ____D C:\Users\Héloise\AppData\Local\mbam
2022-09-01 22:39 - 2022-09-01 22:39 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-01 22:39 - 2022-09-01 22:39 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-01 22:39 - 2022-09-01 22:39 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-01 22:39 - 2022-09-01 22:39 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-01 22:38 - 2022-09-01 22:38 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-01 22:37 - 2022-09-01 22:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-01 22:36 - 2022-09-01 22:37 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-01 22:34 - 2022-09-01 22:34 - 002556344 _____ (Malwarebytes) C:\Users\Héloise\Desktop\MBSetup.exe
2022-09-01 20:35 - 2022-09-01 20:41 - 000000000 ____D C:\AdwCleaner
2022-09-01 20:34 - 2022-09-01 20:34 - 008551608 _____ (Malwarebytes) C:\Users\Héloise\Desktop\adwcleaner_8.3.2.exe
2022-09-01 20:21 - 2022-09-01 20:21 - 000000000 ____D C:\Program Files\Google
2022-09-01 19:55 - 2022-09-01 19:55 - 000000886 _____ C:\Users\Héloise\Desktop\ZHPCleaner.lnk
2022-09-01 19:53 - 2022-09-01 19:53 - 003303624 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPCleaner.exe
2022-09-01 17:57 - 2022-09-01 17:57 - 000000000 ____D C:\Users\Héloise\Desktop\photos
2022-09-01 16:58 - 2022-09-01 16:58 - 001036162 _____ C:\Users\Héloise\Downloads\Wub.zip
2022-09-01 16:58 - 2022-01-28 17:20 - 000000000 ____D C:\Users\Héloise\Desktop\Wub
2022-09-01 16:27 - 2022-09-01 16:27 - 001036162 _____ C:\Users\Héloise\Desktop\Wub.zip
2022-09-01 16:16 - 2022-09-01 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Internet Security
2022-09-01 16:11 - 2022-09-01 16:10 - 013291464 _____ (NortonLifeLock Inc.) C:\Users\Héloise\Desktop\NRnR.exe
2022-09-01 16:10 - 2022-09-01 16:10 - 013291464 _____ (NortonLifeLock Inc.) C:\Users\Héloise\Downloads\NRnR.exe
2022-09-01 15:34 - 2022-09-01 15:34 - 012759288 _____ (AVAST Software) C:\Users\Héloise\Downloads\avastclear.exe
2022-09-01 12:53 - 2022-09-02 12:42 - 000000000 ____D C:\FRST
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Downloads\FRST64.exe
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Desktop\FRST64.exe
2022-09-01 12:31 - 2022-09-02 12:22 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\ZHP
2022-09-01 12:31 - 2022-09-02 12:04 - 000000876 _____ C:\Users\Héloise\Desktop\ZHPSuite.lnk
2022-09-01 12:31 - 2022-09-01 19:55 - 000000000 ____D C:\Users\Héloise\AppData\Local\ZHP
2022-09-01 12:31 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPSuite.exe
2022-09-01 12:29 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Downloads\ZHPSuite.exe
2022-08-31 21:55 - 2022-08-31 21:56 - 037192656 _____ (Telegram FZ-LLC ) C:\Users\Héloise\Downloads\tsetup-x64.4.1.0.exe
2022-08-27 16:06 - 2022-08-27 16:06 - 000175094 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être houssine.odt
2022-08-27 15:50 - 2022-08-27 15:50 - 000175086 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-êtremonica.odt
2022-08-27 12:37 - 2022-08-27 12:37 - 109252932 _____ C:\Users\Héloise\Downloads\Prez Fit Vibes Montev 1.pptx
2022-08-27 12:34 - 2022-08-27 12:35 - 000173075 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être.odt
2022-08-27 12:09 - 2022-08-27 12:09 - 003404234 _____ C:\Users\Héloise\Desktop\Prez Fit Vibes Montev 1.pdf
2022-07-01 21:50 - 2022-07-01 21:50 - 000175534 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être-1-1 ARLAND.odt
2022-07-01 19:16 - 2022-07-01 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-07-01 19:16 - 2022-07-01 19:16 - 000000000 ____D C:\Program Files\7-Zip
2022-06-22 14:56 - 2022-06-22 14:56 - 000000000 ___HD C:\$AV_ASW
2022-06-22 14:54 - 2022-06-22 14:56 - 000000000 ____D C:\Users\Héloise\Desktop\Microsoft Office Professional Plus 2019
2022-06-22 13:49 - 2022-06-22 13:49 - 003331296 _____ (MobiSystems) C:\Users\Héloise\Downloads\OfficeSuiteSetup_IID_3c46471c-7f45-4eb4-991d-373d468355d2.exe
2022-06-22 13:23 - 2022-06-22 13:23 - 001423688 _____ C:\Users\Héloise\Downloads\MSTeamsSetupx64_s_8DA544156BACC96-7-0_c_l_.exe
2022-06-22 12:57 - 2022-09-01 16:48 - 000002355 _____ C:\Users\Héloise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-06-22 12:57 - 2022-06-22 12:57 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\Teams
