Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021 Exécuté par DJA (administrateur) sur DJASUS (ASUSTeK COMPUTER INC. X75VD1) (28-08-2021 10:11:05) Exécuté depuis C:\Users\DJA\Desktop\SECURITE Profils chargés: DJA Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Computer, Inc.) [Fichier non signé] C:\Program Files (x86)\Bonjour\mDNSResponder.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (Corel Corporation -> ) [Fichier non signé] C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera.exe <24> (Opera Software AS -> Opera Software) C:\Program Files\Opera\70.0.3728.106\opera_crashreporter.exe (Pierre GOUGELET -> XnView, hxxp://www.xnview.com) C:\Program Files (x86)\XnView\xnview.exe (Power Technology -> ) [Fichier non signé] C:\Program Files (x86)\DFX\DFX.exe (Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe (Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe (Protexis Inc. -> ) [Fichier non signé] C:\Windows\SysWOW64\PSIService.exe (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* HKLM\...\Run: [] => [X] HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (French)\WSVCUUpdateHelper.exe HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3126808 2020-09-02] (Opera Software AS -> Opera Software) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-07] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Run: [] => [X] HKU\S-1-5-21-4147460290-4163528885-2369840599-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0387A80A-EEF3-4E8C-932B-C3D180424337} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [234344 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {109C5BF7-722B-4842-985F-94804D6DE2F7} - System32\Tasks\Opera scheduled Autoupdate 1554497204 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) Task: {16A448EC-C89D-468B-906A-696C145D7609} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [251624 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {28389DE7-695E-4DA7-B353-E9D2689F3927} - \{9DBA3937-F81B-43EF-8669-E5181DE174A1} -> Pas de fichier <==== ATTENTION Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {486B2422-F536-4554-BE58-CF8D3B6CD634} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe Task: {4E64CA03-38AE-4BFC-9205-172495D72169} - System32\Tasks\CCleanerSkipUAC - DJA => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {4FFEEE7F-67C0-48F0-BFFF-C480F4DC36B9} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION Task: {74456076-862C-4B74-AD4F-D2E8AD069829} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {780D84C2-F52E-4BF5-AA45-61AFEE3988F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform) Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {813EE2A9-8514-41BD-A71D-E1EF2DB1392F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651056 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {90D0B944-6DF9-424A-A3E1-EF33CA1FB0AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9283B5D1-BE88-4AFB-BEB8-8E8FDCC6EBEE} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.) Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {9AF02E1F-BE90-4C4D-951E-23E6C6ADE412} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {9B4E5C17-2EE2-443D-A807-A6F01534AAD6} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1599912 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {AF57DAB9-8F4A-4932-92D4-32C4AD2411C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-08-04] (Mozilla Corporation -> Mozilla Foundation) Task: {BA01905D-4FB4-41DD-B2C8-6A8380F4AF3C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS) Task: {C721A7FB-0B2B-4403-ACC9-7ECB29F3D7CD} - System32\Tasks\Opera scheduled assistant Autoupdate 1582727068 => C:\Program Files\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0) Task: {CEA23D3A-A0CD-4EB9-8F72-E0C5046447D3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\DJA\Desktop\adwcleaner_8.3.0.exe Task: {D4BCB854-BF64-490C-A7F0-9C8C0EF4CFA3} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-11-15] (Corel Corporation -> WinZip) [Fichier non signé] Task: {EF4A374C-CC60-426A-B2AD-4530EA5DCC72} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe Task: {F2ED9946-0B68-4AD7-8C87-826257B430D0} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {FA61C9C8-2AC4-479A-8DB5-4E0BA4523368} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) [Fichier non signé] Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2 Tcpip\..