Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022 Exécuté par Psych (administrateur) sur LAPTOP-ABE5EPBT (Acer Aspire E5-523G) (28-10-2022 07:31:35) Exécuté depuis C:\Users\Psych\Desktop Profils chargés: Psych Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2130 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4> (C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2> (explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212192 2022-10-03] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [MicrosoftEdgeAutoLaunch_D3F70B7D7C9721DF60ACECFA1C2BC6AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0C6CDF48-17EB-4B61-9819-F63257BAAD14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4946144 2022-10-03] (Avast Software s.r.o. -> AVAST Software) Task: {16DD17B3-02BC-45E8-B7DE-02829102459D} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier) Task: {28D7243D-8DBD-484F-8DA8-061A391E51FB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (Pas de fichier) Task: {2FB14086-EB68-45AD-BBE8-B17B91B28A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {52BF9C25-B86A-4B5A-9329-3B4B249ADD6E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {52E091DD-1F5D-45FB-92F0-F0748722D5A2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {582B390E-2B3A-4D41-BCEE-1E58E4718AC5} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {5E7D664F-F237-488D-8488-B0D940A165DE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {72095355-9148-4CB3-AB56-BA762C866660} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7CBF0B9B-0512-47FD-B7C4-0F491A02EB8B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-14] (Adobe Inc. -> Adobe) Task: {8C3615F1-208D-4FA0-97B0-8153F309923D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> ) Task: {B9F47175-F3DA-4310-9CB4-810229B80289} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier) Task: {C13141E4-FC32-4E17-AB01-203D864FB859} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-12-02] (Acer Incorporated -> Acer Incorporated) Task: {D2FC16C6-344E-4434-857E-1669029EBFCD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {D5E3E407-3E57-48BE-9CB7-BD66B0DDCB55} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software) Task: {DE159F22-CC55-44DE-96E8-051D539735C0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {FB779937-04BA-413B-B17F-1E191539F0ED} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{85da40b5-55a6-4776-aa67-39a15181517a}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a119e1d5-dd27-4f98-9824-42a3d7ff2ea7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d3d5298f-39ff-42da-917b-53d0cf37c48c}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-28] Edge Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpmacpalonncbafboibpcjcpadloannb [2022-10-22] FireFox: ======== FF DefaultProfile: qll0ygox.default-1526207948301 FF ProfilePath: C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 [2022-10-28] FF Homepage: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.msn.com/fr-fr FF Notifications: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.running-addict.fr FF Extension: (eID Belgique) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-03] FF Extension: (Notifier for Gmail™) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-09-18] FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\sp@avast.com.xpi [2022-08-22] FF Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2022-10-27] FF Extension: (Connective signing extension) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2021-07-16] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> ) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin HKU\S-1-5-21-1293743166-411171862-1139664926-1001: connective.be/BrowserPlugin -> C:\Users\Psych\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [592608 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [592096 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-10-10] (HP Inc. -> HP Inc.) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-03] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-03] (Avast Software s.r.o. -> AVAST Software) R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-10-28 07:31 - 2022-10-28 07:32 - 000017471 _____ C:\Users\Psych\Desktop\FRST.txt 2022-10-28 07:30 - 2022-10-28 07:31 - 000000000 ____D C:\FRST 2022-10-28 07:29 - 2022-10-28 07:29 - 002373632 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe 2022-10-28 07:25 - 2022-10-28 07:25 - 000318824 _____ C:\Users\Psych\Desktop\ZHPDiag.txt 2022-10-28 07:14 - 2022-10-28 07:25 - 000000000 ____D C:\Users\Psych\AppData\Roaming\ZHP 2022-10-28 07:14 - 2022-10-28 07:14 - 000000914 _____ C:\Users\Psych\Desktop\ZHPSuite.lnk 2022-10-28 07:14 - 2022-10-28 07:14 - 000000842 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZHPSuite.lnk 2022-10-27 17:57 - 2022-10-28 07:14 - 000000000 ____D C:\Users\Psych\Desktop\ZHP 2022-10-27 17:57 - 2022-10-27 17:57 - 000000000 ____D C:\Users\Psych\AppData\Local\ZHP 2022-10-27 12:26 - 2022-10-28 07:05 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-21 18:21 - 2022-10-21 18:21 - 000002232 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2022-10-14 05:38 - 2022-10-14 05:38 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2022-10-12 06:08 - 2022-10-12 06:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-12 06:08 - 2022-10-12 06:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-12 06:08 - 2022-10-12 06:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-12 06:08 - 2022-10-12 06:08 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-12 06:08 - 2022-10-12 06:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-12 06:07 - 2022-10-12 06:07 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-12 06:07 - 2022-10-12 06:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-12 05:54 - 2022-10-12 05:54 - 000000000 ___HD C:\$WinREAgent 2022-10-11 17:26 - 2022-10-11 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2022-10-11 17:22 - 2022-10-11 17:47 - 000000000 ____D C:\Users\Psych\Desktop\Engie financement 2022-10-04 14:43 - 2022-10-04 14:35 - 000186525 _____ C:\Users\Psych\Desktop\Questionnaire-patient_juillet_2019.pdf 2022-10-04 14:36 - 2022-10-04 14:35 - 000023244 _____ C:\Users\Psych\Desktop\9dda2cf6-540e-48a8-b305-a5c546ffd459.pdf 2022-10-03 17:34 - 2022-10-03 17:34 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-10-03 17:34 - 2022-10-03 17:34 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2022-09-18 21:03 - 2022-09-18 21:15 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (6) 2022-09-18 20:25 - 2022-09-18 20:52 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (5) 