Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023
Exécuté par Lionel (administrateur) sur LIONEL (Hewlett-Packard HP Pavilion 17 Notebook PC) (14-12-2023 08:11:14)
Exécuté depuis C:\Users\Marie-thérese\Desktop\FRST64.exe
Profils chargés: Lionel
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1225920 2014-03-28] (NVIDIA CORPORATION -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [417176 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\Windows\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {293BD608-F0FD-4FC0-BCAE-95901192F0B0} - System32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F} => c:\program files (x86)\google\chrome\application\chrome.exe [3151136 2023-10-02] (Google LLC -> Google LLC) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002
Task: {BC437156-9E86-45F3-8CE5-29C8E94975A2} - System32\Tasks\{F1F66240-E24B-4A2E-BF73-1B9DE5783473} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a E:\Setup.EXE -d E:\
Task: {EF0CD7AE-E582-49E5-8D4F-9E0B3581AD05} - System32\Tasks\{FCF80929-CD22-46CE-91E9-09FF91D5D460} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Lexmark Pro200-S500 Series\Install\x64\instgui.exe" -c /u
Task: {CB0BAB38-B254-48F4-8C30-7139D811C105} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {B8B73D45-9D40-405A-B9BF-8952BD1797A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5094808 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {0F2D4766-9AC8-4FCB-B2FD-DF71595883C1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1398680 2023-11-15] (Avast Software s.r.o. -> AVAST Software)
Task: {41E7213A-4557-476C-875B-07A0953B1350} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4845464 2023-11-15] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus).
Task: {54F54E9B-2D1A-4DA8-939D-FE06AF5EEFFA} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-11-06] (Avast Software s.r.o. -> Avast Software)
Task: {D6EA844B-E77E-46AF-BFCF-A5C0B01E2B93} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {5B92BC13-947C-4C69-9685-DC57739EE386} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4C013249-B762-4003-8C3A-7B9E216D4ED3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "647b8038-0eff-4fc2-8e8f-ff1bf1d4058d" --version "6.18.10838" --silent
Task: {23ED960D-33F4-4B4E-B71C-2ADF1879441F} - System32\Tasks\CCleanerSkipUAC - Lionel => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C5DBEB5F-3D4B-47E7-97E7-98084B0192D1} - System32\Tasks\CCleanerSkipUAC - Marie-thérese => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9CEDDF20-9D80-4861-9991-4B2A4A48935C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {12AD43E8-834C-4D72-A56C-A9C84D388FEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {BCF54753-B34C-4E31-9C14-DCE8AA8234E8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2013-11-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {175AF3B8-7CCA-4303-947F-CC854303676B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {7E4E9DF5-6FF0-48BB-BCC7-AABE38753D5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.)
Task: {904C06E5-BCC4-4011-9BFA-0B631E8C2DA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {27E87FFD-AFD9-44FB-9B24-491D6A687B9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {A55B71CD-8F52-4D4B-9C8D-3ED12D84D61F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {518552C8-43B1-48B6-9A03-2E06BF9832D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {9F9B1DA1-1D18-4249-8816-D76BBFD660B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-08-20] (HP Inc. -> HP Inc.)
