Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2023 Exécuté par Lionel (administrateur) sur LIONEL (Hewlett-Packard HP Pavilion 17 Notebook PC) (14-12-2023 08:11:14) Exécuté depuis C:\Users\Marie-thérese\Desktop\FRST64.exe Profils chargés: Lionel Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe (services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3> (services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1225920 2014-03-28] (NVIDIA CORPORATION -> NVIDIA Corporation) [Fichier non signé] HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [417176 2023-12-13] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\Windows\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-11] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [Fichier non signé] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {293BD608-F0FD-4FC0-BCAE-95901192F0B0} - System32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F} => c:\program files (x86)\google\chrome\application\chrome.exe [3151136 2023-10-02] (Google LLC -> Google LLC) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002 Task: {BC437156-9E86-45F3-8CE5-29C8E94975A2} - System32\Tasks\{F1F66240-E24B-4A2E-BF73-1B9DE5783473} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a E:\Setup.EXE -d E:\ Task: {EF0CD7AE-E582-49E5-8D4F-9E0B3581AD05} - System32\Tasks\{FCF80929-CD22-46CE-91E9-09FF91D5D460} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Lexmark Pro200-S500 Series\Install\x64\instgui.exe" -c /u Task: {CB0BAB38-B254-48F4-8C30-7139D811C105} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {B8B73D45-9D40-405A-B9BF-8952BD1797A6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5094808 2023-12-13] (Avast Software s.r.o. -> AVAST Software) Task: {0F2D4766-9AC8-4FCB-B2FD-DF71595883C1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1398680 2023-11-15] (Avast Software s.r.o. -> AVAST Software) Task: {41E7213A-4557-476C-875B-07A0953B1350} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4845464 2023-11-15] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus). Task: {54F54E9B-2D1A-4DA8-939D-FE06AF5EEFFA} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-11-06] (Avast Software s.r.o. -> Avast Software) Task: {D6EA844B-E77E-46AF-BFCF-A5C0B01E2B93} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software) Task: {5B92BC13-947C-4C69-9685-DC57739EE386} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {4C013249-B762-4003-8C3A-7B9E216D4ED3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "647b8038-0eff-4fc2-8e8f-ff1bf1d4058d" --version "6.18.10838" --silent Task: {23ED960D-33F4-4B4E-B71C-2ADF1879441F} - System32\Tasks\CCleanerSkipUAC - Lionel => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {C5DBEB5F-3D4B-47E7-97E7-98084B0192D1} - System32\Tasks\CCleanerSkipUAC - Marie-thérese => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {9CEDDF20-9D80-4861-9991-4B2A4A48935C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.) Task: {12AD43E8-834C-4D72-A56C-A9C84D388FEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.) Task: {BCF54753-B34C-4E31-9C14-DCE8AA8234E8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2013-11-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) Task: {175AF3B8-7CCA-4303-947F-CC854303676B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {7E4E9DF5-6FF0-48BB-BCC7-AABE38753D5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.) Task: {904C06E5-BCC4-4011-9BFA-0B631E8C2DA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.) Task: {27E87FFD-AFD9-44FB-9B24-491D6A687B9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.) Task: {A55B71CD-8F52-4D4B-9C8D-3ED12D84D61F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.) Task: {518552C8-43B1-48B6-9A03-2E06BF9832D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) Task: {9F9B1DA1-1D18-4249-8816-D76BBFD660B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-08-20] (HP Inc. -> HP Inc.) Task: {6ABD88AC-CFE5-4504-9D03-C963D14B5081} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (Pas de fichier) Task: {E420B155-5FD7-4872-BA69-ECBC67A35A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier) Task: {D3CD811C-3811-4F82-9EEC-8DDEDFDFC984} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe -minimizedBoot (Pas de fichier) Task: {D72B9541-1D4D-48EF-9F88-849F457E457A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {9E6A4803-CDAC-4B0E-AEE5-F6641BA4B90D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation) Task: {46A9F714-E9A6-4E9C-9A58-5BCFFFCE0003} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /analyze (Pas de fichier) Task: {6643511D-08EC-4E37-BD79-850425EF5CBE} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe /submit (Pas de fichier) Task: {BEC12B86-FE2F-4D87-A316-94F45B7786FA} - System32\Tasks\Opera scheduled Autoupdate 1646983174 => C:\Users\Marie-thérese\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {BC8BC67B-CD55-416A-BDED-0FDEC7DF8702} - System32\Tasks\Remediation\AntimalwareMigrationTask => "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon (Pas de fichier) Task: {C35BBB2B-2300-4D60-AFF8-13185E0CC189} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [NameServer] 208.67.220.222,208.67.222.220,192.168.1.1 Tcpip\..