cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2022
Exécuté par Psych (administrateur) sur LAPTOP-ABE5EPBT (Acer Aspire E5-523G) (28-10-2022 07:31:35)
Exécuté depuis C:\Users\Psych\Desktop
Profils chargés: Psych
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2130 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212192 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1293743166-411171862-1139664926-1001\...\Run: [MicrosoftEdgeAutoLaunch_D3F70B7D7C9721DF60ACECFA1C2BC6AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0C6CDF48-17EB-4B61-9819-F63257BAAD14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4946144 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
Task: {16DD17B3-02BC-45E8-B7DE-02829102459D} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {28D7243D-8DBD-484F-8DA8-061A391E51FB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (Pas de fichier)
Task: {2FB14086-EB68-45AD-BBE8-B17B91B28A6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {52BF9C25-B86A-4B5A-9329-3B4B249ADD6E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {52E091DD-1F5D-45FB-92F0-F0748722D5A2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {582B390E-2B3A-4D41-BCEE-1E58E4718AC5} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {5E7D664F-F237-488D-8488-B0D940A165DE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {72095355-9148-4CB3-AB56-BA762C866660} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7CBF0B9B-0512-47FD-B7C4-0F491A02EB8B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-14] (Adobe Inc. -> Adobe)
Task: {8C3615F1-208D-4FA0-97B0-8153F309923D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> )
Task: {B9F47175-F3DA-4310-9CB4-810229B80289} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier)
Task: {C13141E4-FC32-4E17-AB01-203D864FB859} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-12-02] (Acer Incorporated -> Acer Incorporated)
Task: {D2FC16C6-344E-4434-857E-1669029EBFCD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-09-10] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {D5E3E407-3E57-48BE-9CB7-BD66B0DDCB55} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {DE159F22-CC55-44DE-96E8-051D539735C0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {FB779937-04BA-413B-B17F-1E191539F0ED} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Pas de fichier)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85da40b5-55a6-4776-aa67-39a15181517a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{8c7c33bf-e368-4538-8842-1674f029ee7e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a119e1d5-dd27-4f98-9824-42a3d7ff2ea7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3d5298f-39ff-42da-917b-53d0cf37c48c}: [DhcpNameServer] 192.168.42.129

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-28]
Edge Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpmacpalonncbafboibpcjcpadloannb [2022-10-22]