\Interfaces\{5EF82113-26BF-4903-85A7-2B447A565CBA}: [DhcpNameServer] 89.2.0.1 89.2.0.2 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\DJA\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-28] FireFox: ======== FF DefaultProfile: 1mcs3w4v.default FF ProfilePath: C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default [2021-08-28] FF Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-07-28] FF Extension: (InvisibleHand) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2021-07-28] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-07-28] FF Extension: (Video DownloadHelper) - C:\Users\DJA\AppData\Roaming\Mozilla\Firefox\Profiles\1mcs3w4v.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-28] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e) FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Opera: ======= OPR Profile: C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable [2021-08-28] OPR DownloadDir: C:\Users\DJA\Desktop OPR Notifications: Opera Stable -> hxxps://en.bloggif.com; hxxps://fr.madloto.com; hxxps://fr.savefrom.net; hxxps://mycima.ch; hxxps://mycima.onl; hxxps://pu6.biz; hxxps://www.grands-meres.net; hxxps://www.tvfun.live OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (YouTube MP3 Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\danfmmfbeaomffmgdnpgofcmphkpobii [2019-05-23] OPR Extension: (Video Downloader Prime) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\diefijfleiebcgdkmaefbjehgcokpdjl [2019-07-10] OPR Extension: (Youtube Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\enpmcplhdgmglcikkcgoeepoalooagbg [2021-05-30] OPR Extension: (DotVPN - mieux que VPN.) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2019-09-25] OPR Extension: (VDP: Best Video Downloader) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2019-07-11] OPR Extension: (Simple YouTube MP3 Button) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lpoiolmknlakaomcmopanekpndocbbci [2019-06-07] OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-04-07] OPR Extension: (SaveFrom.net Helper) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2021-08-11] OPR Extension: (AdBlocker Ultimate) - C:\Users\DJA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pmpmnoinbkdojlnknogfeoagmhmhgakc [2019-12-28] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [249936 2021-08-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [844888 2019-09-27] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Fichier non signé] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2020-01-05] (Macrovision Europe Ltd.) [Fichier non signé] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-22] (Malwarebytes Inc -> Malwarebytes) U2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [174656 2006-11-02] (Protexis Inc. -> ) [Fichier non signé] R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies Inc. -> VIA Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2019-05-06] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] (Corel Corporation -> ) [Fichier non signé] S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUSTeK Computer Inc. -> ASUS Corporation) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207864 2021-08-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider) R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc. -> McAfee, Inc.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> ) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-22] (Malwarebytes Inc -> Malwarebytes) S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc. -> McAfee, Inc.) R3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2019-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2019-05-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2019-05-06] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-28 10:04 - 2021-08-28 10:04 - 000418739 _____ C:\Users\DJA\Desktop\ZHPDiag.html 2021-08-28 10:04 - 2021-08-28 10:04 - 000340563 _____ C:\Users\DJA\Desktop\ZHPDiag.txt 2021-08-28 09:10 - 2021-08-28 09:10 - 006800432 _____ C:\Users\DJA\Desktop\Love-roses-2502527.zip 2021-08-28 09:09 - 2021-08-28 09:09 - 000822031 _____ C:\Users\DJA\Desktop\LUNECHATSilhouette-of-Cat-Sitting-on-15836259.zip 2021-08-27 22:36 - 2021-08-27 22:39 - 864844180 _____ C:\Users\DJA\Desktop\Ici