Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01.07.2024
Exécuté par nadia (administrateur) sur HOME (Hewlett-Packard HP Pavilion 17 Notebook PC) (02-07-2024 11:30:59)
Exécuté depuis C:\Users\nadia\Desktop\FRST64.exe
Profils chargés: nadia
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Advanced Micro Devices Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(explorer.exe ->) (Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(services.exe ->) (INDEX EDUCATION SAS -> Index Education) C:\Program Files (x86)\Index Education\mise a jour automatique\ServiceMiseAJourIndex.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(svchost.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11219376 2021-02-18] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\MountPoints2: {25681a73-6785-11e4-8261-485ab6822d26} - "F:\Driver\DriverInstaller.exe" -eject
HKU\S-1-5-21-3242392020-1027900930-1581306598-500\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-500\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter (Pas de fichier)
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [196096 2024-01-29] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-10-28] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {6A728A66-4F39-42D0-9B2B-B399CD45717C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {4C6C396D-5A6B-4DE9-93C1-EC2A882030A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {D6457740-B1F8-4FAE-A0EA-B8FC4CD47A9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {F73ADDED-F3F4-4F94-B9E3-C1CED5E0584E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {E3FB6317-706E-41CD-8FB3-CB20136A1AAE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {3DEDB9CC-C0DB-4EC5-A8AA-6DF43E264FB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {D40CF718-D84B-4392-98C2-ED4C291BFE64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {66DE3D32-283F-4051-8226-82D871029866} - System32\Tasks\GoogleUpdateTaskMachineUA1d139cc2086f5a4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {4723A2BB-EA37-47D0-B188-38B031D81658} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-15] (HP Inc. -> ) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {EA8B860B-35C7-4323-B9EB-3702DB4F05A3} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {3A1D219F-05FB-4EFB-9041-0F433E260743} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {D100C40D-0804-4709-B53E-325D0551D173} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-10-28] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show
Task: {89FC6ACC-85E3-43F6-83AA-E601EFF68746} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {63E4E2A0-6A1E-4981-8C1E-BEFD3D93EA46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {4C97A39B-7C76-406F-91F9-F9E052A2C0FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r
Task: {82F2A7DF-FCB5-42C0-80A0-35C53EEE8DF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {7E90A9E8-CABF-4E3B-BBE6-82604F80A46D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/InstallUpdates
Task: {9FC861B7-4F1E-4863-A16C-9A4D3787E034} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {E6A557CC-785B-433C-A27B-D5FED45D2A33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {C5CD3E38-C860-4A2A-88CD-BBBEF3786566} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EABD9682-F62B-4D68-A6D4-570CC36E29A4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2024-06-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {B69C59D0-37B4-4AF9-A756-F3F0F6D129DF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2024-06-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9451F16-D186-48FD-A156-88D66547C5AD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {20880766-54A6-414C-BCD0-97D28F56C793} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-10-28] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\2426F687D2348354141424: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\2426F687D2348354141424: [DhcpDomain] lan
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\C496675626F687D293733303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\C496675626F687D293733303: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\nadia\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-08]
FireFox:
========
FF DefaultProfile: tllgaald.default-1545643723478
FF ProfilePath: C:\Users\nadia\AppData\Roaming\Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 [2024-07-02]
FF Notifications: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> hxxps://my.medaviz.io
FF HomepageOverride: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> Disabled: _euMembers_@free.filesendsuite.com
FF NewTabOverride: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> Disabled: _euMembers_@free.filesendsuite.com
FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\nadia\AppData\Roaming\Mozilla\Firefox\Profiles\tllgaald.default-1545643723478\Extensions\sp@avast.com.xpi [2023-07-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default [2024-07-02]
CHR Notifications: Default -> hxxps://classevirtuelle.cned.fr; hxxps://sessions.gotoresolve.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Recherche Google) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-09]