\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [NameServer] 208.67.220.222,208.67.222.220 Tcpip\..\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{D8B54409-0E4E-48D1-9997-E0178B88A2ED}: [NameServer] 208.67.220.222,208.67.222.220 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Marie-thérese\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-12] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF DefaultProfile: l7jr1qkr.default FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\l7jr1qkr.default [2020-03-21] FF ProfilePath: C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 [2023-12-14] FF Homepage: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.google.fr/ FF Notifications: Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091 -> hxxps://www.instagram.com FF Extension: (Photon Colors) - C:\Users\Marie-thérese\AppData\Roaming\Mozilla\Firefox\Profiles\8macy2kf.default-release-1596789570091\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2022-01-17] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default [2023-12-14] CHR Notifications: Default -> hxxps://www.facebook.com CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl" CHR Extension: (Infos Social) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoghhfnjcmohkggjidnolmahnpbljkgi [2019-03-04] CHR Extension: (Recherche Google) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09] CHR Extension: (Google Docs hors connexion) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-13] CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-12-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Marie-thérese\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-06] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] Opera: ======= OPR Profile: C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable [2023-12-12] OPR Notifications: Opera Stable -> hxxps://www.facebook.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-16] OPR Extension: (Opera Wallet) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-11-09] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Marie-thérese\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-11] StartMenuInternet: (HKU\S-1-5-21-2790450368-3373794169-1768395478-1001) OperaStable - "C:\Users\Marie-thérese\AppData\Local\Programs\Opera\Launcher.exe" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9065880 2023-12-13] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [753048 2023-12-13] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2335128 2023-12-13] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1157528 2023-12-13] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software) R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1083808 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.) S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] (Intel(R) Smart Connect software -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-12] (Malwarebytes Inc. -> Malwarebytes) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé] R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11227032 2023-11-15] (Avast Software s.r.o. -> AVAST Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) S2 KamoSvc; "C:\Program Files (x86)\Kamo\KamoSvc.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [243248 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [394008 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297984 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39752 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276848 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [561888 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105352 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80528 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [952856 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [711664 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213296 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319672 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [76568 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software) S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-09] (Broadcom Corporation -> Broadcom Corporation.