2022-06-22 12:56 - 2022-06-22 13:24 - 000000000 ____D C:\Users\Héloise\AppData\Local\SquirrelTemp
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 12:23 - 2015-03-31 09:47 - 000000000 ___RD C:\Users\Héloise\OneDrive
2022-09-02 12:06 - 2014-02-06 23:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-02 11:20 - 2014-02-06 21:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-02 10:20 - 2014-02-06 22:23 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3245499168-2350251440-594027931-1002
2022-09-02 10:12 - 2014-02-06 22:15 - 000003944 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{BDBED45B-5F00-4876-AFB7-BC4C333BE7D7}
2022-09-01 23:05 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2022-09-01 21:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-01 21:21 - 2014-08-17 22:46 - 000000000 ____D C:\Users\Héloise\AppData\Local\CrashDumps
2022-09-01 21:00 - 2013-08-22 16:44 - 000515432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-01 20:59 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2022-09-01 20:41 - 2019-06-28 21:51 - 000000000 ____D C:\Users\Isabelle\AppData\Roaming\Hewlett-Packard
2022-09-01 20:41 - 2019-04-07 22:01 - 000000000 ____D C:\Users\Isabelle\AppData\Local\Hewlett-Packard
2022-09-01 20:41 - 2015-03-29 18:38 - 000000000 ____D C:\Users\Héloise
2022-09-01 20:41 - 2014-02-06 22:17 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\Hewlett-Packard
2022-09-01 20:41 - 2014-02-06 22:14 - 000000000 ____D C:\Users\Héloise\AppData\Local\Hewlett-Packard
2022-09-01 20:41 - 2013-11-27 20:20 - 000002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2022-09-01 20:41 - 2013-07-19 23:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-09-01 20:41 - 2013-07-19 23:05 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-09-01 20:41 - 2013-07-19 23:00 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-09-01 19:48 - 2016-01-25 23:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-09-01 19:45 - 2013-07-19 23:20 - 000000000 ____D C:\ProgramData\WildTangent
2022-09-01 19:44 - 2015-03-29 18:50 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2022-09-01 19:44 - 2013-11-27 20:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2022-09-01 19:44 - 2013-07-19 23:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-01 19:43 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2022-09-01 19:41 - 2013-11-27 20:45 - 000000000 ____D C:\ProgramData\CyberLink
2022-09-01 19:41 - 2013-07-19 23:14 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2022-09-01 19:32 - 2015-08-17 07:26 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\CyberLink
2022-09-01 19:32 - 2013-07-19 23:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2022-09-01 19:19 - 2018-07-28 13:20 - 000000000 ____D C:\Users\Héloise\AppData\Local\AVAST Software
2022-09-01 19:19 - 2014-02-13 22:53 - 000000000 ____D C:\ProgramData\AVAST Software
2022-09-01 17:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-09-01 16:59 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2022-09-01 16:36 - 2013-11-27 21:10 - 000000000 ____D C:\Program Files (x86)\Norton Internet Security
2022-09-01 16:32 - 2014-02-06 22:17 - 000000000 ____D C:\Users\Héloise\Documents\Youcam
2022-09-01 16:31 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-01 16:17 - 2013-11-27 21:10 - 000000000 ____D C:\ProgramData\Norton
2022-09-01 16:15 - 2014-11-21 00:46 - 002018064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-01 16:15 - 2014-11-21 00:03 - 000880712 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-01 16:15 - 2014-11-21 00:03 - 000189160 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-01 16:12 - 2015-08-16 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-08-31 22:01 - 2014-02-06 23:35 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-31 22:01 - 2014-02-06 23:35 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2016-05-06 12:02 - 2016-05-06 12:02 - 002433043 _____ () C:\Users\Héloise\AppData\Roaming\sb93.dat
2014-06-02 22:58 - 2016-12-09 10:58 - 000000284 _____ () C:\Users\Héloise\AppData\Roaming\WB.CFG
==================== SigCheckExt =========================
