Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2022 Exécuté par Claude (administrateur) sur PC-MONIQUE (Gigabyte Technology Co., Ltd. P55A-UD4) (28-12-2022 07:22:47) Exécuté depuis C:\Users\Claude\Desktop Profils chargés: Claude Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe ->) (Druide informatique inc. -> Druide informatique inc.) C:\Program Files\Druide\Antidote 11\Application\Bin64\Antidote.exe (D:\THP\ThunderbirdPortable.exe ->) (Mozilla Corporation -> Mozilla Corporation) D:\THP\App\Thunderbird\thunderbird.exe <4> (explorer.exe ->) (Copernic Inc. -> Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe (explorer.exe ->) (Druide informatique inc. -> Druide informatique inc.) C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe (explorer.exe ->) (EnTech Taiwan -> EnTech Taiwan) [Fichier non signé] C:\Program Files (x86)\iRotate\iRotate.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Rare Ideas LLC -> PortableApps.com) D:\THP\ThunderbirdPortable.exe (Mozilla Corporation -> Mozilla Corporation) C:\Users\Claude\AppData\Local\Mozilla Firefox\firefox.exe <14> (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2> (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2> (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [215960 2022-12-07] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2015-06-29] (NVIDIA Corporation -> ) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) HKLM\...\Run: [AgentConnectix64] => C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe [3239872 2022-12-09] (Druide informatique inc. -> Druide informatique inc.) HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG -> Nero AG) HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Run: [Copernic Desktop Search - Home] => C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc. -> Copernic Inc.) HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\MountPoints2: {6680f34f-94a9-11eb-b8e7-00e04c683108} - "I:\AutoRun.exe" HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\MountPoints2: {6680f37a-94a9-11eb-b8e7-00e04c683108} - "I:\AutoRun.exe" HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2020-08-03] (Softland) [Fichier non signé] HKLM\...\Print\Monitors\PDF-XChange4-ABBYY: C:\Windows\system32\pxc40pma.dll [50456 2009-11-09] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-23] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-08-08] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) Startup: C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRotate.lnk [2020-07-05] ShortcutTarget: iRotate.lnk -> C:\Program Files (x86)\iRotate\iRotate.exe (EnTech Taiwan -> EnTech Taiwan) [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {006BA72C-4FCE-4F85-9D34-9CB5C10D0EB3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {033D354F-061B-4B94-A1E7-1636D43A58FA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {0E8050E8-5381-4422-B33D-CACCC658C664} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2022-04-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {16A421B7-2DE8-4811-BE2E-CF1C5A21705D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {1FD30229-F3E4-4764-AF81-005ABC1D2FD7} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-08-03] (Softland SRL -> ) Task: {27FEEDD7-0D1C-4D0C-BD5C-9883C1291E80} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-08-03] (Softland SRL -> ) Task: {30C1F9F1-65EC-4606-80BE-6CE3A6BBA3D4} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {342200CA-9751-4594-A026-7DD602A7B825} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {3D90910F-16DD-48F8-A266-801E12E80C5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-09] (Google LLC -> Google LLC) Task: {3FCD1BBC-8953-415E-89FA-18870373ADC4} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {417754B8-D750-4759-98FB-6B9C7389DF32} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Task: {4D3DE76F-5B98-416D-93D9-13D6886C5DDF} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {4DE16EE5-0344-497D-BC1F-370269C55A0A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4954008 2022-12-07] (Avast Software s.r.o. -> AVAST Software) Task: {5D58EF18-4C6F-4EB6-8867-07B55A2819E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {6931B5DC-12B6-4D76-BB98-C77602CBCAAB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {6AA65EBB-1F33-427A-AD93-DF10AA180BCE} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {6EBD0B86-F814-4EE7-888D-729734000CC7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {9830E3A9-5B50-4C9D-A115-1D54878F4DBA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {AFB030E2-9CA2-475C-B3A1-BF65A4E8EFFF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {B77297B1-BE1C-46D1-B680-C671025054FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-09] (Google LLC -> Google LLC) Task: {BD8252E0-74D4-4DD7-AA50-AD73243D7DF4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1615336 2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Task: {C07757D2-8942-4F46-B2AF-7590B80037D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-08-23] (Avast Software s.r.o. -> Avast Software) Task: {C13D0317-CFE8-4F02-B5B8-5CB807A7CA31} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2022-04-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {C58ADDD2-2365-428E-AB91-E9FCD3403F99} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Task: {DFC6B32C-65DF-47AB-A253-093C4C5C06C9} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {E98CE7B5-8A85-4EC8-B3CE-6481743D85DB} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {EE2FB464-E4FB-43A9-9786-EEF65E141991} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {F6F16225-74E0-4AE2-BFB5-157EFB08A5F8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 65E036773E273A09 => C:\Users\Claude\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "65E036773E273A09" (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e10b49cf-50c6-4994-8b52-d8d45d7b9d55}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{e10b49cf-50c6-4994-8b52-d8d45d7b9d55}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] FireFox: ======== FF DefaultProfile: mtyll6mk.default FF ProfilePath: D:\Mes Documents\ProfileFirefox [2022-12-28] FF DownloadDir: C:\Users\Claude\Desktop FF Homepage: D:\Mes Documents\ProfileFirefox -> hxxps://www.google.fr/ FF Session Restore: D:\Mes Documents\ProfileFirefox -> est activé. FF Notifications: D:\Mes Documents\ProfileFirefox -> hxxps://web.whatsapp.com; hxxps://sleuthkit.discourse.group FF Extension: (Connecteur pour Antidote) - D:\Mes Documents\ProfileFirefox\Extensions\antidote_uni11_firefox@druide.com.xpi [2022-12-02] FF Extension: (Alerte Bons Plans eBuyClub) - D:\Mes Documents\ProfileFirefox\Extensions\ebctb@plebicom.xul.xpi [2022-06-04] [UpdateUrl:hxxps://www.ebuyclub.com/Toolbar/FF/versions.json] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - D:\Mes Documents\ProfileFirefox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-12-06] FF SearchPlugin: D:\Mes Documents\ProfileFirefox\searchplugins\google-default.xml [2015-04-21] FF ProfilePath: C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\mtyll6mk.default [2020-07-08] FF ProfilePath: C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\8k0pi9sb.default-release [2022-07-27] FF Homepage: Mozilla\Firefox\Profiles\8k0pi9sb.default-release -> hxxps://www.google.fr/ FF Session Restore: Mozilla\Firefox\Profiles\8k0pi9sb.default-release -> est activé. FF Extension: (Connecteur pour Antidote) - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\8k0pi9sb.default-release\Extensions\antidote_uni11_firefox@druide.com.xpi [2022-11-16] FF Extension: (Avast Online Security) - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\8k0pi9sb.default-release\Extensions\wrc@avast.com.xpi [2020-07-05] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\8k0pi9sb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-07-05] FF HKU\S-1-5-21-236189216-5393697-1295916501-1001\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector FF Extension: (Copernic Desktop Search - Search Firefox content) - c:\program files (x86)\copernic desktop search - home\firefoxconnector [2020-07-25] [] [non signé] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-12-27] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default [2022-12-23] CHR Extension: (Google Docs hors connexion) - C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30] CHR Extension: (Connecteur pour Antidote) - C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2022-12-15] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-09] CHR HKLM\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm] CHR HKU\S-1-5-21-236189216-5393697-1295916501-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY SOLUTIONS LIMITED -> ABBYY) S3 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3189712 2020-07-05] (philandro Software GmbH -> philandro Software GmbH) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8553880 2022-12-20] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [597400 2022-12-07] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [597400 2022-12-07] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-09] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG -> Nero AG) R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-08-03] (Softland SRL -> Microsoft) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7ac81bdb2c36ac80\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31424 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229208 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391272 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297832 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [267888 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80376 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852000 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [695496 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318456 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-28 07:22 - 2022-12-28 07:23 - 000028029 _____ C:\Users\Claude\Desktop\FRST.txt 2022-12-28 07:22 - 2022-12-28 07:23 - 000000000 ____D C:\FRST 2022-12-28 07:20 - 2022-12-28 07:20 - 002375680 _____ (Farbar) C:\Users\Claude\Desktop\FRST64.exe 2022-12-27 11:54 - 2022-12-27 11:54 - 000327003 _____ C:\Users\Claude\Desktop\ZHPDiag.txt 2022-12-27 10:20 - 2022-12-27 11:54 - 000000000 ____D C:\Users\Claude\AppData\Roaming\ZHP 2022-12-27 10:20 - 2022-12-27 10:20 - 000000874 _____ C:\Users\Claude\Desktop\ZHPSuite.lnk 2022-12-27 10:20 - 2022-12-27 10:20 - 000000000 ____D C:\Users\Claude\AppData\Local\ZHP 2022-12-27 10:03 - 2022-12-27 10:03 - 003510472 _____ (Nicolas Coolman) C:\Users\Claude\Desktop\ZHPSuite.exe 2022-12-24 11:40 - 2022-12-24 11:40 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2 2022-12-24 11:39 - 2022-12-24 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-12-24 11:10 - 2022-12-24 21:05 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2022-12-24 11:10 - 2022-12-24 20:43 - 000000000 ____D C:\ProgramData\Mozilla 2022-12-24 11:10 - 2022-12-24 11:10 - 000001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2022-12-24 11:10 - 2022-12-24 11:10 - 000001011 _____ C:\Users\Public\Desktop\Thunderbird.lnk 2022-12-24 11:05 - 2022-12-28 07:11 - 000000000 ____D C:\Users\Claude\AppData\LocalLow\Mozilla 2022-12-23 18:20 - 2022-12-23 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antidote 2022-12-23 18:20 - 2022-12-23 18:22 - 000000000 ____D C:\Program Files\Druide 2022-12-23 17:48 - 2022-12-23 18:19 - 000000000 ____D C:\Users\Claude\Desktop\Antidote_11.3.1_B_30_Installation 2022-12-22 15:17 - 2022-12-22 15:17 - 000000000 _____ C:\ProgramData\UpdateLock-3DC0ABAEB5CF8876 2022-12-22 15:10 - 2022-12-22 15:10 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-12-22 