Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2022
Exécuté par Psych (administrateur) sur LAPTOP-ABE5EPBT (Acer Aspire E5-523G) (29-10-2022 14:17:35)
Exécuté depuis C:\Users\Psych\Desktop
Profils chargés: Psych
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2130 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [MicrosoftEdgeAutoLaunch_D3F70B7D7C9721DF60ACECFA1C2BC6AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-27] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0C6CDF48-17EB-4B61-9819-F63257BAAD14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {16DD17B3-02BC-45E8-B7DE-02829102459D} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {28D7243D-8DBD-484F-8DA8-061A391E51FB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (Pas de fichier)
Task: {2FB14086-EB68-45AD-BBE8-B17B91B28A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {3DBB4257-374F-4893-96BD-8F3AD17F7A91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49AFADF5-771B-4A40-BEB4-0A073099489F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52BF9C25-B86A-4B5A-9329-3B4B249ADD6E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {52E091DD-1F5D-45FB-92F0-F0748722D5A2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {582B390E-2B3A-4D41-BCEE-1E58E4718AC5} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {5E7D664F-F237-488D-8488-B0D940A165DE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {72095355-9148-4CB3-AB56-BA762C866660} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {781C54DE-6E8A-4D26-AF52-6625C6623E00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C3615F1-208D-4FA0-97B0-8153F309923D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> )
Task: {A73B6B3E-6B2A-492D-94BD-978863F7BE3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9F47175-F3DA-4310-9CB4-810229B80289} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier)
Task: {C13141E4-FC32-4E17-AB01-203D864FB859} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-12-02] (Acer Incorporated -> Acer Incorporated)
Task: {D2FC16C6-344E-4434-857E-1669029EBFCD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {D5E3E407-3E57-48BE-9CB7-BD66B0DDCB55} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {DE159F22-CC55-44DE-96E8-051D539735C0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {FB779937-04BA-413B-B17F-1E191539F0ED} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85da40b5-55a6-4776-aa67-39a15181517a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a119e1d5-dd27-4f98-9824-42a3d7ff2ea7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3d5298f-39ff-42da-917b-53d0cf37c48c}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-29]
Edge Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpmacpalonncbafboibpcjcpadloannb [2022-10-22]
FireFox:
========
FF DefaultProfile: qll0ygox.default-1526207948301
FF ProfilePath: C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 [2022-10-29]
FF Homepage: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.msn.com/fr-fr
FF Notifications: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.running-addict.fr
FF Extension: (eID Belgique) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-03]
FF Extension: (Notifier for Gmail™) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-09-18]
FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\sp@avast.com.xpi [2022-08-22]
FF Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2022-10-27]
FF Extension: (Connective signing extension) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2021-07-16]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1293743166-411171862-1139664926-1001: connective.be/BrowserPlugin -> C:\Users\Psych\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-10-10] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-29] (Malwarebytes Inc. -> Malwarebytes)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-29 14:17 - 2022-10-29 14:18 - 000015474 _____ C:\Users\Psych\Desktop\FRST.txt
2022-10-29 14:16 - 2022-10-29 14:16 - 000000000 ____D C:\Users\Psych\Desktop\FRST-OlderVersion
2022-10-29 14:15 - 2022-10-29 14:15 - 000287516 _____ C:\Users\Psych\Desktop\ZHPDiag.txt
2022-10-29 07:20 - 2022-10-29 07:20 - 000000000 ____D C:\Users\Psych\AppData\Local\mbam
2022-10-29 07:19 - 2022-10-29 07:19 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-29 07:19 - 2022-10-29 07:19 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-29 07:19 - 2022-10-29 07:19 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-29 07:19 - 2022-10-29 07:18 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-29 07:19 - 2022-10-29 07:18 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-29 07:18 - 2022-10-29 07:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-29 07:18 - 2022-10-29 07:18 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-29 07:09 - 2022-10-29 07:09 - 008791352 _____ (Malwarebytes) C:\Users\Psych\Desktop\adwcleaner_8.4.0.exe
2022-10-29 07:04 - 2022-10-29 07:04 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\AMD
2022-10-29 06:34 - 2022-10-29 06:34 - 000000924 _____ C:\Users\Psych\Desktop\ZHPCleaner.lnk
2022-10-29 06:31 - 2022-10-29 06:31 - 003305160 _____ (Nicolas Coolman) C:\Users\Psych\Desktop\ZHPCleaner.exe