2014-04-08 23:43 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-04-08 23:43 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-04-08 23:43 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-04-08 23:43 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-04-08 23:43 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-04-08 23:43 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2013-07-19 23:00 - 2011-08-24 09:52 - 000117248 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2012-07-25 22:22 - 2012-07-26 05:07 - 004722176 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 006549504 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000188416 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000206336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2012-11-27 02:18 - 2012-11-27 02:18 - 000050688 _____ C:\WINDOWS\system32\kdbsdk64.dll
2014-04-08 23:45 - 2006-12-19 18:20 - 000077824 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EBAPI.dll
2014-04-08 23:45 - 2007-09-07 17:33 - 000135168 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBAPI.dll
2014-04-08 23:45 - 2006-12-19 18:31 - 000110592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBDSCVR.dll
2014-04-08 23:45 - 2003-12-17 01:01 - 000055808 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBSDKIF.dll
2014-04-08 23:45 - 2007-03-28 18:26 - 000065536 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBUtil.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 004338688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 004896768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000147456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000208896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2012-11-27 02:18 - 2012-11-27 02:18 - 000038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Desktop\FRST64.exe
2022-09-01 19:53 - 2022-09-01 19:53 - 003303624 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPCleaner.exe
2022-09-01 12:31 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPSuite.exe
2014-02-13 22:42 - 2014-02-13 22:43 - 014768072 _____ C:\Users\Héloise\Downloads\761_avast_Free_Antivirus.exe
2014-04-07 23:05 - 2014-04-07 23:06 - 022560768 _____ C:\Users\Héloise\Downloads\epson376212eu.exe
2014-04-08 23:30 - 2014-04-08 23:31 - 047493120 _____ C:\Users\Héloise\Downloads\epson377972eu.exe
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Downloads\FRST64.exe
2015-07-21 21:32 - 2015-07-21 21:32 - 001635544 _____ C:\Users\Héloise\Downloads\setup_Livre_photo_Pixum.exe
2022-09-01 12:29 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Downloads\ZHPSuite.exe
2020-03-28 17:51 - 2020-03-28 17:51 - 132856894 _____ C:\Users\Isabelle\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_fr (1).exe
2020-03-28 17:11 - 2020-03-28 17:12 - 132856894 _____ C:\Users\Isabelle\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_fr.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{2a75496e-578e-11e3-be6f-806e6f6e6963}
{efa49bee-57e1-11e3-b91f-c03c45e3ea99}
{efa49bef-57e1-11e3-b91f-c03c45e3ea99}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c29fb677-57a4-11e3-be73-a0d3c164284c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {2a75496e-578e-11e3-be6f-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {6e6767c5-8f61-11e3-be76-a0d3c164284c}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {efa49bee-57e1-11e3-b91f-c03c45e3ea99}
description USB Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {efa49bef-57e1-11e3-b91f-c03c45e3ea99}
description Internal CD/DVD ROM Drive (UEFI)
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c29fb674-57a4-11e3-be73-a0d3c164284c}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c29fb675-57a4-11e3-be73-a0d3c164284c}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c29fb675-57a4-11e3-be73-a0d3c164284c}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c29fb679-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {c29fb677-57a4-11e3-be73-a0d3c164284c}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c29fb679-57a4-11e3-be73-a0d3c164284c}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{c29fb67a-57a4-11e3-be73-a0d3c164284c}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{c29fb67a-57a4-11e3-be73-a0d