Task: {6ABD88AC-CFE5-4504-9D03-C963D14B5081} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (Pas de fichier)
Task: {E420B155-5FD7-4872-BA69-ECBC67A35A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {D3CD811C-3811-4F82-9EEC-8DDEDFDFC984} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe -minimizedBoot (Pas de fichier)
Task: {D72B9541-1D4D-48EF-9F88-849F457E457A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9E6A4803-CDAC-4B0E-AEE5-F6641BA4B90D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {46A9F714-E9A6-4E9C-9A58-5BCFFFCE0003} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /analyze (Pas de fichier)
Task: {6643511D-08EC-4E37-BD79-850425EF5CBE} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /submit (Pas de fichier)
Task: {BEC12B86-FE2F-4D87-A316-94F45B7786FA} - System32\Tasks\Opera scheduled Autoupdate 1646983174 => C:\Users\Marie-thérese\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {BC8BC67B-CD55-416A-BDED-0FDEC7DF8702} - System32\Tasks\Remediation\AntimalwareMigrationTask => "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon (Pas de fichier)
Task: {C35BBB2B-2300-4D60-AFF8-13185E0CC189} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [NameServer] 208.67.220.222,208.67.222.220,192.168.1.1
Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [NameServer] 208.67.220.222,208.67.222.220
Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D8B54409-0E4E-48D1-9997-E0178B88A2ED}: [NameServer] 208.67.220.222,208.67.222.220
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marie-thérese\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: l7jr1qkr.default
FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\l7jr1qkr.default [2020-03-21]
FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 [2023-12-14]
FF Homepage: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.google.fr/
FF Notifications: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.instagram.com
FF Extension: (Photon Colors) - C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2022-01-17]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default [2023-12-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Infos Social) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoghhfnjcmohkggjidnolmahnpbljkgi [2019-03-04]
CHR Extension: (Recherche Google) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-13]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-12-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-06]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR Profile: C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable [2023-12-12]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-16]
OPR Extension: (Opera Wallet) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-11]
StartMenuInternet: (HKU\S-1-5-21-2790450368-3373794169-1768395478-1001) OperaStable - "C:\Users\Marie-thérese\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9065880 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [753048 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2335128 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1157528 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1083808 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] (Intel(R) Smart Connect software -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-12] (Malwarebytes Inc. -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11227032 2023-11-15] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S2 KamoSvc; "C:\Program Files (x86)\Kamo\KamoSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243248 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-09] (Broadcom Corporation -> Broadcom Corporation.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
U3 McAPExe; pas de ImagePath
U3 McMPFSvc; pas de ImagePath
U3 McNaiAnn; pas de ImagePath
U3 mcpltsvc; pas de ImagePath
U3 McProxy; pas de ImagePath
U3 mfecore; pas de ImagePath
U3 MSK80Service; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-14 08:11 - 2023-12-14 08:13 - 000031397 _____ C:\Users\Marie-thérese\Desktop\FRST.txt
2023-12-14 08:09 - 2023-12-14 08:12 - 000000000 ____D C:\FRST
2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe
2023-12-14 08:01 - 2023-12-14 08:01 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Downloads\Non confirmé 260342.crdownload
2023-12-14 07:20 - 2023-12-14 07:20 - 000204552 _____ C:\Users\Marie-thérese\Desktop\ZHPDiag.txt
2023-12-14 07:11 - 2023-12-14 07:11 - 000000880 _____ C:\Users\Marie-thérese\Desktop\ZHPSuite.lnk
2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe
2023-12-13 17:49 - 2023-12-13 17:49 - 000314264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-12-13 07:01 - 2023-12-13 07:01 - 000000000 ____D C:\ProgramData\Emsisoft
2023-12-12 09:15 - 2023-12-12 09:15 - 586890543 _____ C:\Windows\MEMORY.DMP
2023-12-12 09:15 - 2023-12-12 09:15 - 000319504 _____ C:\Windows\Minidump\121223-33953-01.dmp
2023-12-12 08:35 - 2023-12-14 06:19 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Malwarebytes