tout commence_RTBF.be_2021_08_27_18_44.ts 2021-08-26 22:20 - 2021-08-24 10:54 - 000001977 _____ C:\Users\DJA\Desktop\MBAM.txt 2021-08-26 00:13 - 2021-08-26 00:13 - 000002800 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DJA 2021-08-24 23:21 - 2021-08-24 23:29 - 231835130 _____ C:\Users\DJA\Desktop\T 56.mp4 2021-08-24 23:10 - 2021-08-24 23:18 - 225841317 _____ C:\Users\DJA\Desktop\T 55.mp4 2021-08-24 14:42 - 2021-08-28 10:11 - 000000000 ___RD C:\Users\DJA\Desktop\SECURITE 2021-08-22 23:42 - 2021-08-24 10:46 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-22 23:42 - 2021-08-22 23:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-08-22 23:42 - 2021-08-22 23:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Users\DJA\AppData\Local\mbam 2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-08-22 23:42 - 2021-08-22 23:42 - 000000000 ____D C:\Program Files\Malwarebytes 2021-08-22 23:33 - 2021-08-22 23:33 - 000003094 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot 2021-08-22 10:14 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\FRST-OlderVersion 2021-08-22 10:13 - 2021-08-28 10:11 - 000000000 ____D C:\FRST 2021-08-21 22:50 - 2021-08-21 22:56 - 1132408412 _____ C:\Users\DJA\Desktop\Bel & bien - Bel & bien_France 2_2021_08_21_10_01.ts 2021-08-20 23:03 - 2021-08-22 10:38 - 000000000 ____D C:\Users\DJA\Desktop\ZHPSuite 2021-08-18 14:32 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2021-08-18 14:32 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2021-08-18 10:40 - 2021-08-18 10:40 - 000098105 _____ C:\Users\DJA\Desktop\lettres_information_pcastuces_6320-6336.zip 2021-08-18 08:42 - 2021-08-18 08:42 - 060993662 _____ C:\Users\DJA\Desktop\La prière expliquée aux petits et débutants.mp4 2021-08-16 17:54 - 2019-04-07 19:59 - 000000926 _____ C:\Users\DJA\Desktop\Firefox.lnk 2021-08-15 11:02 - 2021-08-15 11:09 - 213519103 _____ C:\Users\DJA\Desktop\T 54.mp4 2021-08-11 18:42 - 2021-08-11 18:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-09 17:56 - 2021-08-09 23:27 - 000000966 _____ C:\Users\DJA\Desktop\Captvty - Raccourci.lnk 2021-08-09 17:56 - 2021-08-09 17:56 - 000000000 ____D C:\Users\DJA\AppData\Local\Intel_Corporation 2021-08-04 11:40 - 2021-08-11 22:35 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-19 16:14 - 2021-08-23 15:47 - 000000000 ____D C:\Users\DJA\Desktop\TOTALEMENT DIVA 2021-07-13 16:36 - 2021-07-13 16:36 - 000002646 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2021-06-21 11:38 - 2021-06-21 11:38 - 000003232 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2021-06-18 17:37 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2021-06-18 17:37 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-18 17:37 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-18 17:37 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-16 11:20 - 2021-06-16 11:20 - 005780594 _____ C:\Users\DJA\Desktop\recorded-6058124270919.MP4 2021-05-30 18:16 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\AppData\Local\FreemakeVideoConverter 2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\Users\DJA\Documents\Freemake 2021-05-30 18:15 - 2021-05-30 18:16 - 000000000 ____D C:\ProgramData\Freemake ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-28 10:06 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Roaming\ZHP 2021-08-28 09:58 - 2019-04-06 14:44 - 000000000 ____D C:\Users\DJA\AppData\Roaming\XnView 2021-08-28 09:26 - 2019-04-05 19:15 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4147460290-4163528885-2369840599-1002 2021-08-28 09:21 - 2020-09-12 17:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-28 09:21 - 2020-09-12 17:33 - 000002208 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-08-28 09:09 - 2014-11-21 00:46 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-28 09:09 - 2014-11-21 00:03 - 000806842 _____ C:\WINDOWS\system32\perfh00C.dat 2021-08-28 09:09 - 2014-11-21 00:03 - 000156662 _____ C:\WINDOWS\system32\perfc00C.dat 2021-08-28 09:09 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2021-08-28 09:08 - 2019-04-16 17:00 - 000000000 ____D C:\Users\DJA\Desktop\NEW 2021-08-28 09:03 - 2019-04-11 19:13 - 000000000 ____D C:\Program Files\CCleaner 2021-08-28 09:02 - 2019-11-25 20:33 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2021-08-28 