15:06 - 2022-12-28 07:11 - 000000000 ____D C:\Users\Claude\AppData\Local\Mozilla Firefox 2022-12-17 17:23 - 2022-12-17 17:23 - 000000000 ___HD C:\$WinREAgent 2022-12-07 09:08 - 2022-12-07 09:07 - 000273816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2022-12-04 08:48 - 2022-12-04 08:48 - 000000000 ____D C:\Program Files (x86)\Druide 2022-12-01 17:30 - 2022-12-01 17:30 - 000001514 _____ C:\Users\Claude\Desktop\PdftkBuilder.lnk 2022-12-01 16:33 - 2022-12-01 16:33 - 000000000 ____D C:\Users\Claude\AppData\LocalLow\Temp 2022-11-30 15:36 - 2022-11-30 15:36 - 000518615 _____ C:\Users\Claude\Desktop\formulaire-de-ratractation-docks-de-la-literie.pdf 2022-11-26 15:59 - 2022-11-26 15:59 - 000062882 _____ C:\Users\Claude\Desktop\MAIF_Avis_Echeance_2023.pdf 2022-11-26 09:13 - 2022-11-26 09:13 - 001003413 _____ C:\Users\Claude\Desktop\VolsFranceMarsAvril.pdf 2022-11-26 07:42 - 2022-11-26 07:42 - 000001673 _____ C:\Users\Claude\Desktop\Comodo Cleaning.lnk 2022-11-26 07:24 - 2022-11-26 07:45 - 000000000 ____D C:\Users\Claude\AppData\Roaming\Comodo 2022-11-22 16:02 - 2022-11-22 16:02 - 000002044 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2022-11-13 11:45 - 2022-11-13 11:45 - 002070217 _____ C:\Users\Claude\Desktop\CIS & Firewall _Tutoriel_installation et configuration sécurisée_Ed 02 - .pdf 2022-11-12 17:34 - 2022-11-12 17:34 - 000000188 ____H C:\Windows\system32\WUL185PO.bin 2022-11-12 17:34 - 2022-11-12 17:34 - 000000188 ____H C:\Windows\A728E1Z5.bin 2022-11-12 17:27 - 2022-12-28 07:21 - 000016684 _____ C:\Windows\system32\Drivers\fvstore.dat 2022-11-12 17:27 - 2022-11-12 17:27 - 000000000 ___HD C:\VTRoot 2022-11-12 17:22 - 2022-11-12 17:22 - 000000000 ____D C:\Users\Claude\Desktop\Antidote_11.2.1.2_B_20_Installation 2022-11-12 12:20 - 2022-11-13 07:27 - 000000000 ____D C:\Users\Claude\Downloads\Druide_Téléchargement 2022-11-12 09:40 - 2022-11-13 11:24 - 000000000 ____D C:\Program Files\RUXIM 2022-11-11 07:51 - 2022-11-11 07:51 - 004476061 _____ C:\Users\Claude\Desktop\ManuelSerie5.pdf 2022-11-01 17:03 - 2022-11-01 17:03 - 000576926 _____ C:\Users\Claude\Desktop\Mongodb-vs-mysql.pdf 2022-10-29 18:01 - 2022-10-29 18:01 - 000002346 _____ C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-12-28 07:06 - 2020-07-04 17:12 - 000005858 _____ C:\Windows\system32\PerfStringBackup.INI 2022-12-28 07:06 - 2019-12-07 15:50 - 002292380 _____ C:\Windows\system32\perfh00C.dat 2022-12-28 07:06 - 2019-12-07 15:50 - 000602730 _____ C:\Windows\system32\perfc00C.dat 2022-12-28 07:05 - 2022-02-14 18:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-12-28 07:04 - 2021-05-14 07:44 - 000000000 ____D C:\Users\Claude\AppData\Roaming\Thunderbird 2022-12-28 07:04 - 2020-07-05 09:02 - 000000000 ____D C:\Users\Claude\AppData\Roaming\Mozilla 2022-12-28 07:02 - 2020-07-05 16:36 - 000000028 _____ C:\Users\Claude\AppData\Roaming\iRotate.INI 2022-12-28 07:02 - 2020-07-04 17:30 - 000000000 ____D C:\ProgramData\Avast Software 2022-12-28 07:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-12-28 07:01 - 2020-07-04 18:03 - 000000000 ____D C:\ProgramData\NVIDIA 2022-12-28 07:01 - 2020-07-04 16:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-12-28 07:01 - 2020-06-17 15:24 - 000008192 ___SH C:\DumpStack.log.tmp 2022-12-27 21:09 - 2020-07-04 17:15 - 000000000 ____D C:\Users\Claude 2022-12-27 21:09 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-12-27 21:07 - 2020-07-04 16:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-12-27 14:41 - 2020-07-05 06:28 - 000000000 ____D C:\Users\Claude\AppData\Local\ClassicShell 2022-12-27 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF 2022-12-26 18:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports 2022-12-26 18:10 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-12-26 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-12-26 07:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-12-24 