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP) R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP) U3 McAPExe; pas de ImagePath U3 McMPFSvc; pas de ImagePath U3 McNaiAnn; pas de ImagePath U3 mcpltsvc; pas de ImagePath U3 McProxy; pas de ImagePath U3 mfecore; pas de ImagePath U3 MSK80Service; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-12-14 08:11 - 2023-12-14 08:13 - 000031397 _____ C:\Users\Marie-thérese\Desktop\FRST.txt 2023-12-14 08:09 - 2023-12-14 08:12 - 000000000 ____D C:\FRST 2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe 2023-12-14 08:01 - 2023-12-14 08:01 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Downloads\Non confirmé 260342.crdownload 2023-12-14 07:20 - 2023-12-14 07:20 - 000204552 _____ C:\Users\Marie-thérese\Desktop\ZHPDiag.txt 2023-12-14 07:11 - 2023-12-14 07:11 - 000000880 _____ C:\Users\Marie-thérese\Desktop\ZHPSuite.lnk 2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe 2023-12-13 17:49 - 2023-12-13 17:49 - 000314264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2023-12-13 07:01 - 2023-12-13 07:01 - 000000000 ____D C:\ProgramData\Emsisoft 2023-12-12 09:15 - 2023-12-12 09:15 - 586890543 _____ C:\Windows\MEMORY.DMP 2023-12-12 09:15 - 2023-12-12 09:15 - 000319504 _____ C:\Windows\Minidump\121223-33953-01.dmp 2023-12-12 08:35 - 2023-12-14 06:19 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Malwarebytes 2023-12-12 08:35 - 2023-12-12 08:35 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-12-12 08:35 - 2023-12-12 08:35 - 000001971 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-12-12 07:40 - 2023-12-12 07:56 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-12-12 07:39 - 2023-12-12 07:56 - 000000000 ____D C:\Program Files\Malwarebytes 2023-12-12 07:37 - 2023-12-12 07:37 - 002094168 _____ (Malwarebytes) C:\Users\Marie-thérese\Downloads\MBSetup-4.4.0.222.exe 2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ C:\Users\Marie-thérese\AppData\Local\recently-used.xbel 2023-12-07 10:20 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\arb_fichiers 2023-12-07 10:20 - 2023-12-07 10:20 - 000593501 _____ C:\Users\Marie-thérese\Downloads\arb.html 2023-12-07 08:39 - 2023-12-07 08:39 - 000088245 _____ C:\Users\Marie-thérese\Downloads\37 Oil Paintings By Iranian Artist Ahmad Haraji.jpeg 2023-12-07 07:47 - 2023-12-07 10:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Gif 2023-12-05 15:33 - 2023-12-12 07:11 - 000000000 ____D C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette_fichiers 2023-12-05 15:33 - 2023-12-05 15:33 - 000644353 _____ C:\Users\Marie-thérese\Downloads\230 idées de Bouquets de violettes en 2023 arrangements floraux, violette de toulouse, fleurs violette.html 2023-11-28 07:19 - 2023-12-05 09:03 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux art majeur 2023-11-25 07:22 - 2023-11-25 07:22 - 000031026 _____ C:\Users\Marie-thérese\Downloads\justificatif-de-vente_116632257_331488-A.pdf 2023-11-25 07:16 - 2023-11-25 07:16 - 000165378 _____ C:\Users\Marie-thérese\Downloads\8R44055561932.pdf 2023-11-22 06:55 - 2023-11-23 07:15 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-11-19 11:36 - 2023-11-19 11:36 - 000000477 _____ C:\Users\Marie-thérese\Desktop\My Passport (F) - Raccourci.lnk 2023-11-19 09:49 - 2023-11-19 10:01 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 2 2023-11-19 09:43 - 2023-11-19 09:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\téléphone vivi 2023 2023-11-19 09:15 - 2023-11-19 09:34 - 000000000 ____D C:\Users\Marie-thérese\Downloads\photos téléphone vivi 1 2023-11-14 14:22 - 2023-11-14 14:22 - 000225011 _____ C:\Users\Marie-thérese\Downloads\attestation matmut pour salle d allouis.pdf 2023-11-13 17:45 - 2023-11-13 17:50 - 000000000 ____D C:\Users\Marie-thérese\Downloads\[ Torrent9.pe ] Les.Grands.Esprits.2017.FRENCH.HDRip.XviD-FuN 2023-10-17 07:05 - 2023-10-17 07:05 - 000033800 _____ C:\Users\Marie-thérese\Downloads\Facture_629456.pdf 2023-10-11 13:24 - 2023-10-11 13:25 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Côte de Granit 2023 2023-10-02 06:30 - 2023-10-02 06:30 - 000187601 _____ C:\Users\Marie-thérese\Downloads\ExpositionVaryeA3_compressed-1.pdf 2023-09-25 06:39 - 2023-09-25 06:39 - 000047882 _____ C:\Users\Marie-thérese\Downloads\Facture n° 2600842678.