FireFox:
========
FF DefaultProfile: qll0ygox.default-1526207948301
FF ProfilePath: C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 [2022-10-28]
FF Homepage: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.msn.com/fr-fr
FF Notifications: Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301 -> hxxps://www.running-addict.fr
FF Extension: (eID Belgique) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-03]
FF Extension: (Notifier for Gmail™) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-09-18]
FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\sp@avast.com.xpi [2022-08-22]
FF Extension: (FoE - Assistant) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2022-10-27]
FF Extension: (Connective signing extension) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2021-07-16]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Psych\AppData\Roaming\Mozilla\Firefox\Profiles\qll0ygox.default-1526207948301\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-14] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1293743166-411171862-1139664926-1001: connective.be/BrowserPlugin -> C:\Users\Psych\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [592608 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [592096 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-10-10] (HP Inc. -> HP Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-03] (Avast Software s.r.o. -> AVAST Software)
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-10-28 07:31 - 2022-10-28 07:32 - 000017471 _____ C:\Users\Psych\Desktop\FRST.txt
2022-10-28 07:30 - 2022-10-28 07:31 - 000000000 ____D C:\FRST
2022-10-28 07:29 - 2022-10-28 07:29 - 002373632 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe
2022-10-28 07:25 - 2022-10-28 07:25 - 000318824 _____ C:\Users\Psych\Desktop\ZHPDiag.txt
2022-10-28 07:14 - 2022-10-28 07:25 - 000000000 ____D C:\Users\Psych\AppData\Roaming\ZHP
2022-10-28 07:14 - 2022-10-28 07:14 - 000000914 _____ C:\Users\Psych\Desktop\ZHPSuite.lnk
2022-10-28 07:14 - 2022-10-28 07:14 - 000000842 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZHPSuite.lnk
2022-10-27 17:57 - 2022-10-28 07:14 - 000000000 ____D C:\Users\Psych\Desktop\ZHP
2022-10-27 17:57 - 2022-10-27 17:57 - 000000000 ____D C:\Users\Psych\AppData\Local\ZHP
2022-10-27 12:26 - 2022-10-28 07:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-21 18:21 - 2022-10-21 18:21 - 000002232 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-14 05:38 - 2022-10-14 05:38 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-10-12 06:08 - 2022-10-12 06:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 06:08 - 2022-10-12 06:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 06:08 - 2022-10-12 06:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-12 06:07 - 2022-10-12 06:07 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 06:07 - 2022-10-12 06:07 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-12 05:54 - 2022-10-12 05:54 - 000000000 ___HD C:\$WinREAgent
2022-10-11 17:26 - 2022-10-11 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-10-11 17:22 - 2022-10-11 17:47 - 000000000 ____D C:\Users\Psych\Desktop\Engie financement
2022-10-04 14:43 - 2022-10-04 14:35 - 000186525 _____ C:\Users\Psych\Desktop\Questionnaire-patient_juillet_2019.pdf
2022-10-04 14:36 - 2022-10-04 14:35 - 000023244 _____ C:\Users\Psych\Desktop\9dda2cf6-540e-48a8-b305-a5c546ffd459.pdf
2022-10-03 17:34 - 2022-10-03 17:34 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-10-03 17:34 - 2022-10-03 17:34 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-09-18 21:03 - 2022-09-18 21:15 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (6)
2022-09-18 20:25 - 2022-09-18 20:52 - 000000000 ____D C:\Users\Psych\Desktop\Nouveau dossier (5)
2022-09-14 22:28 - 2022-09-14 22:28 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-14 22:28 - 2022-09-14 22:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-08-22 17:39 - 2022-08-22 17:39 - 001010620 _____ C:\WINDOWS\Minidump\082222-14906-01.dmp
2022-08-11 00:04 - 2022-08-11 00:04 - 000000000 ____D C:\Users\Psych\Desktop\Bridget
2022-08-10 22:19 - 2022-08-10 22:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 22:19 - 2022-08-10 22:19 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 22:17 - 2022-08-10 22:17 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 22:16 - 2022-08-10 22:16 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 22:16 - 2022-08-10 22:16 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-10-28 07:31 - 2020-11-07 21:05 - 000000000 ____D C:\Users\defaultuser0
2022-10-28 07:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-28 07:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-28 07:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-28 07:11 - 2018-05-12 23:02 - 000000000 ____D C:\Users\Psych\AppData\LocalLow\Mozilla
2022-10-28 07:10 - 2020-11-07 21:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-28 07:10 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-10-28 07:10 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-10-28 07:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-28 07:08 - 2020-11-07 21:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-28 07:08 - 2020-11-07 21:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2022-10-28 07:07 - 2019-11-22 16:08 - 000000000 ___RD C:\Users\Psych\OneDrive
2022-10-28 07:06 - 2020-11-07 21:05 - 000000000 ____D C:\Users\Psych
2022-10-28 07:05 - 2020-11-13 07:49 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-28 07:05 - 2020-11-07 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-28 07:05 - 2020-11-07 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-28 07:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-28 07:05 - 2018-05-13 12:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-27 16:38 - 2021-09-25 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-27 16:38 - 2018-05-13 12:39 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-27 12:58 - 2018-07-31 08:40 - 000000000 ____D C:\Users\Psych\AppData\Local\AVAST Software
2022-10-26 14:22 - 2018-05-12 23:55 - 000000000 ____D C:\Users\Psych\AppData\Local\CrashDumps
2022-10-25 15:35 - 2019-12-11 18:54 - 000000000 ____D C:\ProgramData\Autodesk
2022-10-25 15:29 - 2019-12-11 19:10 - 000000000 ____D C:\Program Files (x86)\Autodesk
2022-10-25 15:14 - 2017-01-24 12:49 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-25 14:35 - 2020-11-07 21:15 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-25 14:35 - 2020-11-07 21:05 - 000002466 _____ C:\Users\Psych\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-23 14:31 - 2020-07-04 22:58 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-23 14:31 - 2020-07-04 22:58 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-21 18:21 - 2022-02-09 15:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-19 22:01 - 2021-12-11 05:08 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1293743166-411171862-1139664926-1001
2022-10-16 17:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-15 08:47 - 2020-11-07 21:15 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 08:47 - 2020-11-07 21:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-12 17:17 - 2018-05-12 23:31 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-12 07:03 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-10-12 07:03 - 2017-06-09 18:30 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-10-12 07:02 - 2020-11-07 21:02 - 000456304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 07:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-12 06:13 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 06:13 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 06:07 - 2020-11-07 21:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-12 05:52 - 2018-05-13 14:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 05:46 - 2018-05-13 14:37 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-11 17:26 - 2021-06-18 14:01 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-10-03 17:34 - 2020-10-26 19:25 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-10-03 17:34 - 2020-04-20 22:24 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-10-03 17:34 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-03 17:34 - 2019-01-10 11:00 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-10-03 17:34 - 2019-01-10 11:00 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-10-03 17:34 - 2019-01-10 11:00 - 000042296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-10-03 17:34 - 2018-10-24 06:50 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-10-03 17:34 - 2018-05-12 23:35 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-10-03 17:33 - 2019-01-14 18:20 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys

==================== SigCheckExt =========================

2017-06-09 18:33 - 2016-07-16 13:43 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEShims.dll
2013-03-01 03:47 - 2013-03-01 03:47 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2022-10-28 07:29 - 2022-10-28 07:29 - 002373632 _____ (Farbar) C:\Users\Psych\Desktop\FRST64.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
{2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
timeout 0

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fb-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:

Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fd-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:

Application logicielle (101fffff)
--------------------------------
identificateur {1ff6e0fe-4d90-11e7-b0d4-a81e849e78a1}
description Unknown Device:

Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d6-4d0a-11e7-bef6-806e6f6e6963}
description EFI USB Device

Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d7-4d0a-11e7-bef6-806e6f6e6963}
description EFI DVD/CDROM

Application logicielle (101fffff)
--------------------------------
identificateur {2b0723d8-4d0a-11e7-bef6-806e6f6e6963}
description EFI Network

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b5f95ce1-212b-11eb-946b-ff6bb89960be}
nx OptIn
bootmenupolicy Standard

Chargeur de d‚marrage Windows
-----------------------------
identificateur {b5f95ce3-212b-11eb-946b-ff6bb89960be}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b5f95ce4-212b-11eb-946b-ff6bb89960be}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {b5f95ce1-212b-11eb-946b-ff6bb89960be}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b5f95ce3-212b-11eb-946b-ff6bb89960be}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {b5f95ce4-212b-11eb-946b-ff6bb89960be}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité