Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2022 Exécuté par Tanjombato-9A (administrateur) sur TANJOMBATO9A-PC (Dell Inc. Inspiron 5437) (22-06-2022 22:59:18) Exécuté depuis C:\Users\Tanjombato-9A\Desktop Profils chargés: Tanjombato-9A Plate-forme: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4> (C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (D:\Clean Master\cmcore.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmtray.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (services.exe ->) () [Fichier non signé] C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (services.exe ->) (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) D:\Clean Master\cmcore.exe (services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (services.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7827256 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212816 2022-06-13] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [cmsc] => D:\Clean Master\cmtray.exe [1598112 2021-12-20] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [AvastBrowserAutoLaunch_882441BAAA94E2E03EB9FE1BCBF2F1B0] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Run: [{BFA17B4C-70D3-480F-8476-76197F614AB6}] => D:\Logs\Antidote\Installer Antidote.exe [1447909654 2017-05-24] (Druide informatique inc.) [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\Policies\Explorer: [nolowdiskspacechecks] 1 HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: I - I:\Autoplay.exe -auto HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {2528bf19-a074-11eb-bd9a-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {4037ef0e-ab0d-11e5-9c9e-0c84dc899d12} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Autorun.exe HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {912db8cf-9af0-11eb-acef-0c84dc899d12} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {afeb2d86-515a-11e5-8dfd-0c84dc899d12} - F:\Setup.exe /Auto HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {b37a73e9-5915-11e5-91fb-0c84dc899d12} - G:\SETUP.EXE HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {dc8dc0c5-1e13-11e9-a156-0c84dc899d12} - F:\VerizonSWUpgradeAssistantLauncher.exe HKU\S-1-5-21-3965708718-977226661-2995584820-1000\...\MountPoints2: {fa6fe055-eab0-11ea-b7ed-0c84dc899d12} - F:\HiSuiteDownLoader.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-15] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\Installer\chrmstp.exe [2022-06-12] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {26994419-55A9-466E-B42B-0506CB72A63E} - System32\Tasks\{98C724E1-02A2-4D4F-8EFE-C606C8EE9FAD} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W74_A00_Setup-NXXK2_ZPE.exe -d G:\pilote Task: {2A7905CB-019C-4EF6-AC3B-75A496B708FC} - System32\Tasks\{95CCA941-C40F-4243-870A-22F2D254F37A} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.) Task: {3306E324-0BF7-4D27-8F0F-071EECF4827B} - System32\Tasks\{E74D0858-7DE1-4D6A-ACD8-C33CD8FBA054} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83525184 2019-10-03] (Skype Software Sarl -> Skype Technologies S.A.) Task: {353D9DE5-7FDD-45B4-8ADB-CBDBBED5E199} - System32\Tasks\{D6A505FF-6D56-4A82-B135-18AB4B2067F6} => C:\Windows\system32\pcalua.exe -a G:\pilote\DW1705_W84_X03_A00_Setup-X9X20_ZPE.exe -d G:\pilote Task: {38C7EB8B-6649-4BAD-8180-B29BFA492CFA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4925264 2022-06-13] (Avast Software s.r.o. -> AVAST Software) Task: {4F62980E-A005-4261-ADDE-B16D5D91788E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier) Task: {535EDECC-1CD1-447B-85AF-123503C724F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC) Task: {5593254E-8636-4B2B-94F9-FF0306DC8FDE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software) Task: {600E7069-1673-4E89-90BB-72485CA550B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software) Task: {61EEAE88-54A4-4ECF-A1E3-AD342AC422EC} - System32\Tasks\{1B5BD473-3C2E-4AD1-B48F-C4A0A994A14A} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.7.0.102&LastError=12007 Task: {72A40CDD-A51A-4BFC-9B6C-11D72AC22CBA} - System32\Tasks\Opera scheduled