2023-12-12 08:35 - 2023-12-12 08:35 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-12-12 08:35 - 2023-12-12 08:35 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-12-12 07:40 - 2023-12-12 07:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-12-12 07:39 - 2023-12-12 07:56 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-12 07:37 - 2023-12-12 07:37 - 002094168 _____ (Malwarebytes) C:\Users\Marie-thérese\Downloads\MBSetup-4.4.0.222.exe
2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ C:\Users\Marie-thérese\AppData\Local\recently-used.xbel
2023-12-07 10:20 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\arb_fichiers
2023-12-07 10:20 - 2023-12-07 10:20 - 000593501 _____ C:\Users\Marie-thérese\Downloads\arb.html
2023-12-07 08:39 - 2023-12-07 08:39 - 000088245 _____ C:\Users\Marie-thérese\Downloads\37 Oil Paintings By Iranian Artist Ahmad Haraji.jpeg
2023-12-07 07:47 - 2023-12-07 10:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Gif
2023-12-05 15:33 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette_fichiers
2023-12-05 15:33 - 2023-12-05 15:33 - 000644353 _____ C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette.html
2023-11-28 07:19 - 2023-12-05 09:03 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux art majeur
2023-11-25 07:22 - 2023-11-25 07:22 - 000031026 _____ C:\Users\Marie-thérese\Downloads\justificatif-de-vente_116632257_331488-A.pdf
2023-11-25 07:16 - 2023-11-25 07:16 - 000165378 _____ C:\Users\Marie-thérese\Downloads\8R44055561932.pdf
2023-11-22 06:55 - 2023-11-23 07:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-19 11:36 - 2023-11-19 11:36 - 000000477 _____ C:\Users\Marie-thérese\Desktop\My Passport (F) - Raccourci.lnk
2023-11-19 09:49 - 2023-11-19 10:01 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 2
2023-11-19 09:43 - 2023-11-19 09:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\téléphone vivi 2023
2023-11-19 09:15 - 2023-11-19 09:34 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 1
2023-11-14 14:22 - 2023-11-14 14:22 - 000225011 _____ C:\Users\Marie-thérese\Downloads\attestation matmut pour salle d allouis.pdf
2023-11-13 17:45 - 2023-11-13 17:50 - 000000000 ____D C:\Users\Marie-thérese\Downloads\[ Torrent9.pe ] Les.Grands.Esprits.2017.FRENCH.HDRip.XviD-FuN
2023-10-17 07:05 - 2023-10-17 07:05 - 000033800 _____ C:\Users\Marie-thérese\Downloads\Facture_629456.pdf
2023-10-11 13:24 - 2023-10-11 13:25 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Côte de Granit 2023
2023-10-02 06:30 - 2023-10-02 06:30 - 000187601 _____ C:\Users\Marie-thérese\Downloads\ExpositionVaryeA3_compressed-1.pdf
2023-09-25 06:39 - 2023-09-25 06:39 - 000047882 _____ C:\Users\Marie-thérese\Downloads\Facture n° 2600842678.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-14 08:06 - 2022-02-18 12:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-14 08:03 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2023-12-14 07:44 - 2014-08-19 16:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-14 07:20 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\ZHP
2023-12-14 07:18 - 2022-10-13 06:25 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-14 07:11 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\ZHP
2023-12-14 06:40 - 2022-05-26 07:06 - 000000000 ____D C:\Users\Marie-thérese\Downloads\film
2023-12-14 06:34 - 2022-08-16 05:32 - 000000000 ____D C:\Users\Marie-thérese\Documents\Youcam
2023-12-14 06:22 - 2014-05-07 23:16 - 000842170 _____ C:\Windows\system32\perfh00C.dat
2023-12-14 06:22 - 2014-05-07 23:16 - 000172516 _____ C:\Windows\system32\perfc00C.dat
2023-12-14 06:22 - 2014-03-18 10:53 - 001963534 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-14 06:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2023-12-14 06:16 - 2023-08-02 10:40 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-12-14 06:15 - 2014-06-17 05:51 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-14 06:15 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-13 18:02 - 2020-03-21 11:31 - 000000000 ____D C:\ProgramData\AVAST Software
2023-12-13 17:50 - 2022-06-17 09:58 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-12-13 17:49 - 2020-10-08 10:31 - 000276848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-12-13 17:49 - 2020-05-01 09:35 - 000561888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000711664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000319672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000297984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000243248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000105352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000080528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000952856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000394008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-12-13 16:15 - 2022-06-11 07:02 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-12-13 16:15 - 2014-08-19 14:14 - 000000000 ____D C:\Users\Marie-thérese
2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\Downloads\.opera
2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\.opera
2023-12-12 09:27 - 2014-08-19 16:32 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2790450368-3373794169-1768395478-1001
2023-12-12 09:15 - 2023-01-27 08:49 - 000000000 ____D C:\Windows\Minidump