3c164284c}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {c29fb677-57a4-11e3-be73-a0d3c164284c}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c29fb679-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {efa49bf2-57e1-11e3-b91f-c03c45e3ea99}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c29fb674-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {c29fb675-57a4-11e3-be73-a0d3c164284c}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {c29fb676-57a4-11e3-be73-a0d3c164284c}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {c29fb67a-57a4-11e3-be73-a0d3c164284c}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2022-09-01 21:42
==================== Fin de FRST.txt ========================
Exécuté par Héloise (administrateur) sur EDENLUNA (Hewlett-Packard HP Pavilion 15 Notebook PC) (02-09-2022 12:42:15)
Exécuté depuis C:\Users\Héloise\Desktop
Profils chargés: Héloise
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (MobiSystems, Inc. -> MobiSystems Inc.) C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIKE.EXE
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (RealVNC Limited -> RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SEIKO EPSON CORPORATION) [Fichier non signé] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [OfficeSuite] => C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe [339152 2022-06-14] (MobiSystems, Inc. -> MobiSystems Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3245499168-2350251440-594027931-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Héloise\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3245499168-2350251440-594027931-1005\...\Run: [Avast Browser] => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserUpdateCore.exe [521176 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3245499168-2350251440-594027931-1005\...\Run: [AvastBrowserAutoLaunch_41F42E4588060852330FD542E30C8FE3] => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON XP-302 303 305 306 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMIKE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [365568 2012-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.52\Installer\chrmstp.exe [2022-08-31] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {03729F7B-612E-4BF0-81BA-C26F433B5786} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2059272 2015-07-27] (Symantec Corporation -> Symantec Corporation)
Task: {0594731A-1E8A-4BC9-BB07-7F73CCF388BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {07058C2E-B672-4ACF-BDBC-3FA3835CAD0D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-3245499168-2350251440-594027931-1005 => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B138126-29EC-4788-869E-B8FB5399EEFC} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> Pas de fichier <==== ATTENTION
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1A34F697-A564-4403-A5BA-4A0A71B8655C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /InstallUpdates (Pas de fichier)
Task: {20D143FF-D4BF-41B9-B360-ACEABB4C5DBB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B766B9D-D434-455D-96FD-CF65A24C5649} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {45F35097-C9B9-4F8C-9CD8-1B5312A2D3B8} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-3245499168-2350251440-594027931-1005Core => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {7D196D87-DB48-4DCA-9F26-950C8A3267AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {89A0D9A3-EED2-4082-BA5F-8271419D9041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {922D7385-AC79-4FFE-BE64-1565F85954CB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [54096 2013-06-04] (Symantec Corporation -> Symantec Corporation)
