==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [876320 2019-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2021-01-03] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-1789122451-2342855324-1246853476-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [528392 2020-09-07] (HP Inc. -> HP Inc.) HKU\S-1-5-21-1789122451-2342855324-1246853476-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\geral\AppData\Local\Microsoft\Teams\Update.exe [2452152 2020-09-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1789122451-2342855324-1246853476-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-30] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1789122451-2342855324-1246853476-1001\...\MountPoints2: {c03ea987-145d-11eb-8182-b068e6170290} - "E:\HiSuiteDownLoader.exe" HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {134026A6-04B0-4612-BAE4-570210D53B24} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {211B75C0-7E11-4E0E-AAF6-0023A1A88BFB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {4A67A2F0-9F18-4774-A8F2-0B4B1D740B9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {625EC166-8108-4335-A9ED-7E647F26BB56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-03] (HP Inc. -> HP Inc.) Task: {63941E75-AAAA-49F5-A818-1C73A4C7823B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {7CED7427-B418-4825-AF6D-784DD4348570} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [66952 2019-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7F27E269-7794-48A2-AE23-0953ACEA8F59} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software) Task: {8E23E605-EF12-4661-BB0E-55A276A570B3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2021-01-03] (Avast Software s.r.o. -> AVAST Software) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION Task: {9C550B05-2456-4F15-80F0-70CAA0D6922B} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1077064 2020-07-24] (McAfee, LLC -> McAfee, LLC) Task: {A0E5B13E-FD98-440A-AE01-2F1018C011A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-03] (HP Inc. -> HP Inc.) Task: {A9E741C1-17AD-4B38-9F17-8F218B4D7B53} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.) Task: {ACF26723-99AB-46E4-BB3D-0A2504C7E9D8} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {B0EA3B4F-66D3-4166-9149-A19367AA1BCB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {B524E10B-CD82-491D-977B-54391AABF5C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-03] (HP Inc. -> HP Inc.) Task: {B7931CA4-5AD5-46A5-8378-6B32433DB045} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5333424 2021-01-08] (Microsoft Corporation -> Microsoft Corporation) Task: {BE2FBECC-ABCC-4A30-92F7-84A106861443} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation) Task: {C66832B4-BF84-4463-9375-D9F376C3D90D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-04] (HP Inc. -> HP Inc.) Task: {D1930377-BE8E-4BDD-807E-FC243DB719E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC) Task: {D459A70E-371C-4123-9180-CEB3E8D5EA8F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1077064 2020-07-24] (McAfee, LLC -> McAfee, LLC) Task: {DB37D3C7-4313-42C3-94CB-BF741F5BDC4A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F57B25D5-0C5B-4654-B521-9B3098E41C7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5333424 2021-01-08] (Microsoft Corporation -> Microsoft Corporation) Task: {F5ED76B2-88A3-4F3A-A993-0EF26D076CA6} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.5.126\DADUpdater.exe [4000984 2020-11-04] (McAfee, LLC -> McAfee, LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{30b53b9a-c336-4a08-9d95-f9237e711aa0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{905b198d-525d-4132-b6c5-50e8ef56f477}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\geral\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-17] FireFox: ======== FF DefaultProfile: 4ohdc1tq.default FF ProfilePath: C:\Users\geral\AppData\Roaming\Mozilla\Firefox\Profiles\4ohdc1tq.default [2020-08-08] FF ProfilePath: C:\Users\geral\AppData\Roaming\Mozilla\Firefox\Profiles\303n0aa6.default-release [2021-01-18] FF Homepage: Mozilla\Firefox\Profiles\303n0aa6.default-release -> hxxps://www.google.fr/ FF Extension: (Aperçu Wiki) - C:\Users\geral\AppData\Roaming\Mozilla\Firefox\Profiles\303n0aa6.default-release\Extensions\{eceb66fe-7d8a-4fa8-99b6-4e09129f6b06}.xpi [2020-11-17] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => non trouvé(e) FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-07-28] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-07-28] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2021-01-03] (Microsoft Corporation -> Microsoft Corporation) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_3214041c94f8abcd\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_3214041c94f8abcd\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_3214041c94f8abcd\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-07-27] (McAfee, LLC -> McAfee, LLC) S3 McAWFwk; c:\program files\common files\McAfee\ActWiz\McAWFwk.exe [458688 2018-11-14] (McAfee, Inc. -> McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.7.124.0\\McCSPServiceHost.exe [2726312 2020-07-29] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1743864 2020-08-06] (McAfee, LLC -> McAfee, LLC) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1640240 2020-10-05] (WildTangent Inc -> ) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [36792 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [208672 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [332880 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [247888 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [97360 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16832 2021-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42424 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [176384 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [522480 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [108928 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84496 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851256 2021-01-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\windows\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software) R3 cfwids; C:\windows\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S3 HipShieldK; C:\windows\System32\drivers\HipShieldK.sys [218960 2020-05-25] (McAfee, LLC -> McAfee, Inc.) R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\windows\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-18 18:54 - 2021-01-18 18:55 - 000016811 _____ C:\Users\geral\Desktop\FRST.txt 2021-01-18 18:53 - 2021-01-18 18:55 - 000000000 ____D C:\FRST 2021-01-18 18:52 - 2021-01-18 18:52 - 002295296 _____ (Farbar) C:\Users\geral\Desktop\FRST64.exe 2021-01-18 18:48 - 2021-01-18 18:48 - 000268768 _____ C:\Users\Public\Desktop\ZHPDiag.txt 2021-01-18 18:38 - 2021-01-18 18:48 - 000000000 ____D C:\Users\geral\AppData\Roaming\ZHP 2021-01-18 18:38 - 2021-01-18 18:38 - 000000872 _____ C:\Users\geral\Desktop\ZHPSuite.lnk 2021-01-18 18:38 - 2021-01-18 18:38 - 000000000 ____D C:\Users\geral\AppData\Local\ZHP 2021-01-18 18:37 - 2021-01-18 18:37 - 000000000 _____ C:\Users\geral\Downloads\ZHPSuite(1).exe 2021-01-18 18:36 - 2021-01-18 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2021-01-18 18:35 - 2021-01-18 18:35 - 003480200 _____ (Nicolas Coolman) C:\Users\geral\Desktop\ZHPSuite.exe 2021-01-18 18:32 - 2021-01-18 18:32 - 000000000 ____D C:\Users\geral\Desktop\pc astuces 2021-01-12 09:20 - 2021-01-12 09:20 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\geral\Downloads\Zoom_cm_fo42anktZ9vvrZo4_mb8YY9B8wDZ5n7wcJneGRX5g6Ijsh5qRmXvg8@AgmMO9xnZphCLC1P_k360095e6175e7b11_.exe 2021-01-12 08:23 - 2021-01-12 08:23 - 000000000 ____D C:\Users\geral\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-01-12 08:22 - 2021-01-12 08:23 - 000000000 ____D C:\Users\geral\AppData\Roaming\Zoom 2021-01-12 08:21 - 2021-01-12 08:21 - 014779520 _____ (Zoom Video Communications, Inc.) C:\Users\geral\Downloads\ZoomInstaller.exe 2021-01-12 08:17 - 2021-01-12 08:18 - 000000000 ____D C:\Users\geral\Desktop\Centre de la lande 2021-01-06 18:38 - 2021-01-06 18:38 - 000000000 ____D C:\windows\system32\Tasks\Mozilla 2021-01-06 18:25 - 2021-01-06 18:38 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-03 17:11 - 2021-01-07 17:44 - 000214808 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2021-01-03 17:11 - 2021-01-03 17:10 - 000340576 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2021-01-03 17:11 - 2021-01-03 17:10 - 000216984 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys.161003788075001 2020-12-21 11:51 - 2020-12-21 11:51 - 000197637 _____ C:\Users\geral\Desktop\Le raton laveur (Margaux Misura).pdf 2020-12-20 22:06 - 2020-12-20 22:06 - 006133432 _____ (PC Helpsoft ) C:\Users\geral\Downloads\PC_Cleaner_O(1).exe 2020-12-20 22:05 - 2020-12-20 22:05 - 006133432 _____ (PC Helpsoft ) C:\Users\geral\Downloads\PC_Cleaner_O.exe 2020-12-16 20:58 - 2020-12-16 20:58 - 001854766 _____ C:\Users\geral\Downloads\Faites Place Au Jeu - NB - Cour De Récréation.mp4 2020-12-11 10:11 - 2020-12-11 10:11 - 002045952 _____ C:\windows\system32\rdpnano.dll 2020-12-11 10:11 - 2020-12-11 10:11 - 001756600 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2020-12-11 10:11 - 2020-12-11 10:11 - 001366144 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2020-12-11 10:11 - 2020-12-11 10:11 - 000171008 _____ C:\windows\system32\FsNVSDeviceSource.dll 2020-12-11 10:11 - 2020-12-11 10:11 - 000102912 _____ (Microsoft Corporation) C:\windows\system32\ncpa.cpl 2020-12-11 10:11 - 2020-12-11 10:11 - 000100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncpa.cpl 2020-12-11 10:11 - 2020-12-11 10:11 - 000059392 _____ C:\windows\system32\runexehelper.exe 2020-12-11 10:11 - 2020-12-11 10:11 - 000001370 _____ C:\windows\system32\ThirdPartyNoticesBySHS.txt 2020-12-11 10:11 - 2020-12-11 10:11 - 000000357 _____ C:\windows\system32\DrtmAuth14.