2023-12-12 07:56 - 2022-01-06 09:41 - 000002026 ____C C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2023-12-12 07:39 - 2014-08-19 16:38 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-12 07:39 - 2014-08-19 16:38 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-12-12 07:11 - 2022-05-22 10:07 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\PhotoFiltre 7
2023-12-12 07:09 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-12 07:04 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\registration
2023-12-12 07:02 - 2020-03-21 12:58 - 000000000 ____D C:\Program Files\CCleaner
2023-12-12 07:02 - 2020-03-21 12:47 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Mozilla
2023-12-11 14:42 - 2014-09-23 20:02 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\CrashDumps
2023-12-10 18:26 - 2022-05-12 13:26 - 000007396 _____ C:\Users\Marie-thérese\Downloads\identifiants.txt
2023-12-08 09:27 - 2022-07-04 16:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\caisse epargne lionel viviane
2023-12-04 07:11 - 2022-05-25 06:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux et images lionel
2023-12-02 16:36 - 2023-01-17 08:52 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\vlc
2023-12-01 06:53 - 2022-10-13 06:25 - 000003236 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-01 06:53 - 2020-03-21 12:58 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-30 16:47 - 2023-01-17 08:51 - 000000894 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-11-28 22:35 - 2023-02-23 11:29 - 000004090 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1646983174
2023-11-28 22:35 - 2022-10-20 12:36 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-11-28 22:35 - 2022-01-17 08:30 - 000002806 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Lionel
2023-11-28 22:35 - 2020-08-13 11:04 - 000003588 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-28 22:35 - 2020-08-13 11:04 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-28 22:35 - 2020-03-21 11:36 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-11-28 22:35 - 2014-09-01 14:12 - 000003164 _____ C:\Windows\system32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F}
2023-11-27 20:17 - 2022-05-16 13:18 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\deluge
2023-11-23 07:15 - 2020-03-21 12:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-22 07:16 - 2022-01-05 11:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-22 07:16 - 2020-03-21 12:47 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-20 22:09 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2023-11-19 11:26 - 2022-08-15 15:15 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Divers VIVI
2023-11-15 11:40 - 2022-10-20 12:34 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-15 08:31 - 2014-08-28 18:24 - 000000000 ____D C:\Windows\system32\MRT
2023-11-15 08:22 - 2014-08-28 18:24 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-01-02 13:45 - 2023-01-02 13:45 - 000000664 _____ () C:\Users\Marie-thérese\AppData\Roaming\OEMSDKHASH.txt
2023-03-19 10:25 - 2023-03-19 10:25 - 000004096 ____H () C:\Users\Marie-thérese\AppData\Local\keyfile3.drm
2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ () C:\Users\Marie-thérese\AppData\Local\recently-used.xbel
2022-06-13 11:56 - 2022-09-22 12:39 - 000007605 _____ () C:\Users\Marie-thérese\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2012-10-09 08:39 - 2012-10-09 08:39 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\capicom.dll
2014-05-07 13:58 - 2011-08-24 08:52 - 000117248 _____ (Hewlett-Packard) C:\Windows\system32\HPMUIDir.exe
2009-02-20 07:48 - 2009-02-20 07:48 - 000381440 _____ () C:\Windows\system32\lxebsm.dll
2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\system32\lxebsmr.dll
2014-06-17 05:52 - 2014-03-28 18:53 - 001225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-17 05:39 - 2013-08-05 20:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-27 13:00 - 2013-08-27 13:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2009-02-20 07:48 - 2009-02-20 07:48 - 000299008 _____ () C:\Windows\SysWOW64\lxebsm.dll
2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\SysWOW64\lxebsmr.dll
2014-06-17 05:52 - 2014-03-28 18:53 - 001081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2014-09-01 13:55 - 2009-11-04 12:18 - 000189440 _____ () C:\Windows\system32\spool\prtprocs\x64\lxebdrpp.dll
2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe
2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe
2022-05-22 10:02 - 2022-05-22 10:03 - 005202180 _____ C:\Users\Marie-thérese\Downloads\pf7-setup-fr-7.2.1.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3fc8fdcc-2d85-11e6-8299-806e6f6e6963}
{3fc8fdca-2d85-11e6-8299-806e6f6e6963}
{3fc8fdcb-2d85-11e6-8299-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdca-2d85-11e6-8299-806e6f6e6963}
description USB Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdcb-2d85-11e6-8299-806e6f6e6963}
description Internal CD/DVD ROM Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdcc-2d85-11e6-8299-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {70412f38-f62c-11e3-9b0e-96ffc2b32d0e}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {ac837cc5-f5d8-11e3-8258-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {fcee44da-fe62-11e3-92cf-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de démarrage Windows