2022-10-28 18:51 - 2022-10-28 18:51 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-10-28 07:30 - 2022-10-29 14:18 - 000000000 ____D C:\FRST
2022-10-28 07:29 - 2022-10-29 14:16 - 002374144 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe
2022-10-28 07:14 - 2022-10-29 14:15 - 000000000 ____D C:\Users\Psych\AppData\Roaming\ZHP
2022-10-28 07:14 - 2022-10-29 14:05 - 000000914 _____ C:\Users\Psych\Desktop\ZHPSuite.lnk
2022-10-28 07:14 - 2022-10-28 07:14 - 000000842 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZHPSuite.lnk
2022-10-27 17:57 - 2022-10-29 06:34 - 000000000 ____D C:\Users\Psych\AppData\Local\ZHP
2022-10-27 17:57 - 2022-10-28 07:14 - 000000000 ____D C:\Users\Psych\Desktop\ZHP
2022-10-27 12:26 - 2022-10-28 07:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-21 18:21 - 2022-10-21 18:21 - 000002232 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-12 06:08 - 2022-10-12 06:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 06:08 - 2022-10-12 06:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 06:07 - 2022-10-12 06:07 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 06:07 - 2022-10-12 06:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 05:54 - 2022-10-12 05:54 - 000000000 ___HD C:\$WinREAgent
2022-10-11 17:26 - 2022-10-11 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-10-11 17:22 - 2022-10-11 17:47 - 000000000 ____D C:\Users\Psych\Desktop\Engie financement
2022-10-04 14:43 - 2022-10-04 14:35 - 000186525 _____ C:\Users\Psych\Desktop\Questionnaire-patient_juillet_2019.pdf
2022-10-04 14:36 - 2022-10-04 14:35 - 000023244 _____ C:\Users\Psych\Desktop\9dda2cf6-540e-48a8-b305-a5c546ffd459.pdf
2022-09-18 21:03 - 2022-09-18 21:15 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (6)
2022-09-18 20:25 - 2022-09-18 20:52 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (5)
2022-09-14 22:28 - 2022-09-14 22:28 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 22:28 - 2022-09-14 22:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-08-22 17:39 - 2022-08-22 17:39 - 001010620 _____ C:\WINDOWS\Minidump\082222-14906-01.dmp
2022-08-11 00:04 - 2022-08-11 00:04 - 000000000 ____D C:\Users\Psych\Desktop\Bridget
2022-08-10 22:19 - 2022-08-10 22:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 22:19 - 2022-08-10 22:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 22:17 - 2022-08-10 22:17 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 22:16 - 2022-08-10 22:16 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 22:16 - 2022-08-10 22:16 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-29 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-29 13:47 - 2022-03-02 22:56 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (4)
2022-10-29 13:46 - 2018-05-12 23:02 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\Mozilla
2022-10-29 13:44 - 2019-11-22 16:08 - 000000000 ___RD C:\Users\Psych\OneDrive
2022-10-29 07:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-29 07:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-29 07:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-29 07:09 - 2020-11-07 21:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-29 07:09 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-10-29 07:09 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-10-29 07:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-29 07:05 - 2020-11-07 21:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2022-10-29 07:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-29 07:03 - 2020-11-13 07:49 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-29 07:03 - 2020-11-07 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-29 07:03 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-29 07:03 - 2017-06-09 18:30 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-10-29 06:32 - 2020-07-04 22:58 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-29 06:32 - 2020-07-04 22:58 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-28 19:52 - 2020-11-07 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 19:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-28 19:07 - 2018-10-04 06:04 - 000000000 ____D C:\Users\Psych\AppData\Local\Sony Channel Editor
2022-10-28 19:07 - 2018-05-19 21:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-28 19:03 - 2018-12-23 16:09 - 000000000 ____D C:\Program Files (x86)\MyETraining
2022-10-28 18:59 - 2018-05-13 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-28 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-10-28 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-10-28 18:57 - 2019-01-20 15:30 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-10-28 18:57 - 2018-05-13 00:32 - 000000000 ____D C:\Program Files (x86)\7-Zip
2022-10-28 18:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-28 18:54 - 2018-07-31 08:40 - 000000000 ____D C:\Users\Psych\AppData\Local\AVAST Software
2022-10-28 18:51 - 2018-05-12 23:31 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-28 09:06 - 2020-11-07 21:05 - 000000000 ____D C:\Users\Psych
2022-10-28 07:54 - 2018-07-10 10:57 - 000000000 ____D C:\Users\Psych\AppData\Local\D3DSCache
