Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2022 Exécuté par arnaud (administrateur) sur ARNO (Acer Aspire 5749Z) (24-04-2022 19:45:01) Exécuté depuis C:\Users\arnaud\Downloads Profils chargés: arnaud Plate-forme: Microsoft Windows 8.1 Professionnel (Update) (X86) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe (C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE (explorer.exe ->) (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\arnaud\AppData\Roaming\ZHP\ZHPSuite.exe (explorer.exe ->) (Peter Panisz -> WinTools.Info) C:\Users\arnaud\Documents\SECURITE\addleds.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.132\GoogleCrashHandler.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (svchost.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [143640 2022-03-25] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3439896 2022-03-23] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [3887384 2022-03-22] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-3345384747-877124966-3903929039-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-3345384747-877124966-3903929039-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3345384747-877124966-3903929039-1001\...\MountPoints2: {75a6d8a4-0155-11eb-974b-e89a8fee5cbb} - "E:\AutoRunCardDetector.exe" HKU\S-1-5-21-3345384747-877124966-3903929039-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [519680 2014-11-22] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\Windows\system32\hpinksts9311LM.dll [269200 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\Windows\system32\HPDiscoPM9311.dll [580712 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\100.0.15870.128\Installer\chrmstp.exe [2022-04-22] (Avast Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-08-04] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {092AEED8-4D90-4C5A-9E23-D24F1C327F07} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-30] (Avast Software s.r.o. -> AVAST Software) Task: {1F9939F6-2C0E-4399-A081-8A5E65E7BFDE} - System32\Tasks\{5BB224C6-F091-4855-B3A7-9A237A6A7FBE} => C:\Windows\system32\pcalua.exe -a "C:\Users\arnaud\AppData\Local\Temp\Temp1_IVT_BlueSoleil_10.0.464.0-1.zip\BlueSoleil 10.0.464.0\install\amd64\setup.exe" <==== ATTENTION Task: {219603FB-056B-44EE-9472-9A700E869C46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-07-17] (Google Inc -> Google Inc.) Task: {2605ECB5-4D38-4E2E-B5F0-B4FFFEABAC84} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2275536 2022-04-15] (Avast Software s.r.o. -> AVAST Software) Task: {2C904840-BDB4-4D27-8A21-2DDCDABA697F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform) Task: {3644F9F2-B871-4653-B3DC-0D6B1C6E81FF} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5822744 2022-03-14] (Avast Software s.r.o. -> Avast Software) Task: {374FD804-5A1D-4AD1-B3B1-CD993DC22CBE} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4272920 2022-03-22] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid eb05185f-ec3e-4dde-baf9-318fde8a6d2b Task: {6AA6CC26-06EA-48DB-B127-FA00283FE2F4} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5822744 2022-03-22] (Avast Software s.r.o. -> Avast Software) Task: {71BD2CA5-74A7-4277-8EA1-3B5924AC512E} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2938984 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {76870059-0C99-49EC-8095-ECD608B4BE25} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4272920 2022-03-23] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 5be23be6-1737-472d-ba23-aa6110946c88 Task: {79ADA7B5-B2F3-4496-89D8-E56D98F98183} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [12147960 2022-03-22] (Lespeed Technology Co., Ltd -> WiseCleaner.com) Task: {8E845F74-9B96-440E-8E9C-8575CEEB854F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4414232 2022-04-15] (Avast Software s.r.o. -> AVAST Software) Task: {9202C8AC-04EE-4897-96F9-741ED3944024} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2275536 2022-04-15] (Avast Software s.r.o. -> AVAST Software) Task: {961D262E-19AE-4DD1-A090-73404C24A006} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {99A89A31-8433-4572-BD91-392F2D3BA2AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {A86F9CA5-A0BA-4AB1-B521-CECCC60581BD} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Task: {AADA8750-55E9-453F-A37C-08A0F09E91B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-30] (Avast Software s.r.o. -> AVAST Software) Task: {AB374790-0903-46DF-9255-F00E1B8A4581} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1984280 2022-03-08] (Avast Software s.r.o. -> Avast Software) Task: {B51D5B89-5B33-46C3-B571-CD900422C42C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-07-17] (Google Inc -> Google Inc.) Task: {D110B008-E135-493F-9405-3A5D6521AE39} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {D7605DDD-E207-4F8A-B80D-B59E1D6CC2FB} - System32\Tasks\CCleanerSkipUAC - arnaud => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {EEF11DB0-9E8C-4775-9641-C32565BF1C2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8DABA1C3-B98C-442C-A749-A060E35433FB}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\arnaud\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-14] Edge Session Restore: Default -> est activé. Edge Extension: (Malwarebytes Browser Guard) - C:\Users\arnaud\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-17] Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: iifudq3a.default-1612282129735 FF ProfilePath: C:\Users\arnaud\AppData\Roaming\Mozilla\Firefox\Profiles\iifudq3a.default-1612282129735 [2022-04-24] FF DownloadDir: C:\Users\arnaud\Documents FF Notifications: Mozilla\Firefox\Profiles\iifudq3a.default-1612282129735 -> hxxps://abonne.lunion.fr FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-30] (Avast Software s.r.o. -> AVAST Software) FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-30] (Avast Software s.r.o. -> AVAST Software) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3345384747-877124966-3903929039-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\arnaud\AppData\Local\Google\Chrome\User Data\Default [2022-04-24] CHR Notifications: Default -> hxxps://stopovirus.clicforum.fr; hxxps://www.aramisauto.com; hxxps://www.cocooncenter.com; hxxps://www.laredoute.fr; hxxps://www.orange.fr CHR HomePage: Default -> hxxp://fr.msn.com/?pc=UP30&ocid=univskyhp CHR StartupUrls: Default -> "hxxp://fr.msn.com/?pc=UP30&ocid=univskyhp","hxxp://search.babylon.com/?affID=113357&tt=4512_8&babsrc=HP_ss&mntrId=a2c3a8b10000000000000016d402d440","hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_CH","hxxps://www.google.com/" CHR Session Restore: Default -> est activé. CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-03] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKU\S-1-5-21-3345384747-877124966-3903929039-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jgfblpnggnjhmdbidfmoidoglbcbnfoi] CHR HKU\S-1-5-21-3345384747-877124966-3903929039-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kphondbfkocnmbigbmfbkeefeoacnlad] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7643728 2022-03-25] (Avast Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-30] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [510232 2022-03-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1796376 2022-03-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [510232 2022-03-25] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-30] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\100.0.15870.128\elevation_service.exe [1700640 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-21] (Avast Software s.r.o. -> AVAST Software) S4 Backupper Service; C:\Program Files\AOMEI\AOMEI Backupper 6.4.0\ABService.exe [995760 2021-01-27] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13537048 2022-03-23] (Avast Software s.r.o. -> AVAST Software) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation) R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [6708504 2022-03-22] (Avast Software s.r.o. -> AVAST Software) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6391992 2022-01-30] (Malwarebytes Inc -> Malwarebytes) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [96088 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [152560 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [46896 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [150192 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\Windows\system32\ampa.sys [35760 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [34864 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [190024 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [317480 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [208424 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [92720 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40352 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [227368 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [398728 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [93808 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72968 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [692792 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [463696 2022-04-15] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162432 2022-03-25] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [269880 2022-04-20] (Avast Software s.r.o. -> AVAST Software) R3 athr; C:\Windows\system32\DRIVERS\athw8.sys [2795520 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) S3 dc3d; C:\Windows\System32\drivers\dc3d.sys [40320 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [33200 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [182168 