-----------------------------
identificateur {6561f52b-f5ea-11e3-825c-142d27dc50f0}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
nx OptIn
bootmenupolicy Standard
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {6561f52c-f5ea-11e3-825c-142d27dc50f0}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2023-12-13 07:42
==================== Fin de FRST.txt ========================
Exécuté par Lionel (administrateur) sur LIONEL (Hewlett-Packard HP Pavilion 17 Notebook PC) (14-12-2023 08:11:14)
Exécuté depuis C:\Users\Marie-thérese\Desktop\FRST64.exe
Profils chargés: Lionel
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1225920 2014-03-28] (NVIDIA CORPORATION -> NVIDIA Corporation) [Fichier non signé]
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [417176 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\Windows\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {293BD608-F0FD-4FC0-BCAE-95901192F0B0} - System32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F} => c:\program files (x86)\google\chrome\application\chrome.exe [3151136 2023-10-02] (Google LLC -> Google LLC) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002
Task: {BC437156-9E86-45F3-8CE5-29C8E94975A2} - System32\Tasks\{F1F66240-E24B-4A2E-BF73-1B9DE5783473} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a E:\Setup.EXE -d E:\
Task: {EF0CD7AE-E582-49E5-8D4F-9E0B3581AD05} - System32\Tasks\{FCF80929-CD22-46CE-91E9-09FF91D5D460} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Lexmark Pro200-S500 Series\Install\x64\instgui.exe" -c /u
Task: {CB0BAB38-B254-48F4-8C30-7139D811C105} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {B8B73D45-9D40-405A-B9BF-8952BD1797A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5094808 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {0F2D4766-9AC8-4FCB-B2FD-DF71595883C1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1398680 2023-11-15] (Avast Software s.r.o. -> AVAST Software)
Task: {41E7213A-4557-476C-875B-07A0953B1350} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4845464 2023-11-15] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus).
Task: {54F54E9B-2D1A-4DA8-939D-FE06AF5EEFFA} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-11-06] (Avast Software s.r.o. -> Avast Software)
Task: {D6EA844B-E77E-46AF-BFCF-A5C0B01E2B93} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {5B92BC13-947C-4C69-9685-DC57739EE386} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4C013249-B762-4003-8C3A-7B9E216D4ED3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "647b8038-0eff-4fc2-8e8f-ff1bf1d4058d" --version "6.18.10838" --silent
Task: {23ED960D-33F4-4B4E-B71C-2ADF1879441F} - System32\Tasks\CCleanerSkipUAC - Lionel => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C5DBEB5F-3D4B-47E7-97E7-98084B0192D1} - System32\Tasks\CCleanerSkipUAC - Marie-thérese => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9CEDDF20-9D80-4861-9991-4B2A4A48935C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {12AD43E8-834C-4D72-A56C-A9C84D388FEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {BCF54753-B34C-4E31-9C14-DCE8AA8234E8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2013-11-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {175AF3B8-7CCA-4303-947F-CC854303676B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {7E4E9DF5-6FF0-48BB-BCC7-AABE38753D5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.)
Task: {904C06E5-BCC4-4011-9BFA-0B631E8C2DA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {27E87FFD-AFD9-44FB-9B24-491D6A687B9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {A55B71CD-8F52-4D4B-9C8D-3ED12D84D61F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {518552C8-43B1-48B6-9A03-2E06BF9832D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {9F9B1DA1-1D18-4249-8816-D76BBFD660B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-08-20] (HP Inc. -> HP Inc.)
Task: {6ABD88AC-CFE5-4504-9D03-C963D14B5081} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (Pas de fichier)
Task: {E420B155-5FD7-4872-BA69-ECBC67A35A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {D3CD811C-3811-4F82-9EEC-8DDEDFDFC984} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe -minimizedBoot (Pas de fichier)
Task: {D72B9541-1D4D-48EF-9F88-849F457E457A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9E6A4803-CDAC-4B0E-AEE5-F6641BA4B90D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {46A9F714-E9A6-4E9C-9A58-5BCFFFCE0003} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /analyze (Pas de fichier)
Task: {6643511D-08EC-4E37-BD79-850425EF5CBE} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /submit (Pas de fichier)
Task: {BEC12B86-FE2F-4D87-A316-94F45B7786FA} - System32\Tasks\Opera scheduled Autoupdate 1646983174 => C:\Users\Marie-thérese\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {BC8BC67B-CD55-416A-BDED-0FDEC7DF8702} - System32\Tasks\Remediation\AntimalwareMigrationTask => "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon (Pas de fichier)