2022-10-28 07:37 - 2020-11-07 21:05 - 000000000 ____D C:\Users\defaultuser0
2022-10-28 07:08 - 2020-11-07 21:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-28 07:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-27 16:38 - 2021-09-25 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-27 16:38 - 2018-05-13 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-26 14:22 - 2018-05-12 23:55 - 000000000 ____D C:\Users\Psych\AppData\Local\CrashDumps
2022-10-25 15:35 - 2019-12-11 18:54 - 000000000 ____D C:\ProgramData\Autodesk
2022-10-25 15:29 - 2019-12-11 19:10 - 000000000 ____D C:\Program Files (x86)\Autodesk
2022-10-25 15:14 - 2017-01-24 12:49 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-25 14:35 - 2020-11-07 21:15 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-25 14:35 - 2020-11-07 21:05 - 000002466 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-21 18:21 - 2022-02-09 15:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-19 22:01 - 2021-12-11 05:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-15 08:47 - 2020-11-07 21:15 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 08:47 - 2020-11-07 21:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-12 07:02 - 2020-11-07 21:02 - 000456304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 06:13 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 06:13 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 06:07 - 2020-11-07 21:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 05:52 - 2018-05-13 14:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 05:46 - 2018-05-13 14:37 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 17:26 - 2021-06-18 14:01 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== SigCheckExt =========================
2017-06-09 18:33 - 2016-07-16 13:43 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2013-03-01 03:47 - 2013-03-01 03:47 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2022-10-28 07:29 - 2022-10-29 14:16 - 002374144 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe
2022-10-29 06:31 - 2022-10-29 06:31 - 003305160 _____ (Nicolas Coolman) C:\Users\Psych\Desktop\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fb-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fd-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fe-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {b5f95ce3-212b-11eb-946b-ff6bb89960be}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b5f95ce1-212b-11eb-946b-ff6bb89960be}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {b5f95ce4-212b-11eb-946b-ff6bb89960be}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Psych (administrateur) sur LAPTOP-ABE5EPBT (Acer Aspire E5-523G) (29-10-2022 14:17:35)
Exécuté depuis C:\Users\Psych\Desktop
Profils chargés: Psych
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2130 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [MicrosoftEdgeAutoLaunch_D3F70B7D7C9721DF60ACECFA1C2BC6AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-27] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0C6CDF48-17EB-4B61-9819-F63257BAAD14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {16DD17B3-02BC-45E8-B7DE-02829102459D} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {28D7243D-8DBD-484F-8DA8-061A391E51FB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (Pas de fichier)
Task: {2FB14086-EB68-45AD-BBE8-B17B91B28A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {3DBB4257-374F-4893-96BD-8F3AD17F7A91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49AFADF5-771B-4A40-BEB4-0A073099489F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52BF9C25-B86A-4B5A-9329-3B4B249ADD6E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {52E091DD-1F5D-45FB-92F0-F0748722D5A2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {582B390E-2B3A-4D41-BCEE-1E58E4718AC5} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {5E7D664F-F237-488D-8488-B0D940A165DE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {72095355-9148-4CB3-AB56-BA762C866660} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {781C54DE-6E8A-4D26-AF52-6625C6623E00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C3615F1-208D-4FA0-97B0-8153F309923D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> )
Task: {A73B6B3E-6B2A-492D-94BD-978863F7BE3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9F47175-F3DA-4310-9CB4-810229B80289} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier)
Task: {C13141E4-FC32-4E17-AB01-203D864FB859} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-12-02] (Acer Incorporated -> Acer Incorporated)
Task: {D2FC16C6-344E-4434-857E-1669029EBFCD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {D5E3E407-3E57-48BE-9CB7-BD66B0DDCB55} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {DE159F22-CC55-44DE-96E8-051D539735C0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {FB779937-04BA-413B-B17F-1E191539F0ED} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85da40b5-55a6-4776-aa67-39a15181517a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a119e1d5-dd27-4f98-9824-42a3d7ff2ea7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3d5298f-39ff-42da-917b-53d0cf37c48c}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-29]