Task: {96749168-827E-48B1-BE1B-46CA8F1D66A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {A1D7D181-0FDD-44A8-8B2B-5D8724965150} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {A29ED696-1E69-4997-8B41-A2E2DD122505} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-3245499168-2350251440-594027931-1005UA => C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {A84E99AE-04B4-471E-8C48-1F9607E6BFC6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {B11ECAE6-9493-4758-9FE2-6CEE3C6351ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {B4AD386B-E0CE-4A64-AF0F-BD8047C0F306} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF39CEA7-143C-4E5B-BA59-3F96DC85B0B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C42F67D0-A5B6-4D70-BFB8-1DFF090A35F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107072 2016-05-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {CCD9AAE6-21BC-4EF8-9EFD-F93DA004C06A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4B5403D-39D7-4B98-B01B-1A1C41D48F60} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {E84CEE9C-FFDA-4AE8-8DDD-B8CE9E2229F5} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [54096 2013-06-04] (Symantec Corporation -> Symantec Corporation)
Task: {ED84A6C4-4A2E-468E-9335-E6350619291C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{82D48583-B463-43DA-BB88-A49DD1875F82}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{C93EADBD-15DE-476F-824F-72E4A074FB2A}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Héloise\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-01]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF => non trouvé(e)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3245499168-2350251440-594027931-1005: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-02] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-3245499168-2350251440-594027931-1005: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\Isabelle\AppData\Local\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-02] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Extension: (Wolf) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccehekadeelebinmfibpahmllbjnnip [2022-09-01]
CHR Extension: (Norton Security Toolbar) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2016-01-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-17]
CHR Extension: (Plus) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2022-09-01]
CHR Extension: (Simple Files Downloader) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpndcdieibcjamippljnmmiibeaimfof [2022-06-22]
CHR Extension: (FUT Nation | Import des ventes FUT) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddhphgbpdgnokdbaeapmmcafekhedgc [2022-09-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Héloise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-12]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [Fichier non signé]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Fichier non signé]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (Hewlett-Packard Company -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-01] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Limited -> RealVNC Ltd.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288840 2013-04-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 12:42 - 2022-09-02 12:43 - 000021725 _____ C:\Users\Héloise\Desktop\FRST.txt
2022-09-02 12:22 - 2022-09-02 12:22 - 000366097 _____ C:\Users\Héloise\Desktop\ZHPDiag.html
2022-09-02 12:22 - 2022-09-02 12:22 - 000296816 _____ C:\Users\Héloise\Desktop\ZHPDiag.txt
2022-09-02 00:16 - 2022-09-02 00:16 - 000001958 _____ C:\Users\Héloise\Desktop\MBAM.txt
2022-09-01 22:45 - 2022-09-01 23:09 - 000000000 ____D C:\Users\Héloise\AppData\LocalLow\IGDump
2022-09-01 22:40 - 2022-09-01 22:40 - 000000000 ____D C:\Users\Héloise\AppData\Local\mbam
2022-09-01 22:39 - 2022-09-01 22:39 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-09-01 22:39 - 2022-09-01 22:39 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-01 22:39 - 2022-09-01 22:39 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-01 22:39 - 2022-09-01 22:39 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-01 22:38 - 2022-09-01 22:38 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-09-01 22:37 - 2022-09-01 22:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-01 22:36 - 2022-09-01 22:37 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-01 22:34 - 2022-09-01 22:34 - 002556344 _____ (Malwarebytes) C:\Users\Héloise\Desktop\MBSetup.exe
2022-09-01 20:35 - 2022-09-01 20:41 - 000000000 ____D C:\AdwCleaner
2022-09-01 20:34 - 2022-09-01 20:34 - 008551608 _____ (Malwarebytes) C:\Users\Héloise\Desktop\adwcleaner_8.3.2.exe
2022-09-01 20:21 - 2022-09-01 20:21 - 000000000 ____D C:\Program Files\Google