Task: {C35BBB2B-2300-4D60-AFF8-13185E0CC189} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [NameServer] 208.67.220.222,208.67.222.220,192.168.1.1
Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [NameServer] 208.67.220.222,208.67.222.220
Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D8B54409-0E4E-48D1-9997-E0178B88A2ED}: [NameServer] 208.67.220.222,208.67.222.220
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marie-thérese\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-12]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: l7jr1qkr.default
FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\l7jr1qkr.default [2020-03-21]
FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 [2023-12-14]
FF Homepage: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.google.fr/
FF Notifications: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.instagram.com
FF Extension: (Photon Colors) - C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2022-01-17]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default [2023-12-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Infos Social) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoghhfnjcmohkggjidnolmahnpbljkgi [2019-03-04]
CHR Extension: (Recherche Google) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-13]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-12-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-06]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR Profile: C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable [2023-12-12]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-16]
OPR Extension: (Opera Wallet) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-11]
StartMenuInternet: (HKU\S-1-5-21-2790450368-3373794169-1768395478-1001) OperaStable - "C:\Users\Marie-thérese\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9065880 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [753048 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2335128 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1157528 2023-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1083808 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] (Intel(R) Smart Connect software -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-12] (Malwarebytes Inc. -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11227032 2023-11-15] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S2 KamoSvc; "C:\Program Files (x86)\Kamo\KamoSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243248 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-09] (Broadcom Corporation -> Broadcom Corporation.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
U3 McAPExe; pas de ImagePath
U3 McMPFSvc; pas de ImagePath
U3 McNaiAnn; pas de ImagePath
U3 mcpltsvc; pas de ImagePath
U3 McProxy; pas de ImagePath
U3 mfecore; pas de ImagePath
U3 MSK80Service; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-14 08:11 - 2023-12-14 08:13 - 000031397 _____ C:\Users\Marie-thérese\Desktop\FRST.txt
2023-12-14 08:09 - 2023-12-14 08:12 - 000000000 ____D C:\FRST
2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe
2023-12-14 08:01 - 2023-12-14 08:01 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Downloads\Non confirmé 260342.crdownload
2023-12-14 07:20 - 2023-12-14 07:20 - 000204552 _____ C:\Users\Marie-thérese\Desktop\ZHPDiag.txt
2023-12-14 07:11 - 2023-12-14 07:11 - 000000880 _____ C:\Users\Marie-thérese\Desktop\ZHPSuite.lnk
2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe
2023-12-13 17:49 - 2023-12-13 17:49 - 000314264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-12-13 07:01 - 2023-12-13 07:01 - 000000000 ____D C:\ProgramData\Emsisoft
2023-12-12 09:15 - 2023-12-12 09:15 - 586890543 _____ C:\Windows\MEMORY.DMP
2023-12-12 09:15 - 2023-12-12 09:15 - 000319504 _____ C:\Windows\Minidump\121223-33953-01.dmp
2023-12-12 08:35 - 2023-12-14 06:19 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Malwarebytes
2023-12-12 08:35 - 2023-12-12 08:35 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-12-12 08:35 - 2023-12-12 08:35 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-12-12 07:40 - 2023-12-12 07:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-12-12 07:39 - 2023-12-12 07:56 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-12 07:37 - 2023-12-12 07:37 - 002094168 _____ (Malwarebytes) C:\Users\Marie-thérese\Downloads\MBSetup-4.4.0.222.exe
2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ C:\Users\Marie-thérese\AppData\Local\recently-used.xbel
2023-12-07 10:20 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\arb_fichiers
2023-12-07 10:20 - 2023-12-07 10:20 - 000593501 _____ C:\Users\Marie-thérese\Downloads\arb.html
2023-12-07 08:39 - 2023-12-07 08:39 - 000088245 _____ C:\Users\Marie-thérese\Downloads\37 Oil Paintings By Iranian Artist Ahmad Haraji.jpeg
2023-12-07 07:47 - 2023-12-07 10:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Gif
2023-12-05 15:33 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette_fichiers
2023-12-05 15:33 - 2023-12-05 15:33 - 000644353 _____ C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette.html
2023-11-28 07:19 - 2023-12-05 09:03 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux art majeur
2023-11-25 07:22 - 2023-11-25 07:22 - 000031026 _____ C:\Users\Marie-thérese\Downloads\justificatif-de-vente_116632257_331488-A.pdf
2023-11-25 07:16 - 2023-11-25 07:16 - 000165378 _____ C:\Users\Marie-thérese\Downloads\8R44055561932.pdf
2023-11-22 06:55 - 2023-11-23 07:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-11-19 11:36 - 2023-11-19 11:36 - 000000477 _____ C:\Users\Marie-thérese\Desktop\My Passport (F) - Raccourci.lnk
2023-11-19 09:49 - 2023-11-19 10:01 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 2
2023-11-19 09:43 - 2023-11-19 09:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\téléphone vivi 2023
2023-11-19 09:15 - 2023-11-19 09:34 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 1
2023-11-14 14:22 - 2023-11-14 14:22 - 000225011 _____ C:\Users\Marie-thérese\Downloads\attestation matmut pour salle d allouis.pdf
2023-11-13 17:45 - 2023-11-13 17:50 - 000000000 ____D C:\Users\Marie-thérese\Downloads\[ Torrent9.pe ] Les.Grands.Esprits.2017.FRENCH.HDRip.XviD-FuN
2023-10-17 07:05 - 2023-10-17 07:05 - 000033800 _____ C:\Users\Marie-thérese\Downloads\Facture_629456.pdf
2023-10-11 13:24 - 2023-10-11 13:25 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Côte de Granit 2023
2023-10-02 06:30 - 2023-10-02 06:30 - 000187601 _____ C:\Users\Marie-thérese\Downloads\ExpositionVaryeA3_compressed-1.pdf
2023-09-25 06:39 - 2023-09-25 06:39 - 000047882 _____ C:\Users\Marie-thérese\Downloads\Facture n° 2600842678.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-12-14 08:06 - 2022-02-18 12:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-14 08:03 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2023-12-14 07:44 - 2014-08-19 16:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-14 07:20 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\ZHP
2023-12-14 07:18 - 2022-10-13 06:25 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-12-14 07:11 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\ZHP
2023-12-14 06:40 - 2022-05-26 07:06 - 000000000 ____D C:\Users\Marie-thérese\Downloads\film
2023-12-14 06:34 - 2022-08-16 05:32 - 000000000 ____D C:\Users\Marie-thérese\Documents\Youcam
2023-12-14 06:22 - 2014-05-07 23:16 - 000842170 _____ C:\Windows\system32\perfh00C.dat
2023-12-14 06:22 - 2014-05-07 23:16 - 000172516 _____ C:\Windows\system32\perfc00C.dat
2023-12-14 06:22 - 2014-03-18 10:53 - 001963534 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-14 06:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2023-12-14 06:16 - 2023-08-02 10:40 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-12-14 06:15 - 2014-06-17 05:51 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-14 06:15 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-13 18:02 - 2020-03-21 11:31 - 000000000 ____D C:\ProgramData\AVAST Software
2023-12-13 17:50 - 2022-06-17 09:58 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-12-13 17:49 - 2020-10-08 10:31 - 000276848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-12-13 17:49 - 2020-05-01 09:35 - 000561888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000711664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000319672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000297984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000243248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000105352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000080528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-12-13 17:49 - 2020-03-21 11:34 - 000039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000952856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000394008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-12-13 17:48 - 2020-03-21 11:34 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-12-13 16:15 - 2022-06-11 07:02 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-12-13 16:15 - 2014-08-19 14:14 - 000000000 ____D C:\Users\Marie-thérese
2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\Downloads\.opera
2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\.opera
2023-12-12 09:27 - 2014-08-19 16:32 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2790450368-3373794169-1768395478-1001
2023-12-12 09:15 - 2023-01-27 08:49 - 000000000 ____D C:\Windows\Minidump
2023-12-12 07:56 - 2022-01-06 09:41 - 000002026 ____C C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2023-12-12 07:39 - 2014-08-19 16:38 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-12 07:39 - 2014-08-19 16:38 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-12-12 07:11 - 2022-05-22 10:07 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\PhotoFiltre 7
2023-12-12 07:09 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-12 07:04 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\registration
2023-12-12 07:02 - 2020-03-21 12:58 - 000000000 ____D C:\Program Files\CCleaner
2023-12-12 07:02 - 2020-03-21 12:47 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Mozilla
2023-12-11 14:42 - 2014-09-23 20:02 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\CrashDumps
2023-12-10 18:26 - 2022-05-12 13:26 - 000007396 _____ C:\Users\Marie-thérese\Downloads\identifiants.txt