Edge Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpmacpalonncbafboibpcjcpadloannb [2022-10-22]
FireFox:
========
FF DefaultProfile: qll0ygox.default-1526207948301
FF ProfilePath: C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 [2022-10-29]
FF Homepage: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.msn.com/fr-fr
FF Notifications: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.running-addict.fr
FF Extension: (eID Belgique) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-03]
FF Extension: (Notifier for Gmail™) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-09-18]
FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\sp@avast.com.xpi [2022-08-22]
FF Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2022-10-27]
FF Extension: (Connective signing extension) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2021-07-16]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1293743166-411171862-1139664926-1001: connective.be/BrowserPlugin -> C:\Users\Psych\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-10-10] (HP Inc. -> HP Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-29] (Malwarebytes Inc. -> Malwarebytes)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-29 14:17 - 2022-10-29 14:18 - 000015474 _____ C:\Users\Psych\Desktop\FRST.txt
2022-10-29 14:16 - 2022-10-29 14:16 - 000000000 ____D C:\Users\Psych\Desktop\FRST-OlderVersion
2022-10-29 14:15 - 2022-10-29 14:15 - 000287516 _____ C:\Users\Psych\Desktop\ZHPDiag.txt
2022-10-29 07:20 - 2022-10-29 07:20 - 000000000 ____D C:\Users\Psych\AppData\Local\mbam
2022-10-29 07:19 - 2022-10-29 07:19 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-29 07:19 - 2022-10-29 07:19 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-29 07:19 - 2022-10-29 07:19 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-29 07:19 - 2022-10-29 07:18 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-29 07:19 - 2022-10-29 07:18 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-29 07:18 - 2022-10-29 07:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-29 07:18 - 2022-10-29 07:18 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-29 07:09 - 2022-10-29 07:09 - 008791352 _____ (Malwarebytes) C:\Users\Psych\Desktop\adwcleaner_8.4.0.exe
2022-10-29 07:04 - 2022-10-29 07:04 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\AMD
2022-10-29 06:34 - 2022-10-29 06:34 - 000000924 _____ C:\Users\Psych\Desktop\ZHPCleaner.lnk
2022-10-29 06:31 - 2022-10-29 06:31 - 003305160 _____ (Nicolas Coolman) C:\Users\Psych\Desktop\ZHPCleaner.exe
2022-10-28 18:51 - 2022-10-28 18:51 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-10-28 07:30 - 2022-10-29 14:18 - 000000000 ____D C:\FRST
2022-10-28 07:29 - 2022-10-29 14:16 - 002374144 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe
2022-10-28 07:14 - 2022-10-29 14:15 - 000000000 ____D C:\Users\Psych\AppData\Roaming\ZHP
2022-10-28 07:14 - 2022-10-29 14:05 - 000000914 _____ C:\Users\Psych\Desktop\ZHPSuite.lnk
2022-10-28 07:14 - 2022-10-28 07:14 - 000000842 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZHPSuite.lnk
2022-10-27 17:57 - 2022-10-29 06:34 - 000000000 ____D C:\Users\Psych\AppData\Local\ZHP
2022-10-27 17:57 - 2022-10-28 07:14 - 000000000 ____D C:\Users\Psych\Desktop\ZHP
2022-10-27 12:26 - 2022-10-28 07:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-21 18:21 - 2022-10-21 18:21 - 000002232 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-12 06:08 - 2022-10-12 06:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 06:08 - 2022-10-12 06:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 06:07 - 2022-10-12 06:07 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 06:07 - 2022-10-12 06:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 05:54 - 2022-10-12 05:54 - 000000000 ___HD C:\$WinREAgent
2022-10-11 17:26 - 2022-10-11 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-10-11 17:22 - 2022-10-11 17:47 - 000000000 ____D C:\Users\Psych\Desktop\Engie financement
2022-10-04 14:43 - 2022-10-04 14:35 - 000186525 _____ C:\Users\Psych\Desktop\Questionnaire-patient_juillet_2019.pdf
2022-10-04 14:36 - 2022-10-04 14:35 - 000023244 _____ C:\Users\Psych\Desktop\9dda2cf6-540e-48a8-b305-a5c546ffd459.pdf
2022-09-18 21:03 - 2022-09-18 21:15 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (6)
2022-09-18 20:25 - 2022-09-18 20:52 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (5)
2022-09-14 22:28 - 2022-09-14 22:28 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 22:28 - 2022-09-14 22:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-08-22 17:39 - 2022-08-22 17:39 - 001010620 _____ C:\WINDOWS\Minidump\082222-14906-01.dmp
2022-08-11 00:04 - 2022-08-11 00:04 - 000000000 ____D C:\Users\Psych\Desktop\Bridget
2022-08-10 22:19 - 2022-08-10 22:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 22:19 - 2022-08-10 22:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 22:17 - 2022-08-10 22:17 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 22:16 - 2022-08-10 22:16 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 22:16 - 2022-08-10 22:16 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-29 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-29 13:47 - 2022-03-02 22:56 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (4)