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-12-14 08:06 - 2022-02-18 12:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-12-14 08:03 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF 2023-12-14 07:44 - 2014-08-19 16:38 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-14 07:20 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\ZHP 2023-12-14 07:18 - 2022-10-13 06:25 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2023-12-14 07:11 - 2022-05-27 06:24 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\ZHP 2023-12-14 06:40 - 2022-05-26 07:06 - 000000000 ____D C:\Users\Marie-thérese\Downloads\film 2023-12-14 06:34 - 2022-08-16 05:32 - 000000000 ____D C:\Users\Marie-thérese\Documents\Youcam 2023-12-14 06:22 - 2014-05-07 23:16 - 000842170 _____ C:\Windows\system32\perfh00C.dat 2023-12-14 06:22 - 2014-05-07 23:16 - 000172516 _____ C:\Windows\system32\perfc00C.dat 2023-12-14 06:22 - 2014-03-18 10:53 - 001963534 _____ C:\Windows\system32\PerfStringBackup.INI 2023-12-14 06:22 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2023-12-14 06:16 - 2023-08-02 10:40 - 000003938 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update 2023-12-14 06:15 - 2014-06-17 05:51 - 000000000 ____D C:\ProgramData\NVIDIA 2023-12-14 06:15 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-12-13 18:02 - 2020-03-21 11:31 - 000000000 ____D C:\ProgramData\AVAST Software 2023-12-13 17:50 - 2022-06-17 09:58 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2023-12-13 17:49 - 2020-10-08 10:31 - 000276848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2023-12-13 17:49 - 2020-05-01 09:35 - 000561888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000711664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000319672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000297984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000243248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000105352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000080528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2023-12-13 17:49 - 2020-03-21 11:34 - 000039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2023-12-13 17:48 - 2020-03-21 11:34 - 000952856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2023-12-13 17:48 - 2020-03-21 11:34 - 000394008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2023-12-13 17:48 - 2020-03-21 11:34 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2023-12-13 16:15 - 2022-06-11 07:02 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe 2023-12-13 16:15 - 2014-08-19 14:14 - 000000000 ____D C:\Users\Marie-thérese 2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\Downloads\.opera 2023-12-13 06:40 - 2022-08-20 05:42 - 000000000 ___HD C:\Users\Marie-thérese\.opera 2023-12-12 09:27 - 2014-08-19 16:32 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2790450368-3373794169-1768395478-1001 2023-12-12 09:15 - 2023-01-27 08:49 - 000000000 ____D C:\Windows\Minidump 2023-12-12 07:56 - 2022-01-06 09:41 - 000002026 ____C C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk 2023-12-12 07:39 - 2014-08-19 16:38 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2023-12-12 07:39 - 2014-08-19 16:38 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2023-12-12 07:11 - 2022-05-22 10:07 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\PhotoFiltre 7 2023-12-12 07:09 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-12 07:04 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\registration 2023-12-12 07:02 - 2020-03-21 12:58 - 000000000 ____D C:\Program Files\CCleaner 2023-12-12 07:02 - 2020-03-21 12:47 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\Mozilla 2023-12-11 14:42 - 2014-09-23 20:02 - 000000000 ____D C:\Users\Marie-thérese\AppData\Local\CrashDumps 2023-12-10 18:26 - 2022-05-12 13:26 - 000007396 _____ C:\Users\Marie-thérese\Downloads\identifiants.txt 2023-12-08 09:27 - 2022-07-04 16:17 - 000000000 ____D C:\Users\Marie-thérese\Downloads\caisse epargne lionel viviane 2023-12-04 07:11 - 2022-05-25 06:44 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Tableaux et images lionel 2023-12-02 16:36 - 2023-01-17 08:52 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\vlc 2023-12-01 06:53 - 2022-10-13 06:25 - 000003236 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2023-12-01 06:53 - 2020-03-21 12:58 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2023-11-30 16:47 - 2023-01-17 08:51 - 000000894 _____ C:\Users\Public\Desktop\VLC media player.lnk 2023-11-28 22:35 - 2023-02-23 11:29 - 000004090 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1646983174 2023-11-28 22:35 - 2022-10-20 12:36 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-11-28 22:35 - 2022-01-17 08:30 - 000002806 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Lionel 2023-11-28 22:35 - 2020-08-13 11:04 - 000003588 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-11-28 22:35 - 2020-08-13 11:04 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-11-28 22:35 - 2020-03-21 11:36 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2023-11-28 22:35 - 2014-09-01 14:12 - 000003164 _____ C:\Windows\system32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F} 2023-11-27 20:17 - 2022-05-16 13:18 - 000000000 ____D C:\Users\Marie-thérese\AppData\Roaming\deluge 