2023-12-08 09:27 - 2022-07-04 16:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\caisse epargne lionel viviane
2023-12-04 07:11 - 2022-05-25 06:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux et images lionel
2023-12-02 16:36 - 2023-01-17 08:52 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\vlc
2023-12-01 06:53 - 2022-10-13 06:25 - 000003236 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-12-01 06:53 - 2020-03-21 12:58 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-30 16:47 - 2023-01-17 08:51 - 000000894 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-11-28 22:35 - 2023-02-23 11:29 - 000004090 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1646983174
2023-11-28 22:35 - 2022-10-20 12:36 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-11-28 22:35 - 2022-01-17 08:30 - 000002806 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Lionel
2023-11-28 22:35 - 2020-08-13 11:04 - 000003588 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-28 22:35 - 2020-08-13 11:04 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-28 22:35 - 2020-03-21 11:36 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-11-28 22:35 - 2014-09-01 14:12 - 000003164 _____ C:\Windows\system32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F}
2023-11-27 20:17 - 2022-05-16 13:18 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\deluge
2023-11-23 07:15 - 2020-03-21 12:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-22 07:16 - 2022-01-05 11:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-22 07:16 - 2020-03-21 12:47 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-20 22:09 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2023-11-19 11:26 - 2022-08-15 15:15 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Divers VIVI
2023-11-15 11:40 - 2022-10-20 12:34 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-15 08:31 - 2014-08-28 18:24 - 000000000 ____D C:\Windows\system32\MRT
2023-11-15 08:22 - 2014-08-28 18:24 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-01-02 13:45 - 2023-01-02 13:45 - 000000664 _____ () C:\Users\Marie-thérese\AppData\Roaming\OEMSDKHASH.txt
2023-03-19 10:25 - 2023-03-19 10:25 - 000004096 ____H () C:\Users\Marie-thérese\AppData\Local\keyfile3.drm
2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ () C:\Users\Marie-thérese\AppData\Local\recently-used.xbel
2022-06-13 11:56 - 2022-09-22 12:39 - 000007605 _____ () C:\Users\Marie-thérese\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
2012-10-09 08:39 - 2012-10-09 08:39 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\capicom.dll
2014-05-07 13:58 - 2011-08-24 08:52 - 000117248 _____ (Hewlett-Packard) C:\Windows\system32\HPMUIDir.exe
2009-02-20 07:48 - 2009-02-20 07:48 - 000381440 _____ () C:\Windows\system32\lxebsm.dll
2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\system32\lxebsmr.dll
2014-06-17 05:52 - 2014-03-28 18:53 - 001225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-17 05:39 - 2013-08-05 20:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-27 13:00 - 2013-08-27 13:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2009-02-20 07:48 - 2009-02-20 07:48 - 000299008 _____ () C:\Windows\SysWOW64\lxebsm.dll
2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\SysWOW64\lxebsmr.dll
2014-06-17 05:52 - 2014-03-28 18:53 - 001081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2006-10-26 12:45 - 2006-10-26 12:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE
2014-09-01 13:55 - 2009-11-04 12:18 - 000189440 _____ () C:\Windows\system32\spool\prtprocs\x64\lxebdrpp.dll
2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe
2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe
2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe
2022-05-22 10:02 - 2022-05-22 10:03 - 005202180 _____ C:\Users\Marie-thérese\Downloads\pf7-setup-fr-7.2.1.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{3fc8fdcc-2d85-11e6-8299-806e6f6e6963}
{3fc8fdca-2d85-11e6-8299-806e6f6e6963}
{3fc8fdcb-2d85-11e6-8299-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdca-2d85-11e6-8299-806e6f6e6963}
description USB Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdcb-2d85-11e6-8299-806e6f6e6963}
description Internal CD/DVD ROM Drive (UEFI)
Application logicielle (101fffff)
--------------------------------
identificateur {3fc8fdcc-2d85-11e6-8299-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {70412f38-f62c-11e3-9b0e-96ffc2b32d0e}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {ac837cc5-f5d8-11e3-8258-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {fcee44da-fe62-11e3-92cf-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de démarrage Windows
-----------------------------
identificateur {6561f52b-f5ea-11e3-825c-142d27dc50f0}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
nx OptIn
bootmenupolicy Standard
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {70412f39-f62c-11e3-9b0e-96ffc2b32d0e}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {6561f52c-f5ea-11e3-825c-142d27dc50f0}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2023-12-13 07:42
==================== Fin de FRST.txt ========================