2022-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213936 2022-01-30] (Malwarebytes Inc -> Malwarebytes) R3 MEI; C:\Windows\System32\drivers\HECI.sys [41088 2010-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) S2 WCMVCAM; C:\Windows\system32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Tenki Technology Co., Ltd. -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [231256 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [44720 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2022-03-10] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-24 19:45 - 2022-04-24 19:46 - 000023330 _____ C:\Users\arnaud\Downloads\FRST.txt 2022-04-24 19:44 - 2022-04-24 19:45 - 000000000 ____D C:\FRST 2022-04-24 19:44 - 2022-04-24 19:44 - 000000000 ____D C:\Users\arnaud\Downloads\FRST-OlderVersion 2022-04-24 19:39 - 2022-04-24 19:44 - 002071552 _____ (Farbar) C:\Users\arnaud\Downloads\FRST.exe 2022-04-24 18:16 - 2022-04-24 18:16 - 000308369 _____ C:\Users\arnaud\Desktop\ZHPDiag.html 2022-04-24 18:16 - 2022-04-24 18:16 - 000248992 _____ C:\Users\arnaud\Desktop\ZHPDiag.txt 2022-04-24 17:58 - 2022-04-24 17:59 - 000000829 _____ C:\Users\arnaud\Desktop\ZHPSuite.lnk 2022-04-24 17:58 - 2022-04-24 17:58 - 000000000 ____D C:\Users\arnaud\AppData\Local\ZHP 2022-04-24 17:51 - 2022-04-24 17:52 - 003482312 _____ (Nicolas Coolman) C:\Users\arnaud\Downloads\ZHPSuite.exe 2022-04-15 11:53 - 2022-04-15 11:53 - 000289104 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2022-04-15 11:53 - 2022-04-15 11:53 - 000162408 _____ (AVAST Software) C:\Windows\system32\Drivers\asw752a0d3fcf8ca26a.tmp 2022-04-14 08:11 - 2022-04-14 08:11 - 000002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2022-04-14 08:11 - 2022-04-14 08:11 - 000002184 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2022-04-13 09:17 - 2022-04-15 11:47 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-04-11 17:52 - 2022-04-11 17:52 - 000000000 ____D C:\Users\arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProcessText Group 2022-04-01 16:31 - 2022-04-01 16:31 - 000001990 _____ C:\Users\arnaud\Desktop\AVRIL-2022 - Raccourci.lnk 2022-03-25 18:23 - 2022-03-25 18:22 - 000162432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-24 19:17 - 2018-07-17 16:24 - 000000000 ____D C:\Program Files\Google 2022-04-24 18:33 - 2020-09-15 16:45 - 000000000 ____D C:\Users\arnaud\AppData\Roaming\ZHP 2022-04-24 18:33 - 2018-07-17 13:07 - 000000000 ____D C:\Users\arnaud\AppData\LocalLow\Mozilla 2022-04-24 18:17 - 2022-02-10 09:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-04-24 15:19 - 2018-07-17 10:35 - 000003924 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{850B3027-CD1B-4A2C-8099-C0F923EA3F78} 2022-04-24 11:27 - 2014-11-22 03:20 - 001826754 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-24 11:27 - 2014-11-22 02:38 - 000813248 _____ C:\Windows\system32\perfh00C.dat 2022-04-24 11:27 - 2014-11-22 02:38 - 000159750 _____ C:\Windows\system32\perfc00C.dat 2022-04-24 11:27 - 2013-08-22 08:21 - 000000000 ____D C:\Windows\inf 2022-04-24 08:18 - 2018-07-17 16:25 - 000000000 ____D C:\Program Files\CCleaner 2022-04-23 16:22 - 2018-07-17 16:30 - 000003128 _____ C:\Windows\system32\Tasks\TrackerAutoUpdate 2022-04-23 16:22 - 2018-07-17 16:30 - 000000638 _____ C:\Windows\Tasks\TrackerAutoUpdate.job 2022-04-23 09:54 - 2018-07-17 10:34 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3345384747-877124966-3903929039-1001 2022-04-23 08:21 - 2020-07-20 15:09 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-23 08:21 - 2020-07-20 15:09 - 000002152 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-04-22 18:16 - 2021-05-30 10:13 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2022-04-22 18:16 - 2021-05-30 10:13 - 000002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2022-04-21 09:59 - 2018-07-17 19:10 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-04-20 18:12 - 2018-07-17 16:35 - 000269880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2022-04-20 18:11 - 2018-07-17 16:24 - 000003492 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-20 18:11 - 2018-07-17 16:24 - 000003364 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-19 18:12 - 2018-07-17 16:36 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-04-17 10:49 - 2018-07-25 19:49 - 000000000 ____D C:\Users\arnaud\Documents\SECURITE 2022-04-17 08:36 - 2013-08-22 10:05 - 000000000 ____D C:\Windows\CbsTemp 2022-04-15 14:23 - 2018-07-17 16:37 - 000000000 ____D C:\Users\arnaud\AppData\Local\AVAST Software 2022-04-15 11:53 - 2020-10-16 20:59 - 000227368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2022-04-15 11:53 - 2020-05-01 15:17 - 000398728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2022-04-15 11:53 - 2019-01-18 11:40 - 000317480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2022-04-15 11:53 - 2019-01-18 10:32 - 000208424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2022-04-15 11:53 - 2019-01-18 10:32 - 000092720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2022-04-15 11:53 - 2018-11-01 16:37 - 000040352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2022-04-15 11:53 - 2018-07-17 16:35 - 000692792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2022-04-15 11:53 - 2018-07-17 16:35 - 000463696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2022-04-15 11:53 - 2018-07-17 16:35 - 000190024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2022-04-15 11:53 - 2018-07-17 16:35 - 000093808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2022-04-15 11:53 - 2018-07-17 16:35 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2022-04-15 11:49 - 2018-07-17 10:32 - 000000000 ___RD C:\Users\arnaud\OneDrive 2022-04-15 11:47 - 2018-07-17 16:33 - 000000000 ____D C:\ProgramData\AVAST Software 2022-04-15 11:47 - 2018-07-17 13:07 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2022-04-15 11:47 - 2013-08-22 09:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-15 11:46 - 2013-08-22 08:13 - 000524288 ___SH C:\Windows\system32\config\BBI 2022-04-15 11:45 - 2018-08-01 19:13 - 000000000 ____D C:\Windows\system32\MRT 2022-04-15 11:45 - 2013-08-22 10:17 - 000000000 ___RD C:\Windows\ToastData 2022-04-15 11:38 - 2018-08-01 19:12 - 139899640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-04-14 09:00 - 2018-08-11 14:39 - 000000000 ____D C:\Program Files\Defraggler 2022-04-13 09:21 - 2021-08-30 09:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-04-13 09:21 - 2018-07-17 13:07 - 000001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-04-12 09:05 - 2018-08-01 17:17 - 000000000 ____D C:\Users\arnaud\AppData\Local\CrashDumps 2022-04-12 08:08 - 2018-07-17 16:25 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-04-11 17:52 - 2021-04-12 14:04 - 000000000 ____D C:\Program Files\ABC Amber Lotus 1-2-3 Converter 2022-04-05 19:29 - 2018-07-25 19:54 - 000000000 ____D C:\Users\arnaud\AppData\Roaming\Wise Disk Cleaner 2022-04-05 19:27 - 2020-10-30 10:44 - 000000000 ____D C:\Users\arnaud\AppData\Roaming\WiseUpdate 2022-04-05 09:26 - 2021-08-19 18:07 - 000002802 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - arnaud 2022-04-05 09:26 - 2021-02-17 21:27 - 000003228 _____ C:\Windows\system32\Tasks\{5BB224C6-F091-4855-B3A7-9A237A6A7FBE} 2022-04-05 09:26 - 2020-07-20 15:09 - 000003522 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-05 09:26 - 2020-07-20 15:09 - 000003394 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-05 09:26 - 2018-07-17 16:36 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2022-03-25 18:22 - 2020-10-16 20:59 - 000227360 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9fc6c0488723d06e.tmp 2022-03-25 18:22 - 2020-05-01 15:17 - 000398752 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0f117eb2dabbce99.tmp 2022-03-25 18:22 - 2019-01-18 11:40 - 000310824 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0851fabc9afb381e.tmp 2022-03-25 18:22 - 2019-01-18 10:32 - 000208424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc93b970e51a64137.tmp 2022-03-25 18:22 - 2019-01-18 10:32 - 000092736 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9326bd9f4824c28e.tmp 2022-03-25 18:22 - 2018-11-01 16:37 - 000040344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswdcd451582b322c2b.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000692776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw255e2635a2bd6e7e.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000459616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe8fca92dc0a5e4f2.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000267232 _____ (AVAST Software) C:\Windows\system32\Drivers\asw88356824e1d4aeb2.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000190048 _____ (AVAST Software) C:\Windows\system32\Drivers\asw941f9781102fb5c6.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000093824 _____ (AVAST Software) C:\Windows\system32\Drivers\asw65194858be056578.tmp 2022-03-25 18:22 - 2018-07-17 16:35 - 000072960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswae8e2f86f0d1925f.tmp 2022-03-25 09:26 - 2018-07-17 19:09 - 000002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-03-25 09:21 - 2018-07-17 10:28 - 000000000 ____D C:\Users\arnaud ==================== Fichiers à la racine de certains dossiers ======== 2020-09-22 09:45 - 2020-09-22 09:45 - 003327360 _____ (Nicolas Coolman) C:\Users\arnaud\ZHPCleaner.exe 2021-07-24 11:47 - 2021-07-24 11:47 - 000000410 _____ () C:\Users\arnaud\AppData\Local\oobelibMkey.log 2021-07-31 18:23 - 2021-07-31 18:23 - 000002936 _____ () C:\Users\arnaud\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2022-03-30 09:34 ==================== Fin de FRST.txt ========================