2022-09-01 19:55 - 2022-09-01 19:55 - 000000886 _____ C:\Users\Héloise\Desktop\ZHPCleaner.lnk
2022-09-01 19:53 - 2022-09-01 19:53 - 003303624 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPCleaner.exe
2022-09-01 17:57 - 2022-09-01 17:57 - 000000000 ____D C:\Users\Héloise\Desktop\photos
2022-09-01 16:58 - 2022-09-01 16:58 - 001036162 _____ C:\Users\Héloise\Downloads\Wub.zip
2022-09-01 16:58 - 2022-01-28 17:20 - 000000000 ____D C:\Users\Héloise\Desktop\Wub
2022-09-01 16:27 - 2022-09-01 16:27 - 001036162 _____ C:\Users\Héloise\Desktop\Wub.zip
2022-09-01 16:16 - 2022-09-01 16:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Internet Security
2022-09-01 16:11 - 2022-09-01 16:10 - 013291464 _____ (NortonLifeLock Inc.) C:\Users\Héloise\Desktop\NRnR.exe
2022-09-01 16:10 - 2022-09-01 16:10 - 013291464 _____ (NortonLifeLock Inc.) C:\Users\Héloise\Downloads\NRnR.exe
2022-09-01 15:34 - 2022-09-01 15:34 - 012759288 _____ (AVAST Software) C:\Users\Héloise\Downloads\avastclear.exe
2022-09-01 12:53 - 2022-09-02 12:42 - 000000000 ____D C:\FRST
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Downloads\FRST64.exe
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Desktop\FRST64.exe
2022-09-01 12:31 - 2022-09-02 12:22 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\ZHP
2022-09-01 12:31 - 2022-09-02 12:04 - 000000876 _____ C:\Users\Héloise\Desktop\ZHPSuite.lnk
2022-09-01 12:31 - 2022-09-01 19:55 - 000000000 ____D C:\Users\Héloise\AppData\Local\ZHP
2022-09-01 12:31 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPSuite.exe
2022-09-01 12:29 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Downloads\ZHPSuite.exe
2022-08-31 21:55 - 2022-08-31 21:56 - 037192656 _____ (Telegram FZ-LLC ) C:\Users\Héloise\Downloads\tsetup-x64.4.1.0.exe
2022-08-27 16:06 - 2022-08-27 16:06 - 000175094 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être houssine.odt
2022-08-27 15:50 - 2022-08-27 15:50 - 000175086 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-êtremonica.odt
2022-08-27 12:37 - 2022-08-27 12:37 - 109252932 _____ C:\Users\Héloise\Downloads\Prez Fit Vibes Montev 1.pptx
2022-08-27 12:34 - 2022-08-27 12:35 - 000173075 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être.odt
2022-08-27 12:09 - 2022-08-27 12:09 - 003404234 _____ C:\Users\Héloise\Desktop\Prez Fit Vibes Montev 1.pdf
2022-07-01 21:50 - 2022-07-01 21:50 - 000175534 _____ C:\Users\Héloise\Desktop\Ton-bilan-bien-être-1-1 ARLAND.odt
2022-07-01 19:16 - 2022-07-01 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-07-01 19:16 - 2022-07-01 19:16 - 000000000 ____D C:\Program Files\7-Zip
2022-06-22 14:56 - 2022-06-22 14:56 - 000000000 ___HD C:\$AV_ASW
2022-06-22 14:54 - 2022-06-22 14:56 - 000000000 ____D C:\Users\Héloise\Desktop\Microsoft Office Professional Plus 2019
2022-06-22 13:49 - 2022-06-22 13:49 - 003331296 _____ (MobiSystems) C:\Users\Héloise\Downloads\OfficeSuiteSetup_IID_3c46471c-7f45-4eb4-991d-373d468355d2.exe
2022-06-22 13:23 - 2022-06-22 13:23 - 001423688 _____ C:\Users\Héloise\Downloads\MSTeamsSetupx64_s_8DA544156BACC96-7-0_c_l_.exe
2022-06-22 12:57 - 2022-09-01 16:48 - 000002355 _____ C:\Users\Héloise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-06-22 12:57 - 2022-06-22 12:57 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\Teams
2022-06-22 12:56 - 2022-06-22 13:24 - 000000000 ____D C:\Users\Héloise\AppData\Local\SquirrelTemp
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-02 12:23 - 2015-03-31 09:47 - 000000000 ___RD C:\Users\Héloise\OneDrive
2022-09-02 12:06 - 2014-02-06 23:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-02 11:20 - 2014-02-06 21:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-09-02 10:20 - 2014-02-06 22:23 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3245499168-2350251440-594027931-1002
2022-09-02 10:12 - 2014-02-06 22:15 - 000003944 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{BDBED45B-5F00-4876-AFB7-BC4C333BE7D7}
2022-09-01 23:05 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2022-09-01 21:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-01 21:21 - 2014-08-17 22:46 - 000000000 ____D C:\Users\Héloise\AppData\Local\CrashDumps