CHR Extension: (HP Network Check Launcher) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-09-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-07-17] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc. -> Apple Inc.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [Fichier non signé]
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R2 MajIndexEducationService; C:\program files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe [5933688 2024-02-06] (INDEX EDUCATION SAS -> Index Education)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 MpKsl26a37722; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841938F5-5272-401F-B75D-F85C998808AC}\MpKslDrv.sys [50456 2024-06-02] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl57b4761e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841938F5-5272-401F-B75D-F85C998808AC}\MpKslDrv.sys [50456 2024-06-02] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (Hewlett-Packard Company -> HP Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-02 11:30 - 2024-07-02 11:36 - 000028079 _____ C:\Users\nadia\Desktop\FRST.txt
2024-07-02 11:28 - 2024-07-02 11:34 - 000000000 ____D C:\FRST
2024-07-02 11:03 - 2024-07-02 11:19 - 002395648 _____ (Farbar) C:\Users\nadia\Desktop\FRST64.exe
2024-07-02 10:52 - 2024-07-02 10:52 - 000053682 _____ C:\Users\nadia\Downloads\annexe_2_-_services_de_gestion_du_rectorat (1).pdf
2024-07-02 10:51 - 2024-07-02 10:51 - 000103340 _____ C:\Users\nadia\Downloads\contacts-la-dpe-38573.pdf
2024-06-12 05:43 - 2024-07-02 09:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-02 14:20 - 2024-06-02 14:20 - 003370144 _____ (Nicolas Coolman) C:\Users\nadia\Downloads\ZHPDiag3.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-02 10:42 - 2014-07-02 22:12 - 000000000 ____D C:\Program Files (x86)\Google
2024-07-02 10:29 - 2022-02-17 08:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-02 09:53 - 2014-07-02 21:54 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3242392020-1027900930-1581306598-1002
2024-07-02 09:43 - 2022-10-17 13:41 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-07-02 09:43 - 2022-10-17 13:41 - 000002074 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2024-07-02 09:36 - 2018-09-01 00:46 - 000000000 ____D C:\Users\nadia\AppData\Local\CrashDumps
2024-07-02 09:35 - 2023-09-13 11:28 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-07-02 09:32 - 2019-07-15 19:49 - 000000000 ___RD C:\Users\nadia\iCloudDrive
2024-07-02 09:31 - 2014-03-15 13:13 - 000000000 __RDO C:\Users\nadia\SkyDrive
2024-07-02 09:26 - 2018-12-24 11:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-07-02 09:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-26 10:16 - 2021-09-06 00:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-26 10:16 - 2018-12-24 11:28 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-12 06:39 - 2013-10-07 08:01 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-06-12 05:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2024-06-11 19:33 - 2020-07-03 08:01 - 000003590 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-11 19:33 - 2020-07-03 08:01 - 000003462 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-11 19:21 - 2013-08-26 08:04 - 000000000 ____D C:\Users\Administrator
2024-06-11 19:13 - 2014-07-02 21:36 - 000000000 ____D C:\Users\nadia
2024-06-11 19:12 - 2018-04-23 12:24 - 000000000 ____D C:\Users\nadia\AppData\Local\AVAST Software
2024-06-11 19:12 - 2014-07-02 22:47 - 000000000 ____D C:\ProgramData\AVAST Software
2024-06-03 12:59 - 2014-03-15 11:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-06-02 14:57 - 2013-09-10 01:16 - 000840966 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-02 14:57 - 2013-09-10 01:16 - 000171814 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-02 14:57 - 2013-08-26 08:09 - 001960240 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-02 14:31 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2024-06-02 14:26 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-02 14:17 - 2016-01-20 20:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
==================== Fichiers à la racine de certains dossiers ========
2017-03-25 19:29 - 2017-03-25 19:29 - 000000000 _____ () C:\Users\nadia\AppData\Local\{0E160622-E651-4AB7-9F59-B28DC084A43F}
2017-03-20 19:47 - 2017-03-20 19:47 - 000000000 _____ () C:\Users\nadia\AppData\Local\{8B5F4E9C-23DA-46D5-9F97-5ECDEB6C872B}
2017-12-03 19:15 - 2017-12-03 19:15 - 000000000 _____ () C:\Users\nadia\AppData\Local\{941B05FE-739D-4B4C-BEA5-B5816C3A4F54}
2016-11-07 17:54 - 2016-11-07 17:54 - 000000000 _____ () C:\Users\nadia\AppData\Local\{9EBF0169-9ED5-4A20-8DBA-7CC621B2AAB5}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-07-02 09:53
==================== Fin de FRST.txt ========================
Exécuté par nadia (administrateur) sur HOME (Hewlett-Packard HP Pavilion 17 Notebook PC) (02-07-2024 11:30:59)
Exécuté depuis C:\Users\nadia\Desktop\FRST64.exe
Profils chargés: nadia