Autoupdate 1441026236 => c:\program files (x86)\opera\launcher.exe [1465432 2019-02-26] (Opera Software AS -> Opera Software) Task: {761A62B0-3A2B-4E01-A97C-A949270F12D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {838401B0-28DB-401A-8F05-58EFC2AA940F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2776672 2022-05-31] (Avast Software s.r.o. -> AVAST Software) Task: {8A312DE9-B20B-49BF-8772-5460A617535E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {92363985-F175-4399-86DC-92DE54766FA0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software) Task: {9C41B6B0-FB68-4CDE-835B-63E7D7ABEA76} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software) Task: {AB6882DB-89C3-477B-9A22-33FF8D743051} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {D44027A6-F2DF-4E02-8C3F-B542CE068E0B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {EC631B3C-E6EB-4BE8-812C-EECCE7C212B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {EED48437-3601-4922-A21C-1C6AD1A27881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-23] (Google Inc -> Google LLC) Task: {F3C6845D-5E31-49DB-A933-4C6D0EAA3A56} - System32\Tasks\{9F50E050-B806-42C2-8F43-9882458F8A97} => C:\Windows\system32\pcalua.exe -a G:\pilote\qualcomm_wirleess_10.0.0.298\Setup.exe -d G:\pilote\qualcomm_wirleess_10.0.0.298 (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{A7BBCE69-4E14-45DA-BB88-4BF1EA2D0572}: [DhcpNameServer] 192.168.8.1 192.168.8.1 FireFox: ======== FF DefaultProfile: 4pmrslrk.default-1511159673899 FF ProfilePath: C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899 [2022-06-22] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Roaming\Mozilla\Firefox\Profiles\4pmrslrk.default-1511159673899\Extensions\sp@avast.com.xpi [2022-05-17] FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [] FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [Pas de fichier] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default [2022-06-22] CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA==" CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSIgpbVw1EQxgUcQtcTA1HEAEOeAsNBBRAR1RGcQ4PAglFF1QFIk0FA1oDB0VXfV5bFElXTwhvNVpTGHsDSFJLNA==" CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQhaUlpHFQBBbQ4JU11cFQMSdBQAUwwUDARFIVwJVg4SEQEVIR9aFQQTQkcFME0FBloEURNNfXVNAlIIY0dKJ1FM&q={searchTerms} CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHARBc1oOVQwTDAIScl0VVQ9AFRgbcgxdTAgXQFASdw5bUQ1HQBNBNARaAktXUUEeJ1pNER8fHHlWI1JBI0sYRl1X CHR Extension: (Recherche Google) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-19] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-02-18] CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-20] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-21] CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-15] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-22] CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-22] CHR HomePage: Profile 1 -> msn.com CHR DefaultSearchURL: Profile 1 -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSuggestURL: Profile 1 -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Extension: (Slides) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-06] CHR Extension: (Docs) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-06] CHR Extension: (Google Drive) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-06] CHR Extension: (YouTube) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-06] CHR Extension: (Adobe Acrobat) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-06] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-10-06] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2021-10-06] CHR Extension: (Sheets) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-06] CHR Extension: (Google Docs hors connexion) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-16] CHR Extension: (Skype) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-06] CHR Extension: (Gmail) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-06] CHR Extension: (Chrome Media Router) - C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-10-06] CHR Profile: C:\Users\Tanjombato-9A\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-22] CHR HKU\S-1-5-21-3965708718-977226661-2995584820-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] Opera: ======= OPR Profile: C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable [2022-06-22] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Lucky Bright) - C:\Users\Tanjombato-9A\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekegpojkfimccgkihlbijfdcbkkpnnao [2015-12-11] [UpdateUrl:hxxp://cdn.luckybright.net/update] <==== ATTENTION ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8432776 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Fichier non signé] S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\102.0.16817.63\elevation_service.exe [2024032 2022-05-31] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software) S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Skype Software Sarl -> Microsoft Corporation) S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Skype Software Sarl -> Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 cmcore; D:\Clean Master\cmcore.exe [397936 2021-08-23] (Cheetah Mobile Inc. -> Cheetah Mobile,Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Fichier non signé] R2 UDisk Monitor; C:\Program Files\MOOV UI\bin\MonServiceUDisk64.exe [410112 2009-08-05] () [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [38912 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [232648 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [382608 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [255136 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [102048 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [45072 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [271600 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548968 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111056 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [86120 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [857488 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [662160 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218608 2022-06-13] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [321928 2022-06-13] (Avast Software s.r.o. -> AVAST Software) S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-12] (Disc Soft Ltd -> Disc Soft Ltd) R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [81584 2021-08-23] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) S3 WYTmtusbser; C:\Windows\System32\DRIVERS\CT_WYTMT_U_USBSER.sys [119168 2009-07-28] (Microsoft Windows Hardware Compatibility Publisher -> ZTEMT Incorporated) S3 GENERICDRV; \??\G:\amifldrv64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-22 22:59 - 2022-06-22 23:15 - 000031071 _____ C:\Users\Tanjombato-9A\Desktop\FRST.txt 2022-06-22 22:51 - 2022-06-22 23:12 - 000000000 ____D C:\FRST 2022-06-22 22:47 - 2022-06-22 22:47 - 000338309 _____ C:\Users\Public\Desktop\ZHPDiag.txt 2022-06-22 22:37 - 2022-06-22 22:47 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\ZHP 2022-06-22 22:37 - 2022-06-22 22:37 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\ZHP 2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe 2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe 2022-06-22 21:44 - 2022-06-22 21:44 - 000000000 ___RD C:\Users\Tanjombato-9A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2022-06-22 21:06 - 2022-06-22 21:06 - 411482804 _____ C:\Windows\MEMORY.DMP 2022-06-22 21:06 - 2022-06-22 21:06 - 000320832 _____ C:\Windows\Minidump\062222-32822-01.dmp 2022-06-14 16:08 - 2022-06-14 16:08 - 000396920 _____ C:\Windows\Minidump\061422-52307-01.dmp 2022-06-13 04:23 - 2022-06-13 04:23 - 000269136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2022-06-13 04:23 - 2022-06-13 04:23 - 000218608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2022-06-12 12:13 - 2022-06-12 12:13 - 000328624 _____ C:\Windows\Minidump\061222-53835-01.dmp 2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E} 2022-05-28 04:35 - 2022-05-28 04:35 - 000000000 ____D C:\Windows\system32\gf2engine 2022-05-21 16:12 - 2022-05-21 16:13 - 000766728 _____ C:\Windows\Minidump\052122-47346-01.dmp 2022-05-15 17:23 - 2022-05-15 17:24 - 000767040 _____ C:\Windows\Minidump\051522-50840-01.dmp 2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignec0166358a7f531c 2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignc70bbcaf4042c77d 2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsignb7b59ae2edeb8d5a 2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign4cd57040400c074e 2022-04-08 12:50 - 2022-04-08 12:50 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\Tempzxpsign09e7348318e47856 2022-04-06 21:51 - 2022-06-14 22:01 - 000000971 _____ C:\Users\Tanjombato-9A\Desktop\Donblas.txt ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-06-22 22:43 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-06-22 22:16 - 2018-06-07 19:00 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\AVAST Software 2022-06-22 22:10 - 2015-08-31 16:12 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-22 21:45 - 2015-08-31 19:59 - 000000000 __SHD C:\Users\Tanjombato-9A\IntelGraphicsProfiles 2022-06-22 21:40 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-22 21:16 - 2020-05-11 23:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-06-22 21:06 - 2020-06-26 11:04 - 000000000 ____D C:\Windows\Minidump 2022-06-22 10:39 - 2016-02-01 20:14 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Local\CrashDumps 2022-06-20 16:47 - 2015-10-12 08:55 - 000000000 ____D C:\ProgramData\AVAST Software 2022-06-20 13:03 - 2018-08-09 20:08 - 000473306 _____ C:\Windows\system32\perfh00B.dat 2022-06-20 13:03 - 2018-08-09 20:08 - 000101388 _____ C:\Windows\system32\perfc00B.dat 2022-06-20 13:03 - 2018-08-09 19:52 - 000675558 _____ C:\Windows\system32\perfh00E.dat 2022-06-20 13:03 - 2018-08-09 19:52 - 000171142 _____ C:\Windows\system32\perfc00E.dat 2022-06-20 13:03 - 2018-08-09 19:23 - 000737260 _____ C:\Windows\system32\perfh00A.dat 2022-06-20 13:03 - 2018-08-09 19:23 - 000158342 _____ C:\Windows\system32\perfc00A.dat 2022-06-20 13:03 - 2018-08-09 19:09 - 000384148 _____ C:\Windows\system32\perfh00D.dat 2022-06-20 13:03 - 2018-08-09 19:09 - 000084626 _____ C:\Windows\system32\perfc00D.dat 2022-06-20 13:03 - 2018-08-09 18:35 - 000731850 _____ C:\Windows\system32\perfh010.dat 2022-06-20 13:03 - 2018-08-09 18:35 - 000146714 _____ C:\Windows\system32\perfc010.dat 2022-06-20 13:03 - 2018-08-09 18:22 - 000470818 _____ C:\Windows\system32\perfh001.dat 2022-06-20 13:03 - 2018-08-09 18:22 - 000094640 _____ C:\Windows\system32\perfc001.dat 2022-06-20 13:03 - 2018-08-09 17:57 - 000689012 _____ C:\Windows\system32\perfh007.dat 2022-06-20 13:03 - 2018-08-09 17:57 - 000148984 _____ C:\Windows\system32\perfc007.dat 2022-06-20 13:03 - 2010-11-21 09:19 - 000747570 _____ C:\Windows\system32\perfh00C.dat 2022-06-20 13:03 - 2010-11-21 09:19 - 000150062 _____ C:\Windows\system32\perfc00C.dat 2022-06-20 13:03 - 2009-07-14 08:13 - 006725942 _____ C:\Windows\system32\PerfStringBackup.INI 2022-06-20 13:03 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2022-06-19 18:46 - 2019-06-23 10:59 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-06-19 18:46 - 2019-06-23 10:59 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-06-19 18:46 - 2017-05-10 11:25 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2022-06-13 04:24 - 2019-01-15 10:52 - 000382608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2022-06-13 04:24 - 2018-06-29 20:40 - 000321928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2022-06-13 04:23 - 2020-10-14 09:41 - 000271600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2022-06-13 04:23 - 2020-04-15 12:05 - 000548968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2022-06-13 04:23 - 2019-01-04 20:57 - 000255136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2022-06-13 04:23 - 2019-01-04 20:57 - 000102048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2022-06-13 04:23 - 2018-10-20 18:05 - 000045072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2022-06-13 04:23 - 2018-06-29 20:40 - 000662160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2022-06-13 04:23 - 2018-06-29 