07:11 - 2020-07-05 16:38 - 000002078 _____ C:\Users\Claude\Desktop\IcoSauve Barre des Taches.lnk 2022-12-23 18:42 - 2021-04-09 17:45 - 000000000 ____D C:\Program Files (x86)\Google 2022-12-23 18:39 - 2021-04-09 17:48 - 000002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-12-23 18:39 - 2021-04-09 17:48 - 000002240 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-12-22 15:10 - 2020-07-05 09:02 - 000001278 _____ C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-12-21 07:26 - 2020-07-04 17:20 - 000000000 ____D C:\Users\Claude\AppData\Local\Packages 2022-12-17 18:19 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-12-17 18:11 - 2020-07-04 17:48 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-12-17 18:08 - 2020-07-04 16:55 - 000484240 _____ C:\Windows\system32\FNTCACHE.DAT 2022-12-17 18:06 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-12-17 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-12-17 17:35 - 2020-06-17 16:23 - 000415650 __RSH C:\bootmgr 2022-12-17 17:34 - 2020-07-04 16:58 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-12-15 08:24 - 2020-07-05 06:40 - 000000000 ____D C:\Users\Claude\AppData\Local\CrashDumps 2022-12-07 09:08 - 2020-09-25 05:57 - 000267888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000695496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000391272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000318456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000297832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000080376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2022-12-07 09:08 - 2020-07-04 17:47 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2022-12-07 09:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-12-07 09:07 - 2020-07-04 17:47 - 000852000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2022-12-07 09:07 - 2020-07-04 17:47 - 000229208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2022-12-07 09:07 - 2020-07-04 17:47 - 000031424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2022-12-01 17:35 - 2020-07-06 17:55 - 000000000 ____D C:\ProgramData\Package Cache 2022-12-01 17:35 - 2020-07-05 10:47 - 000000000 ____D C:\Users\Claude\AppData\Roaming\Foxit Software 2022-12-01 17:35 - 2020-07-05 10:47 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2022-12-01 17:10 - 2020-07-05 10:47 - 000000000 ____D C:\ProgramData\Foxit Software 2022-12-01 17:09 - 2020-07-05 10:47 - 000000000 ____D C:\Users\Public\Foxit Software 2022-11-30 18:25 - 2020-07-08 14:59 - 000000000 ____D C:\Users\Claude\AppData\Local\D3DSCache ==================== Fichiers à la racine de certains dossiers ======== 2020-07-05 17:07 - 2022-09-02 09:40 - 000000656 _____ () C:\Users\Claude\Sauve.bat 2020-07-05 17:07 - 2015-05-07 13:27 - 000000320 _____ () C:\Users\Claude\SauveClSansThund.bat 2020-07-05 17:07 - 2018-10-05 14:18 - 000000534 _____ () C:\Users\Claude\SauveMonique.bat 2020-07-05 17:07 - 2018-05-15 18:59 - 000000356 _____ () C:\Users\Claude\SauveMoniqueDocuments.bat 2020-07-05 17:07 - 2018-04-04 17:25 - 000000558 _____ () C:\Users\Claude\SauveThund.bat 2020-07-05 17:07 - 2018-04-04 17:29 - 000000639 _____ () C:\Users\Claude\SauveTotal.bat 2020-07-05 16:36 - 2022-12-28 07:02 - 000000028 _____ () C:\Users\Claude\AppData\Roaming\iRotate.INI 2020-10-28 11:07 - 2020-10-28 11:07 - 000000017 _____ () C:\Users\Claude\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2020-08-03 11:32 - 2020-08-03 11:32 - 000015872 _____ (Softland) C:\Windows\system32\novami10.dll 2020-08-03 11:31 - 2020-08-03 11:31 - 000018944 _____ (Softland) C:\Windows\system32\novamn10.