09:02 - 2019-11-25 15:52 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2021-08-28 09:02 - 2019-11-25 15:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2021-08-28 09:02 - 2013-05-15 12:11 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-28 09:01 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-27 22:36 - 2017-12-07 20:43 - 000000000 ____D C:\Users\DJA\Desktop\CAPTV 2021-08-27 14:52 - 2021-05-23 15:37 - 000001816 _____ C:\Users\DJA\Desktop\Partages.txt 2021-08-27 14:13 - 2021-04-15 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2021-08-27 14:13 - 2020-09-02 21:53 - 000003598 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2021-08-26 21:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-08-26 21:51 - 2019-04-11 19:14 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-26 10:23 - 2020-07-29 10:33 - 000000000 ____D C:\Users\DJA\Desktop\EFFECTS 2021-08-26 00:14 - 2019-04-26 10:54 - 000000000 ____D C:\Users\DJA\AppData\Local\CrashDumps 2021-08-25 09:07 - 2020-12-28 17:58 - 000000000 ____D C:\Users\DJA\Desktop\ABONDANCE 2021-08-24 23:49 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI 2021-08-24 11:22 - 2019-04-28 09:23 - 000000000 ____D C:\Users\DJA\Desktop\CRAFTS 2021-08-22 23:33 - 2012-11-27 06:09 - 000000000 ____D C:\Program Files (x86)\ASUS 2021-08-22 22:58 - 2019-04-07 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-22 22:56 - 2012-11-27 06:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2021-08-22 19:29 - 2020-12-29 17:22 - 000000000 ____D C:\Users\DJA\Desktop\369 2021-08-22 10:00 - 2019-04-06 11:01 - 000000000 ____D C:\Users\DJA\AppData\Local\ZHP 2021-08-21 18:38 - 2020-12-13 12:15 - 000000000 ____D C:\Users\DJA\Desktop\2021 2021-08-20 22:44 - 2020-12-17 10:18 - 000000000 ____D C:\Users\DJA\Desktop\REYHAN 2021-08-19 09:02 - 2019-04-07 19:59 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-19 09:02 - 2016-11-18 16:41 - 000000000 ____D C:\Users\DJA\AppData\LocalLow\Mozilla 2021-08-18 23:15 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-18 23:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2021-08-18 23:08 - 2019-04-09 15:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-18 23:05 - 2019-04-09 15:33 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-18 14:38 - 2013-08-22 16:44 - 003771816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2021-08-18 14:37 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-08-18 08:50 - 2020-09-12 17:33 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-18 08:50 - 2020-09-12 17:33 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-16 14:51 - 2013-08-30 10:05 - 000000000 ____D C:\Users\DJA\Documents\My PSP Files 2021-08-16 13:56 - 2019-05-06 20:31 - 000000000 ____D C:\Users\DJA 2021-08-12 11:21 - 2019-05-07 16:50 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-08-11 18:42 - 2019-04-07 19:59 - 000000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-10 22:30 - 2019-05-02 20:06 - 000207864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2021-08-10 18:52 - 2019-04-05 23:03 - 000000000 ____D C:\Users\DJA\AppData\Roaming\vlc ==================== Fichiers à la racine de certains dossiers ======== 2003-01-30 01:23 - 2001-07-17 16:15 - 000066680 _____ () C:\Program Files (x86)\ARDS1.ttf 2019-04-07 23:21 - 2011-05-25 06:30 - 000684032 _____ (SCI Fhotoroom.) C:\Program Files (x86)\Dreamy.8bf 2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe 2002-12-27 10:47 - 2002-07-28 22:40 - 001059840 _____ (Auto FX Software) C:\Program Files (x86)\DS_Bonus_Plugin.8bf 2002-09-19 13:20 - 2003-05-01 13:59 - 001413120 _____ (Auto FX Software) C:\Program Files (x86)\DS_PlugIn.8bf 2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe 2003-01-20 13:07 - 2003-01-30 19:20 - 001396736 _____ (Auto FX Software) C:\Program Files (x86)\Mystical_PlugIn.8bf 2008-12-04 12:06 - 2008-12-16 11:44 - 001516544 _____ (Auto FX Software) C:\Program Files (x86)\PGE7_Demo_PlugIn.8bf 2019-04-07 13:55 - 2019-04-07 13:55 - 000217464 _____ () C:\Program Files (x86)\PGE7_Demo_Uninstall.log 2019-04-07 23:21 - 2009-09-22 01:47 - 002745256 _____ (Microsoft Corporation) C:\Program Files (x86)\vcredist_x86.exe ==================== SigCheckExt ========================= 2019-05-08 19:18 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll 2002-09-19 13:20 - 