2022-09-01 21:00 - 2013-08-22 16:44 - 000515432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-01 20:59 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2022-09-01 20:41 - 2019-06-28 21:51 - 000000000 ____D C:\Users\Isabelle\AppData\Roaming\Hewlett-Packard
2022-09-01 20:41 - 2019-04-07 22:01 - 000000000 ____D C:\Users\Isabelle\AppData\Local\Hewlett-Packard
2022-09-01 20:41 - 2015-03-29 18:38 - 000000000 ____D C:\Users\Héloise
2022-09-01 20:41 - 2014-02-06 22:17 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\Hewlett-Packard
2022-09-01 20:41 - 2014-02-06 22:14 - 000000000 ____D C:\Users\Héloise\AppData\Local\Hewlett-Packard
2022-09-01 20:41 - 2013-11-27 20:20 - 000002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Start Now Technology.lnk
2022-09-01 20:41 - 2013-07-19 23:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-09-01 20:41 - 2013-07-19 23:05 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-09-01 20:41 - 2013-07-19 23:00 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-09-01 19:48 - 2016-01-25 23:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-09-01 19:45 - 2013-07-19 23:20 - 000000000 ____D C:\ProgramData\WildTangent
2022-09-01 19:44 - 2015-03-29 18:50 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2022-09-01 19:44 - 2013-11-27 20:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2022-09-01 19:44 - 2013-07-19 23:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-01 19:43 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2022-09-01 19:41 - 2013-11-27 20:45 - 000000000 ____D C:\ProgramData\CyberLink
2022-09-01 19:41 - 2013-07-19 23:14 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2022-09-01 19:32 - 2015-08-17 07:26 - 000000000 ____D C:\Users\Héloise\AppData\Roaming\CyberLink
2022-09-01 19:32 - 2013-07-19 23:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2022-09-01 19:19 - 2018-07-28 13:20 - 000000000 ____D C:\Users\Héloise\AppData\Local\AVAST Software
2022-09-01 19:19 - 2014-02-13 22:53 - 000000000 ____D C:\ProgramData\AVAST Software
2022-09-01 17:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-09-01 16:59 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2022-09-01 16:36 - 2013-11-27 21:10 - 000000000 ____D C:\Program Files (x86)\Norton Internet Security
2022-09-01 16:32 - 2014-02-06 22:17 - 000000000 ____D C:\Users\Héloise\Documents\Youcam
2022-09-01 16:31 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-01 16:17 - 2013-11-27 21:10 - 000000000 ____D C:\ProgramData\Norton
2022-09-01 16:15 - 2014-11-21 00:46 - 002018064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-01 16:15 - 2014-11-21 00:03 - 000880712 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-01 16:15 - 2014-11-21 00:03 - 000189160 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-01 16:12 - 2015-08-16 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-08-31 22:01 - 2014-02-06 23:35 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-31 22:01 - 2014-02-06 23:35 - 000003376 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2016-05-06 12:02 - 2016-05-06 12:02 - 002433043 _____ () C:\Users\Héloise\AppData\Roaming\sb93.dat
2014-06-02 22:58 - 2016-12-09 10:58 - 000000284 _____ () C:\Users\Héloise\AppData\Roaming\WB.CFG
==================== SigCheckExt =========================
2014-04-08 23:43 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-04-08 23:43 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-04-08 23:43 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-04-08 23:43 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-04-08 23:43 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-04-08 23:43 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2013-07-19 23:00 - 2011-08-24 09:52 - 000117248 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2012-07-25 22:22 - 2012-07-26 05:07 - 004722176 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 006549504 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000188416 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000206336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2012-11-27 02:18 - 2012-11-27 02:18 - 000050688 _____ C:\WINDOWS\system32\kdbsdk64.dll
2014-04-08 23:45 - 2006-12-19 18:20 - 000077824 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EBAPI.dll