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Advanced Micro Devices Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(explorer.exe ->) (Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) () [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(services.exe ->) (INDEX EDUCATION SAS -> Index Education) C:\Program Files (x86)\Index Education\mise a jour automatique\ServiceMiseAJourIndex.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(svchost.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11219376 2021-02-18] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-06-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-1002\...\MountPoints2: {25681a73-6785-11e4-8261-485ab6822d26} - "F:\Driver\DriverInstaller.exe" -eject
HKU\S-1-5-21-3242392020-1027900930-1581306598-500\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-3242392020-1027900930-1581306598-500\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter (Pas de fichier)
HKU\S-1-5-18\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp. -> CyberLink Corp.)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [196096 2024-01-29] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-10-28] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {6A728A66-4F39-42D0-9B2B-B399CD45717C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {4C6C396D-5A6B-4DE9-93C1-EC2A882030A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {D6457740-B1F8-4FAE-A0EA-B8FC4CD47A9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {F73ADDED-F3F4-4F94-B9E3-C1CED5E0584E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {E3FB6317-706E-41CD-8FB3-CB20136A1AAE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {3DEDB9CC-C0DB-4EC5-A8AA-6DF43E264FB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {D40CF718-D84B-4392-98C2-ED4C291BFE64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {66DE3D32-283F-4051-8226-82D871029866} - System32\Tasks\GoogleUpdateTaskMachineUA1d139cc2086f5a4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
Task: {4723A2BB-EA37-47D0-B188-38B031D81658} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-15] (HP Inc. -> ) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {EA8B860B-35C7-4323-B9EB-3702DB4F05A3} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {3A1D219F-05FB-4EFB-9041-0F433E260743} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {D100C40D-0804-4709-B53E-325D0551D173} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-10-28] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show
Task: {89FC6ACC-85E3-43F6-83AA-E601EFF68746} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {63E4E2A0-6A1E-4981-8C1E-BEFD3D93EA46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {4C97A39B-7C76-406F-91F9-F9E052A2C0FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r
Task: {82F2A7DF-FCB5-42C0-80A0-35C53EEE8DF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {7E90A9E8-CABF-4E3B-BBE6-82604F80A46D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/InstallUpdates
Task: {9FC861B7-4F1E-4863-A16C-9A4D3787E034} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {E6A557CC-785B-433C-A27B-D5FED45D2A33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {C5CD3E38-C860-4A2A-88CD-BBBEF3786566} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EABD9682-F62B-4D68-A6D4-570CC36E29A4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2024-06-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {B69C59D0-37B4-4AF9-A756-F3F0F6D129DF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2024-06-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9451F16-D186-48FD-A156-88D66547C5AD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {20880766-54A6-414C-BCD0-97D28F56C793} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-10-28] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\2426F687D2348354141424: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\2426F687D2348354141424: [DhcpDomain] lan
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\C496675626F687D293733303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A23D699-DCAD-4C05-880B-CDD309D148E8}\C496675626F687D293733303: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\nadia\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-08]
FireFox:
========
FF DefaultProfile: tllgaald.default-1545643723478
FF ProfilePath: C:\Users\nadia\AppData\Roaming\Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 [2024-07-02]
FF Notifications: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> hxxps://my.medaviz.io
FF HomepageOverride: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> Disabled: _euMembers_@free.filesendsuite.com
FF NewTabOverride: Mozilla\Firefox\Profiles\tllgaald.default-1545643723478 -> Disabled: _euMembers_@free.filesendsuite.com
FF Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\nadia\AppData\Roaming\Mozilla\Firefox\Profiles\tllgaald.default-1545643723478\Extensions\sp@avast.com.xpi [2023-07-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default [2024-07-02]