2022-09-14 22:28 - 2022-09-14 22:28 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll 2022-09-14 22:28 - 2022-09-14 22:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-08-22 17:39 - 2022-08-22 17:39 - 001010620 _____ C:\WINDOWS\Minidump\082222-14906-01.dmp 2022-08-11 00:04 - 2022-08-11 00:04 - 000000000 ____D C:\Users\Psych\Desktop\Bridget 2022-08-10 22:19 - 2022-08-10 22:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-10 22:19 - 2022-08-10 22:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-10 22:17 - 2022-08-10 22:17 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-10 22:16 - 2022-08-10 22:16 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-10 22:16 - 2022-08-10 22:16 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-10-28 07:31 - 2020-11-07 21:05 - 000000000 ____D C:\Users\defaultuser0 2022-10-28 07:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-28 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-28 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-28 07:11 - 2018-05-12 23:02 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\Mozilla 2022-10-28 07:10 - 2020-11-07 21:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-28 07:10 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2022-10-28 07:10 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2022-10-28 07:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-10-28 07:08 - 2020-11-07 21:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-10-28 07:08 - 2020-11-07 21:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2022-10-28 07:07 - 2019-11-22 16:08 - 000000000 ___RD C:\Users\Psych\OneDrive 2022-10-28 07:06 - 2020-11-07 21:05 - 000000000 ____D C:\Users\Psych 2022-10-28 07:05 - 2020-11-13 07:49 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-28 07:05 - 2020-11-07 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-28 07:05 - 2020-11-07 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-28 07:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-10-28 07:05 - 2018-05-13 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-27 16:38 - 2021-09-25 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-10-27 16:38 - 2018-05-13 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-27 12:58 - 2018-07-31 08:40 - 000000000 ____D C:\Users\Psych\AppData\Local\AVAST Software 2022-10-26 14:22 - 2018-05-12 23:55 - 000000000 ____D C:\Users\Psych\AppData\Local\CrashDumps 2022-10-25 15:35 - 2019-12-11 18:54 - 000000000 ____D C:\ProgramData\Autodesk 2022-10-25 15:29 - 2019-12-11 19:10 - 000000000 ____D C:\Program Files (x86)\Autodesk 2022-10-25 15:14 - 2017-01-24 12:49 - 000000000 ____D C:\ProgramData\Package Cache 2022-10-25 14:35 - 2020-11-07 21:15 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1293743166-411171862-1139664926-1001 2022-10-25 14:35 - 2020-11-07 21:05 - 000002466 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-23 14:31 - 2020-07-04 22:58 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-23 14:31 - 2020-07-04 22:58 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-10-21 18:21 - 2022-02-09 15:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-19 22:01 - 2021-12-11 05:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1293743166-411171862-1139664926-1001 2022-10-16 17:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-15 08:47 - 2020-11-07 21:15 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-15 08:47 - 2020-11-07 21:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-12 17:17 - 2018-05-12 23:31 - 000000000 ____D C:\ProgramData\AVAST Software 2022-10-12 07:03 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-10-12 07:03 - 2017-06-09 18:30 - 000065536 _____ C:\WINDOWS\psp_storage.bin 2022-10-12 07:02 - 2020-11-07 21:02 - 000456304 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-12 06:13 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2022-10-12 06:13 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-12 06:07 - 2020-11-07 21:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-12 05:52 - 2018-05-13 14:37 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-12 05:46 - 2018-05-13 14:37 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-11 17:26 - 2021-06-18 14:01 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2022-10-03 17:34 - 2020-10-26 19:25 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-10-03 17:34 - 2020-04-20 22:24 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-10-03 17:34 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-03 17:34 - 2019-01-10 11:00 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-10-03 17:34 - 2019-01-10 11:00 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-10-03 17:34 - 2019-01-10 11:00 - 000042296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2022-10-03 17:34 - 2018-10-24 06:50 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-10-03 17:34 - 2018-05-12 23:35 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-10-03 17:33 - 2019-01-14 18:20 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys ==================== SigCheckExt ========================= 2017-06-09 18:33 - 2016-07-16 13:43 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll 2013-03-01 03:47 - 2013-03-01 03:47 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll 2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE 2022-10-28 07:29 - 2022-10-28 07:29 - 002373632 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {2b0723d6-4d0a-11e7-bef6-806e6f6e6963} {2b0723d7-4d0a-11e7-bef6-806e6f6e6963} {2b0723d8-4d0a-11e7-bef6-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {1ff6e0fb-4d90-11e7-b0d4-a81e849e78a1} description Unknown Device: Application logicielle (101fffff) -------------------------------- identificateur {1ff6e0fd-4d90-11e7-b0d4-a81e849e78a1} description Unknown Device: Application logicielle (101fffff) -------------------------------- identificateur {1ff6e0fe-4d90-11e7-b0d4-a81e849e78a1} description Unknown Device: Application logicielle (101fffff) -------------------------------- identificateur {2b0723d6-4d0a-11e7-bef6-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {2b0723d7-4d0a-11e7-bef6-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {2b0723d8-4d0a-11e7-bef6-806e6f6e6963} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {b5f95ce3-212b-11eb-946b-ff6bb89960be} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {b5f95ce1-212b-11eb-946b-ff6bb89960be} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {b5f95ce4-212b-11eb-946b-ff6bb89960be} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================