2023-11-23 07:15 - 2020-03-21 12:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-11-22 07:16 - 2022-01-05 11:14 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2023-11-22 07:16 - 2020-03-21 12:47 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-11-20 22:09 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2023-11-19 11:26 - 2022-08-15 15:15 - 000000000 ____D C:\Users\Marie-thérese\Downloads\Divers VIVI 2023-11-15 11:40 - 2022-10-20 12:34 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-11-15 08:31 - 2014-08-28 18:24 - 000000000 ____D C:\Windows\system32\MRT 2023-11-15 08:22 - 2014-08-28 18:24 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe 2023-01-02 13:45 - 2023-01-02 13:45 - 000000664 _____ () C:\Users\Marie-thérese\AppData\Roaming\OEMSDKHASH.txt 2023-03-19 10:25 - 2023-03-19 10:25 - 000004096 ____H () C:\Users\Marie-thérese\AppData\Local\keyfile3.drm 2023-12-08 20:37 - 2023-12-08 20:37 - 000000218 _____ () C:\Users\Marie-thérese\AppData\Local\recently-used.xbel 2022-06-13 11:56 - 2022-09-22 12:39 - 000007605 _____ () C:\Users\Marie-thérese\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2012-10-09 08:39 - 2012-10-09 08:39 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\capicom.dll 2014-05-07 13:58 - 2011-08-24 08:52 - 000117248 _____ (Hewlett-Packard) C:\Windows\system32\HPMUIDir.exe 2009-02-20 07:48 - 2009-02-20 07:48 - 000381440 _____ () C:\Windows\system32\lxebsm.dll 2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\system32\lxebsmr.dll 2014-06-17 05:52 - 2014-03-28 18:53 - 001225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-06-17 05:39 - 2013-08-05 20:50 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-08-27 13:00 - 2013-08-27 13:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll 2009-02-20 07:48 - 2009-02-20 07:48 - 000299008 _____ () C:\Windows\SysWOW64\lxebsm.dll 2009-04-28 06:56 - 2009-04-28 06:56 - 000024064 _____ () C:\Windows\SysWOW64\lxebsmr.dll 2014-06-17 05:52 - 2014-03-28 18:53 - 001081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2006-10-26 12:45 - 2006-10-26 12:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WISPTIS.EXE 2014-09-01 13:55 - 2009-11-04 12:18 - 000189440 _____ () C:\Windows\system32\spool\prtprocs\x64\lxebdrpp.dll 2022-06-11 07:02 - 2023-12-13 16:15 - 003362976 _____ (Nicolas Coolman) C:\Users\Marie-thérese\ZHPCleaner.exe 2023-12-14 08:08 - 2023-12-14 08:07 - 002386432 _____ (Farbar) C:\Users\Marie-thérese\Desktop\FRST64.exe 2023-12-14 07:09 - 2023-12-14 07:08 - 003570848 _____ (Nicolas Coolman) C:\Users\Marie-thérese\Desktop\ZHPSuite.exe 2022-05-22 10:02 - 2022-05-22 10:03 - 005202180 _____ C:\Users\Marie-thérese\Downloads\pf7-setup-fr-7.2.1.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {3fc8fdcc-2d85-11e6-8299-806e6f6e6963} {3fc8fdca-2d85-11e6-8299-806e6f6e6963} {3fc8fdcb-2d85-11e6-8299-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} integrityservices Enable default {current} resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {3fc8fdca-2d85-11e6-8299-806e6f6e6963} description USB Drive (UEFI) Application logicielle (101fffff) -------------------------------- identificateur {3fc8fdcb-2d85-11e6-8299-806e6f6e6963} description Internal CD/DVD ROM Drive (UEFI) Application logicielle (101fffff) -------------------------------- identificateur {3fc8fdcc-2d85-11e6-8299-806e6f6e6963} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {70412f38-f62c-11e3-9b0e-96ffc2b32d0e} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {ac837cc5-f5d8-11e3-8258-806e6f6e6963} description Internal Hard Disk or Solid State Disk Application logicielle (101fffff) -------------------------------- identificateur {fcee44da-fe62-11e3-92cf-806e6f6e6963} description Internal Hard Disk or Solid State Disk Chargeur de démarrage Windows ----------------------------- identificateur {6561f52b-f5ea-11e3-825c-142d27dc50f0} device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{6561f52c-f5ea-11e3-825c-142d27dc50f0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 8.1 locale fr-FR inherit {bootloadersettings} recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0} integrityservices Enable recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {70412f39-f62c-11e3-9b0e-96ffc2b32d0e} nx OptIn bootmenupolicy Standard Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {70412f39-f62c-11e3-9b0e-96ffc2b32d0e} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {6561f52b-f5ea-11e3-825c-142d27dc50f0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {6561f52c-f5ea-11e3-825c-142d27dc50f0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume1 ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2023-12-13 07:42 ==================== Fin de FRST.txt ========================