CHR Notifications: Default -> hxxps://classevirtuelle.cned.fr; hxxps://sessions.gotoresolve.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Recherche Google) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-09]
CHR Extension: (HP Network Check Launcher) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-09-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-07-17] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [Fichier non signé]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc. -> Apple Inc.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [Fichier non signé]
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc -> Google Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R2 MajIndexEducationService; C:\program files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe [5933688 2024-02-06] (INDEX EDUCATION SAS -> Index Education)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 MpKsl26a37722; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841938F5-5272-401F-B75D-F85C998808AC}\MpKslDrv.sys [50456 2024-06-02] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl57b4761e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841938F5-5272-401F-B75D-F85C998808AC}\MpKslDrv.sys [50456 2024-06-02] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (Hewlett-Packard Company -> HP Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-02 11:30 - 2024-07-02 11:36 - 000028079 _____ C:\Users\nadia\Desktop\FRST.txt
2024-07-02 11:28 - 2024-07-02 11:34 - 000000000 ____D C:\FRST
2024-07-02 11:03 - 2024-07-02 11:19 - 002395648 _____ (Farbar) C:\Users\nadia\Desktop\FRST64.exe
2024-07-02 10:52 - 2024-07-02 10:52 - 000053682 _____ C:\Users\nadia\Downloads\annexe_2_-_services_de_gestion_du_rectorat (1).pdf
2024-07-02 10:51 - 2024-07-02 10:51 - 000103340 _____ C:\Users\nadia\Downloads\contacts-la-dpe-38573.pdf
2024-06-12 05:43 - 2024-07-02 09:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-02 14:20 - 2024-06-02 14:20 - 003370144 _____ (Nicolas Coolman) C:\Users\nadia\Downloads\ZHPDiag3.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-02 10:42 - 2014-07-02 22:12 - 000000000 ____D C:\Program Files (x86)\Google
2024-07-02 10:29 - 2022-02-17 08:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-02 09:53 - 2014-07-02 21:54 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3242392020-1027900930-1581306598-1002
2024-07-02 09:43 - 2022-10-17 13:41 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-07-02 09:43 - 2022-10-17 13:41 - 000002074 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2024-07-02 09:36 - 2018-09-01 00:46 - 000000000 ____D C:\Users\nadia\AppData\Local\CrashDumps
2024-07-02 09:35 - 2023-09-13 11:28 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-07-02 09:32 - 2019-07-15 19:49 - 000000000 ___RD C:\Users\nadia\iCloudDrive
2024-07-02 09:31 - 2014-03-15 13:13 - 000000000 __RDO C:\Users\nadia\SkyDrive
2024-07-02 09:26 - 2018-12-24 11:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-07-02 09:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-26 10:16 - 2021-09-06 00:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-26 10:16 - 2018-12-24 11:28 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-12 06:39 - 2013-10-07 08:01 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-06-12 05:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2024-06-11 19:33 - 2020-07-03 08:01 - 000003590 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-11 19:33 - 2020-07-03 08:01 - 000003462 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-11 19:21 - 2013-08-26 08:04 - 000000000 ____D C:\Users\Administrator
2024-06-11 19:13 - 2014-07-02 21:36 - 000000000 ____D C:\Users\nadia
2024-06-11 19:12 - 2018-04-23 12:24 - 000000000 ____D C:\Users\nadia\AppData\Local\AVAST Software
2024-06-11 19:12 - 2014-07-02 22:47 - 000000000 ____D C:\ProgramData\AVAST Software
2024-06-03 12:59 - 2014-03-15 11:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-06-02 14:57 - 2013-09-10 01:16 - 000840966 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-02 14:57 - 2013-09-10 01:16 - 000171814 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-02 14:57 - 2013-08-26 08:09 - 001960240 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-02 14:31 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2024-06-02 14:26 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-02 14:17 - 2016-01-20 20:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
==================== Fichiers à la racine de certains dossiers ========
2017-03-25 19:29 - 2017-03-25 19:29 - 000000000 _____ () C:\Users\nadia\AppData\Local\{0E160622-E651-4AB7-9F59-B28DC084A43F}
2017-03-20 19:47 - 2017-03-20 19:47 - 000000000 _____ () C:\Users\nadia\AppData\Local\{8B5F4E9C-23DA-46D5-9F97-5ECDEB6C872B}
2017-12-03 19:15 - 2017-12-03 19:15 - 000000000 _____ () C:\Users\nadia\AppData\Local\{941B05FE-739D-4B4C-BEA5-B5816C3A4F54}
2016-11-07 17:54 - 2016-11-07 17:54 - 000000000 _____ () C:\Users\nadia\AppData\Local\{9EBF0169-9ED5-4A20-8DBA-7CC621B2AAB5}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-07-02 09:53
==================== Fin de FRST.txt ========================