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000357 _____ C:\windows\system32\DrtmAuth13.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth18.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth17.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth16.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth15.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin 2020-12-11 10:11 - 2020-12-11 10:11 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin 2020-12-10 18:19 - 2020-12-10 18:20 - 000251228 _____ C:\Users\geral\Downloads\03-sources-energie(1).swf 2020-12-10 18:18 - 2020-12-10 18:18 - 000251228 _____ C:\Users\geral\Downloads\03-sources-energie.swf 2020-11-17 10:33 - 2020-11-17 10:33 - 000769605 _____ C:\Users\geral\Desktop\Projet jeu.pdf 2020-11-14 16:50 - 2020-11-17 14:27 - 000000000 ____D C:\Users\geral\Desktop\Ulysse 2020-11-13 05:13 - 2020-11-13 05:13 - 001841152 _____ C:\windows\system32\TextInputMethodFormatter.dll 2020-11-13 05:13 - 2020-11-13 05:13 - 001101312 _____ C:\windows\SysWOW64\TextInputMethodFormatter.dll 2020-11-13 05:12 - 2020-11-13 05:12 - 000200704 _____ C:\windows\system32\IHDS.dll 2020-11-13 05:12 - 2020-11-13 05:12 - 000164864 _____ C:\windows\system32\DataStoreCacheDumpTool.exe 2020-11-07 16:36 - 2020-11-07 16:38 - 000000000 ____D C:\Users\geral\Documents\Enregistrements audio 2020-10-30 16:06 - 2020-10-30 16:06 - 000238473 _____ C:\Users\geral\Desktop\attestation SAVS nov.pdf 2020-10-21 21:57 - 2021-01-03 17:10 - 000176384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2020-10-20 16:17 - 2020-10-20 16:17 - 000000000 ____D C:\Users\geral\AppData\Local\OneDrive ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-18 18:53 - 2019-03-19 05:50 - 000000000 ____D C:\windows\INF 2021-01-18 18:33 - 2020-08-08 16:39 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-18 18:32 - 2020-08-08 16:40 - 000000000 ____D C:\Users\geral\AppData\LocalLow\Mozilla 2021-01-18 06:35 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-17 23:09 - 2020-09-15 07:21 - 000003562 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-01-17 23:09 - 2020-09-15 07:21 - 000003338 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-01-17 23:09 - 2020-08-10 15:36 - 000003482 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task 2021-01-17 23:09 - 2020-08-08 17:10 - 000002862 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1789122451-2342855324-1246853476-1001 2021-01-17 23:09 - 2020-08-08 16:50 - 000000000 ____D C:\windows\system32\Tasks\Avast Software 2021-01-17 23:09 - 2019-08-07 18:49 - 000002856 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1789122451-2342855324-1246853476-500 2021-01-17 23:09 - 2019-08-07 18:19 - 000002698 _____ C:\windows\system32\Tasks\McAfeeLogon 2021-01-17 23:09 - 2019-08-07 18:09 - 000002202 _____ C:\windows\system32\Tasks\StartCN 2021-01-17 23:09 - 2019-08-07 18:09 - 000002122 _____ C:\windows\system32\Tasks\StartDVR 2021-01-17 23:09 - 2019-06-04 07:41 - 000002766 _____ C:\windows\system32\Tasks\HPAudioSwitch 2021-01-17 22:30 - 2020-08-08 16:49 - 000004264 _____ C:\windows\system32\Tasks\Avast Emergency Update 2021-01-17 19:19 - 2019-04-15 16:38 - 000000000 ____D C:\windows\system32\SleepStudy 2021-01-17 17:51 - 2019-08-07 19:21 - 000000000 ____D C:\Users\geral\AppData\Local\D3DSCache 2021-01-17 12:56 - 2019-06-04 07:43 - 000000000 ____D C:\Program Files\Microsoft Office 2021-01-16 14:26 - 2019-03-19 05:52 - 000000000 ____D C:\windows\AppReadiness 2021-01-16 14:25 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-14 21:39 - 2019-03-19 05:37 - 000000000 ____D C:\windows\CbsTemp 2021-01-14 21:31 - 2020-08-08 18:39 - 000000000 ____D C:\windows\system32\MRT 2021-01-14 16:56 - 2020-08-08 18:39 - 135062968 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2021-01-13 21:10 - 2020-08-28 22:58 - 000000000 ____D C:\Users\geral\AppData\Local\CrashDumps 2021-01-12 08:27 - 2020-08-10 13:31 - 000000000 ____D C:\Users\geral\AppData\Roaming\vlc 2021-01-11 13:10 - 2020-10-19 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2021-01-09 17:39 - 2019-08-07 19:21 - 000000000 ____D C:\Users\geral\AppData\Local\Packages 2021-01-09 17:28 - 2020-09-15 07:22 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-01-09 17:28 - 2020-09-15 07:22 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-01-08 14:29 - 2020-09-16 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-01-08 13:49 - 2020-08-08 16:49 - 000468888 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2021-01-07 16:37 - 2020-08-09 12:11 - 000000000 ____D C:\Users\geral\Desktop\Geraldine 2021-01-07 15:01 - 2020-08-10 13:27 - 000000000 ____D C:\Users\geral\Desktop\GFORMATIONS 2021-01-07 13:15 - 2020-08-08 16:49 - 000324904 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys 2021-01-07 13:10 - 2019-03-19 05:52 - 000000000 ____D C:\windows\LiveKernelReports 2021-01-06 18:38 - 2020-08-08 16:39 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-06 18:38 - 2020-08-08 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-06 18:24 - 2019-06-04 17:05 - 000756770 _____ C:\windows\system32\perfh00C.dat 2021-01-06 18:24 - 2019-06-04 17:05 - 000142442 _____ C:\windows\system32\perfc00C.dat 2021-01-06 18:24 - 2019-06-04 07:34 - 001732252 _____ C:\windows\system32\PerfStringBackup.INI 2021-01-06 18:15 - 2019-03-19 05:37 - 000032768 _____ C:\windows\system32\config\ELAM 2021-01-06 18:13 - 2019-04-15 16:38 - 000000006 ____H C:\windows\Tasks\SA.DAT 2021-01-03 17:11 - 2019-03-19 05:52 - 000000000 ___HD C:\windows\ELAMBKUP 2021-01-03 17:10 - 2020-08-08 16:49 - 000851256 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000522480 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000469472 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys.161011018367102 2021-01-03 17:10 - 2020-08-08 16:49 - 000332880 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000247888 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000208672 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000108928 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000097360 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000084496 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000042424 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000036792 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys 2021-01-03 17:10 - 2020-08-08 16:49 - 000016832 _____ (AVAST Software) C:\windows\system32\Drivers\aswElam.sys 2020-12-28 19:23 - 2020-08-08 17:10 - 000000000 ___RD C:\Users\geral\OneDrive 2020-12-22 15:55 - 2020-08-08 16:46 - 000000000 ____D C:\ProgramData\Avast Software 2020-12-22 15:44 - 2019-08-07 18:08 - 000065536 _____ C:\windows\psp_storage.bin 2020-12-22 15:44 - 2019-03-19 05:37 - 000786432 _____ C:\windows\system32\config\BBI ==================== SigCheckExt ========================= 2021-01-18 18:52 - 2021-01-18 18:52 - 002295296 _____ (Farbar) C:\Users\geral\Desktop\FRST64.exe 2021-01-18 18:35 - 2021-01-18 18:35 - 003480200 _____ (Nicolas Coolman) C:\Users\geral\Desktop\ZHPSuite.exe 2020-08-08 16:52 - 2020-08-08 16:53 - 132856894 _____ C:\Users\geral\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_fr.exe 2021-01-18 18:37 - 2021-01-18 18:37 - 000000000 _____ C:\Users\geral\Downloads\ZHPSuite(1).exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d�marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {9519ea8b-b93d-11e9-817a-806e6f6e6963} {22ac0ca0-b985-11e9-9fb6-f8b46ae84bf0} timeout 0 Gestionnaire de d�marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {78e7015f-b985-11e9-9fb6-f8b46ae84bf0} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {22ac0ca0-b985-11e9-9fb6-f8b46ae84bf0} description USB Drive (UEFI) Application logicielle (101fffff) -------------------------------- identificateur {9519ea8b-b93d-11e9-817a-806e6f6e6963} device partition=\Device\HarddiskVolume1 description Internal Hard Disk Chargeur de d�marrage Windows ----------------------------- identificateur {current} device partition=C: path \windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {9f7781d3-b991-11e9-bbd3-f8b46ae84bf0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \windows resumeobject {78e7015f-b985-11e9-9fb6-f8b46ae84bf0} nx OptIn bootmenupolicy Standard Chargeur de d�marrage Windows ----------------------------- identificateur {9f7781d3-b991-11e9-bbd3-f8b46ae84bf0} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f7781d4-b991-11e9-bbd3-f8b46ae84bf0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9f7781d4-b991-11e9-bbd3-f8b46ae84bf0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre � partir de la mise en veille prolong�e ------------------------------------------------- identificateur {78e7015f-b985-11e9-9fb6-f8b46ae84bf0} device partition=C: path \windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {9f7781d3-b991-11e9-bbd3-f8b46ae84bf0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m�moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes Param�tres EMS -------------- identificateur {emssettings} bootems No Param�tres du d�bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m�moire RAM ---------------------- identificateur {badmemory} Param�tres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Param�tres du chargeur de d�marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Param�tres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Param�tres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p�riph�rique ----------------------- identificateur {9f7781d4-b991-11e9-bbd3-f8b46ae84bf0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================