2014-04-08 23:45 - 2007-09-07 17:33 - 000135168 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBAPI.dll
2014-04-08 23:45 - 2006-12-19 18:31 - 000110592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBDSCVR.dll
2014-04-08 23:45 - 2003-12-17 01:01 - 000055808 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBSDKIF.dll
2014-04-08 23:45 - 2007-03-28 18:26 - 000065536 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBUtil.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 004338688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 004896768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000147456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000208896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2012-11-27 02:18 - 2012-11-27 02:18 - 000038912 _____ C:\WINDOWS\SysWOW64\kdbsdk32.dll
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Desktop\FRST64.exe
2022-09-01 19:53 - 2022-09-01 19:53 - 003303624 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPCleaner.exe
2022-09-01 12:31 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Desktop\ZHPSuite.exe
2014-02-13 22:42 - 2014-02-13 22:43 - 014768072 _____ C:\Users\Héloise\Downloads\761_avast_Free_Antivirus.exe
2014-04-07 23:05 - 2014-04-07 23:06 - 022560768 _____ C:\Users\Héloise\Downloads\epson376212eu.exe
2014-04-08 23:30 - 2014-04-08 23:31 - 047493120 _____ C:\Users\Héloise\Downloads\epson377972eu.exe
2022-09-01 12:52 - 2022-09-01 12:52 - 002371072 _____ (Farbar) C:\Users\Héloise\Downloads\FRST64.exe
2015-07-21 21:32 - 2015-07-21 21:32 - 001635544 _____ C:\Users\Héloise\Downloads\setup_Livre_photo_Pixum.exe
2022-09-01 12:29 - 2022-09-01 12:29 - 003506376 _____ (Nicolas Coolman) C:\Users\Héloise\Downloads\ZHPSuite.exe
2020-03-28 17:51 - 2020-03-28 17:51 - 132856894 _____ C:\Users\Isabelle\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_fr (1).exe
2020-03-28 17:11 - 2020-03-28 17:12 - 132856894 _____ C:\Users\Isabelle\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_fr.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{2a75496e-578e-11e3-be6f-806e6f6e6963}
{efa49bee-57e1-11e3-b91f-c03c45e3ea99}
{efa49bef-57e1-11e3-b91f-c03c45e3ea99}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {c29fb677-57a4-11e3-be73-a0d3c164284c}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {2a75496e-578e-11e3-be6f-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {6e6767c5-8f61-11e3-be76-a0d3c164284c}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {efa49bee-57e1-11e3-b91f-c03c45e3ea99}
description USB Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {efa49bef-57e1-11e3-b91f-c03c45e3ea99}
description Internal CD/DVD ROM Drive (UEFI)
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c29fb674-57a4-11e3-be73-a0d3c164284c}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c29fb675-57a4-11e3-be73-a0d3c164284c}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{c29fb675-57a4-11e3-be73-a0d3c164284c}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {c29fb679-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {c29fb677-57a4-11e3-be73-a0d3c164284c}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {c29fb679-57a4-11e3-be73-a0d3c164284c}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{c29fb67a-57a4-11e3-be73-a0d3c164284c}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{c29fb67a-57a4-11e3-be73-a0d3c164284c}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {c29fb677-57a4-11e3-be73-a0d3c164284c}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c29fb679-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {efa49bf2-57e1-11e3-b91f-c03c45e3ea99}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {c29fb674-57a4-11e3-be73-a0d3c164284c}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {c29fb675-57a4-11e3-be73-a0d3c164284c}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {c29fb676-57a4-11e3-be73-a0d3c164284c}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Options de p‚riph‚rique
-----------------------
identificateur {c29fb67a-57a4-11e3-be73-a0d3c164284c}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2022-09-01 21:42
==================== Fin de FRST.txt ========================