2022-10-29 13:46 - 2018-05-12 23:02 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\Mozilla
2022-10-29 13:44 - 2019-11-22 16:08 - 000000000 ___RD C:\Users\Psych\OneDrive
2022-10-29 07:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-29 07:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-29 07:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-29 07:09 - 2020-11-07 21:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-29 07:09 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-10-29 07:09 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-10-29 07:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-29 07:05 - 2020-11-07 21:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2022-10-29 07:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-29 07:03 - 2020-11-13 07:49 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-29 07:03 - 2020-11-07 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-29 07:03 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-29 07:03 - 2017-06-09 18:30 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-10-29 06:32 - 2020-07-04 22:58 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-29 06:32 - 2020-07-04 22:58 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-28 19:52 - 2020-11-07 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 19:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-28 19:07 - 2018-10-04 06:04 - 000000000 ____D C:\Users\Psych\AppData\Local\Sony Channel Editor
2022-10-28 19:07 - 2018-05-19 21:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-28 19:03 - 2018-12-23 16:09 - 000000000 ____D C:\Program Files (x86)\MyETraining
2022-10-28 18:59 - 2018-05-13 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-28 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-10-28 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-10-28 18:57 - 2019-01-20 15:30 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-10-28 18:57 - 2018-05-13 00:32 - 000000000 ____D C:\Program Files (x86)\7-Zip
2022-10-28 18:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-28 18:54 - 2018-07-31 08:40 - 000000000 ____D C:\Users\Psych\AppData\Local\AVAST Software
2022-10-28 18:51 - 2018-05-12 23:31 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-28 09:06 - 2020-11-07 21:05 - 000000000 ____D C:\Users\Psych
2022-10-28 07:54 - 2018-07-10 10:57 - 000000000 ____D C:\Users\Psych\AppData\Local\D3DSCache
2022-10-28 07:37 - 2020-11-07 21:05 - 000000000 ____D C:\Users\defaultuser0
2022-10-28 07:08 - 2020-11-07 21:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-28 07:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-27 16:38 - 2021-09-25 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-27 16:38 - 2018-05-13 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-26 14:22 - 2018-05-12 23:55 - 000000000 ____D C:\Users\Psych\AppData\Local\CrashDumps
2022-10-25 15:35 - 2019-12-11 18:54 - 000000000 ____D C:\ProgramData\Autodesk
2022-10-25 15:29 - 2019-12-11 19:10 - 000000000 ____D C:\Program Files (x86)\Autodesk
2022-10-25 15:14 - 2017-01-24 12:49 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-25 14:35 - 2020-11-07 21:15 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-25 14:35 - 2020-11-07 21:05 - 000002466 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-21 18:21 - 2022-02-09 15:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-19 22:01 - 2021-12-11 05:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-15 08:47 - 2020-11-07 21:15 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 08:47 - 2020-11-07 21:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-12 07:02 - 2020-11-07 21:02 - 000456304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 06:13 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 06:13 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 06:07 - 2020-11-07 21:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 05:52 - 2018-05-13 14:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 05:46 - 2018-05-13 14:37 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 17:26 - 2021-06-18 14:01 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== SigCheckExt =========================
2017-06-09 18:33 - 2016-07-16 13:43 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2013-03-01 03:47 - 2013-03-01 03:47 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2022-10-28 07:29 - 2022-10-29 14:16 - 002374144 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe
2022-10-29 06:31 - 2022-10-29 06:31 - 003305160 _____ (Nicolas Coolman) C:\Users\Psych\Desktop\ZHPCleaner.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fb-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fd-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fe-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {b5f95ce3-212b-11eb-946b-ff6bb89960be}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b5f95ce1-212b-11eb-946b-ff6bb89960be}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {b5f95ce4-212b-11eb-946b-ff6bb89960be}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================