20:40 - 000111056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2022-06-13 04:23 - 2018-06-29 20:40 - 000086120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2022-06-13 04:22 - 2019-01-04 20:57 - 000038912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2022-06-13 04:22 - 2018-06-29 20:40 - 000857488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2022-06-13 04:22 - 2018-06-29 20:40 - 000232648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2022-06-12 13:33 - 2019-06-29 12:17 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2022-06-12 13:33 - 2018-06-07 19:04 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2022-06-12 13:33 - 2018-06-07 19:04 - 000002384 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2022-06-08 14:37 - 2015-09-04 16:39 - 000000000 ____D C:\Users\Tanjombato-9A\AppData\Roaming\vlc 2022-06-02 06:15 - 2015-11-09 06:33 - 000000496 __RSH C:\ProgramData\ntuser.pol 2022-06-01 09:35 - 2015-08-31 12:19 - 000000000 ____D C:\Users\Tanjombato-9A\Documents\Bluetooth Folder ==================== Fichiers à la racine de certains dossiers ======== 2020-06-08 16:42 - 2020-06-08 16:42 - 024166400 _____ () C:\Program Files (x86)\GUT196.tmp 2020-06-04 17:48 - 2020-06-04 17:48 - 024166400 _____ () C:\Program Files (x86)\GUT3228.tmp 2020-06-02 16:51 - 2020-06-02 16:51 - 024166400 _____ () C:\Program Files (x86)\GUT64DB.tmp 2020-06-06 17:07 - 2020-06-06 17:07 - 024166400 _____ () C:\Program Files (x86)\GUT76A6.tmp 2020-06-07 06:08 - 2020-06-07 06:08 - 024166400 _____ () C:\Program Files (x86)\GUT7CCC.tmp 2021-08-25 10:44 - 2022-04-08 12:48 - 000000033 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\AdobeWLCMCache.dat 2018-07-24 17:13 - 2018-11-09 11:01 - 000000130 _____ () C:\Users\Tanjombato-9A\AppData\Roaming\WB.CFG 2015-09-04 20:09 - 2015-09-04 20:09 - 000000017 _____ () C:\Users\Tanjombato-9A\AppData\Local\resmon.resmoncfg 2022-06-02 05:40 - 2022-06-02 05:40 - 000000000 _____ () C:\Users\Tanjombato-9A\AppData\Local\{78744B41-D6D7-40ED-BB91-FB218422439E} ==================== SigCheckExt ========================= 2012-12-28 12:09 - 2012-12-28 12:09 - 000361600 _____ (Qualcomm Atheros Commnucations) C:\Windows\system32\AthCredentialProvider.dll 2015-08-31 20:05 - 2015-08-07 14:06 - 001756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-31 20:05 - 2015-08-07 14:06 - 001710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-05-13 13:58 - 2014-05-13 13:58 - 000002560 _____ (Intel(R) Corporation) C:\Windows\SysWOW64\IusEventLog.dll 2015-08-31 20:05 - 2015-08-07 14:06 - 001316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-31 20:05 - 2015-08-07 14:06 - 001423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-09-12 10:07 - 2003-04-18 19:06 - 000008192 _____ C:\Windows\SysWOW64\srvany.exe 2015-08-31 15:08 - 2015-06-15 11:00 - 000041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2022-06-22 22:21 - 2022-06-22 22:22 - 002369024 _____ (Farbar) C:\Users\Tanjombato-9A\Desktop\FRST64.exe 2022-06-22 22:18 - 2022-06-22 22:18 - 003487472 _____ (Nicolas Coolman) C:\Users\Tanjombato-9A\Desktop\ZHPSuite.exe 2015-09-01 00:08 - 2015-09-01 00:08 - 000417064 _____ () C:\Users\Tanjombato-9A\Downloads\DellSystemDetectLauncher.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {8acde8b7-4fcd-11e5-bc13-85400005b9a8} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {8acde8b5-4fcd-11e5-bc13-85400005b9a8} nx OptIn Chargeur de d‚marrage Windows ----------------------------- identificateur {8acde8b7-4fcd-11e5-bc13-85400005b9a8} device ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\Winre.wim,{8acde8b8-4fcd-11e5-bc13-85400005b9a8} systemroot \windows nx OptIn winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {8acde8b5-4fcd-11e5-bc13-85400005b9a8} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems Yes ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {8acde8b8-4fcd-11e5-bc13-85400005b9a8} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\8acde8b7-4fcd-11e5-bc13-85400005b9a8\boot.sdi LastRegBack: 2022-06-16 00:45 ==================== Fin de FRST.txt ========================