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll 2020-07-05 09:50 - 2008-12-11 11:40 - 000176128 _____ (Euro Information) C:\Windows\calceuro.exe 2020-07-05 09:50 - 2004-07-19 16:29 - 000102400 _____ (Euro Information) C:\Windows\SysWOW64\CmutEuro32.dll 2006-03-17 11:45 - 2006-03-17 11:45 - 001757184 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagX7.dll 2006-03-17 11:45 - 2006-03-17 11:45 - 000258048 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXR7.dll 2006-03-17 11:45 - 2006-03-17 11:45 - 000802816 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXRA7.dll 2020-07-04 18:03 - 2020-07-04 18:03 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2003-04-18 15:46 - 2003-04-18 15:46 - 001233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4.dll 2003-04-18 15:29 - 2003-04-18 15:29 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 000248120 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll 2006-03-17 14:49 - 2006-03-17 14:49 - 000368640 _____ (Pegasus Imaging Corporation) C:\Windows\SysWOW64\TwnLib4.dll 2021-04-03 22:33 - 2005-06-01 16:46 - 000081920 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\ZDPN50.dll 2022-12-28 07:20 - 2022-12-28 07:20 - 002375680 _____ (Farbar) C:\Users\Claude\Desktop\FRST64.exe 2022-12-27 10:03 - 2022-12-27 10:03 - 003510472 _____ (Nicolas Coolman) C:\Users\Claude\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device unknown description Windows Boot Manager locale fr-FR inherit {globalsettings} default {8f06f68c-b0ae-11ea-9f3a-b6a1675ee04c} resumeobject {0da756e7-1d58-11ec-b954-806e6f6e6963} displayorder {current} {0637b4a6-be17-11ea-99ea-e8709de1aa25} {28e4e2c5-392a-4123-8f2f-806da2014e27} toolsdisplayorder {memdiag} timeout 1 displaybootmenu Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {0637b4a4-be17-11ea-99ea-e8709de1aa25} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{0637b4a5-be17-11ea-99ea-e8709de1aa25} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{0637b4a5-be17-11ea-99ea-e8709de1aa25} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {0637b4a6-be17-11ea-99ea-e8709de1aa25} device partition=\Device\HarddiskVolume1 path \Windows\system32\winload.exe description Windows 7 osdevice partition=\Device\HarddiskVolume1 systemroot \Windows resumeobject {9a975423-c065-11ea-a833-806e6f6e6963} Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale fr-FR osdevice partition=C: systemroot \Windows resumeobject {0da756e7-1d58-11ec-b954-806e6f6e6963} Chargeur de d‚marrage Windows ----------------------------- identificateur {28e4e2c5-392a-4123-8f2f-806da2014e27} device ramdisk=[C:]\AomeiRecovery\AomeiBoot.wim,{b79ccf46-d806-4a77-8fdd-c3a6e3a96392} description Enter into AOMEI Backupper osdevice ramdisk=[C:]\AomeiRecovery\AomeiBoot.wim,{b79ccf46-d806-4a77-8fdd-c3a6e3a96392} systemroot \Windows detecthal Yes winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {0637b4a2-be17-11ea-99ea-e8709de1aa25} device unknown path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {0637b4a4-be17-11ea-99ea-e8709de1aa25} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice unknown filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {0da756e7-1d58-11ec-b954-806e6f6e6963} device partition=C: path \Windows\system32\winresume.exe description Windows 10 locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {48df57a3-b0bf-11ea-aed1-806e6f6e6963} device unknown path \Windows\system32\winresume.exe description Windows 7 SSD locale fr-FR inherit {resumeloadersettings} filedevice unknown filepath \hiberfil.sys debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {9a975423-c065-11ea-a833-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \Windows\system32\winresume.exe description Windows 7 inherit {resumeloadersettings} filedevice partition=\Device\HarddiskVolume1 filepath \hiberfil.sys debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device unknown path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {0637b4a5-be17-11ea-99ea-e8709de1aa25} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {b79ccf46-d806-4a77-8fdd-c3a6e3a96392} ramdisksdidevice partition=C: ramdisksdipath \AomeiRecovery\AomeiBoot.sdi ==================== Fin de FRST.txt ========================