2003-05-16 08:01 - 009705984 _____ (Auto FX Software) C:\Program Files (x86)\DS.exe 2003-01-20 13:07 - 2003-01-31 04:43 - 006065152 _____ (Auto FX Software) C:\Program Files (x86)\Mystical.exe 2012-12-19 13:48 - 2012-12-19 13:48 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\msvcr71.dll 2012-12-19 13:48 - 2012-12-19 13:48 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\MSVCRTD.DLL 2019-04-07 18:35 - 1999-12-17 11:13 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe 2013-05-15 12:26 - 2012-09-11 15:01 - 000192000 _____ (ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe 2013-05-15 12:05 - 2012-07-04 04:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll 2006-02-28 13:41 - 2006-02-28 13:41 - 000061440 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dns-sd.exe 2006-02-28 13:41 - 2006-02-28 13:41 - 000053248 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\dnssd.dll 2012-04-20 14:59 - 2012-04-20 14:59 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll 2013-05-15 12:27 - 2013-05-15 12:27 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2013-05-15 12:27 - 2014-02-09 12:06 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2006-11-02 20:40 - 2006-11-02 20:40 - 001456704 _____ (Protexis Inc.) C:\WINDOWS\SysWOW64\PSIKey.dll 2006-11-02 20:40 - 2006-11-02 20:40 - 000174656 _____ C:\WINDOWS\SysWOW64\PSIService.exe 2007-03-21 21:54 - 2007-03-21 21:54 - 000077312 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWAIN_32.DLL 2007-03-21 21:54 - 2007-03-21 21:54 - 000048560 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_16.EXE 2007-03-21 21:54 - 2007-03-21 21:54 - 000069632 _____ (Twain Working Group) C:\WINDOWS\SysWOW64\TWUNK_32.EXE 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE 2019-06-15 18:22 - 2019-06-15 18:22 - 039926376 _____ (DownloadHelper ) C:\Users\DJA\Downloads\VdhCoAppSetup-1.2.4.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a} displayorder {current} toolsdisplayorder {memdiag} timeout 10 Chargeur de d‚marrage Windows ----------------------------- identificateur {819568b3-0ca1-11e3-8c88-f14ca22d013a} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a} path \windows\system32\winload.efi description Windows Recovery Environment locale en-GB inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568b4-0ca1-11e3-8c88-f14ca22d013a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {819568bc-0ca1-11e3-8c88-f14ca22d013a} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {819568be-0ca1-11e3-8c88-f14ca22d013a} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{819568bf-0ca1-11e3-8c88-f14ca22d013a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {dfa40cb0-bd88-11e2-b052-bfa0a6c62be0} device ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.efi description WinPE osdevice ramdisk=[unknown]\sources\boot.wim,{ramdiskoptions} systemroot \windows nx OptIn detecthal Yes winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0} path \windows\system32\winload.efi description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{dfa40cb2-bd88-11e2-b052-bfa0a6c62be0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {819568aa-0ca1-11e3-8c88-f14ca22d013a} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {dfa40cb1-bd88-11e2-b052-bfa0a6c62be0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {819568b1-0ca1-11e3-8c88-f14ca22d013a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {819568b3-0ca1-11e3-8c88-f14ca22d013a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {819568bc-0ca1-11e3-8c88-f14ca22d013a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {819568be-0ca1-11e3-8c88-f14ca22d013a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {819568ac-0ca1-11e3-8c88-f14ca22d013a} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {819568b4-0ca1-11e3-8c88-f14ca22d013a} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {819568bb-0ca1-11e3-8c88-f14ca22d013a} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {819568bf-0ca1-11e3-8c88-f14ca22d013a} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk options ramdisksdidevice unknown ramdisksdipath \boot\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {dfa40cb2-bd88-11e2-b052-bfa0a6c62be0} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2020-09-04 11:20 ==================== Fin de FRST.txt ========================