Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2023
Exécuté par Baloo (administrateur) sur DESKTOP-COIMB4K (Micro-Star International Co., Ltd. MS-7C52) (24-05-2023 07:48:43)
Exécuté depuis C:\Users\Utilisateur\Downloads\FRST64 (1).exe
Profils chargés: Baloo
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2965 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366052.inf_amd64_27b70634fe4a2a8e\B359612\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.51361.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-545318232-1085552943-1941466372-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-545318232-1085552943-1941466372-1001\...\Run: [MicrosoftEdgeAutoLaunch_214C468C1C6DF33CE795C9511217D27D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152216 2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-545318232-1085552943-1941466372-1001\...\MountPoints2: {0cc791e9-bd19-11ed-ac64-d0374568c184} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-545318232-1085552943-1941466372-1001\...\MountPoints2: {ebb95920-b7da-11ea-a9dc-d0374568c184} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-545318232-1085552943-1941466372-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\MARINE~1.SCR [7250944 2020-01-22] (SereneScreen) [Fichier non signé]
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (Pas de fichier)
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}] -> C:\Windows\SysWOW64\advpack.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2023-03-11]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2023-03-11]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Pas de fichier)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04891888-E175-482D-B9BF-29840FB3AED4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-14] (Avast Software s.r.o. -> Avast Software)
Task: {05874A07-B546-4B42-B557-144A611F9D8B} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5029784 2023-05-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (l'élément de données a 70 caractères en plus).
Task: {18556CBD-90D3-4A77-932D-73B34BD03A53} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {1E04711A-AE60-4B9F-ABB6-63010FF65945} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5029784 2023-04-14] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (l'élément de données a 99 caractères en plus).
Task: {37385627-3FA9-4DFE-9851-D6E0CD69C1A9} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-04-26] (Avast Software s.r.o. -> Avast Software)
Task: {4E8909AA-C919-4446-801F-105AF9DFE394} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1243544 2023-05-13] (Avast Software s.r.o. -> AVAST Software)
Task: {66774DA9-6398-4DD7-B4F4-D31B1CC9A3F1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4884888 2023-05-15] (Avast Software s.r.o. -> AVAST Software)
Task: {6A15BD05-ED19-4F9B-B960-2ED16A6356C7} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7092120 2023-04-12] (Avast Software s.r.o. -> Avast Software)
Task: {8CB9827A-A169-49D3-BEA6-443DF535008B} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5030808 2023-05-13] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus).
Task: {A06EC0DD-3D12-442E-915D-F082A6B4E1B7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "41634afb-8950-4a95-8eb4-13bbc59b2987" --version "6.06.10144" --silent
Task: {AB2CD29A-E0EF-4725-9D4A-D15A42C25C6B} - System32\Tasks\Opera scheduled Autoupdate 1684566863 => C:\Users\Utilisateur\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software)
Task: {C02727EF-D59A-405B-8909-BCE0DCDE8125} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {E393A137-BD4F-49BC-810B-79CF9D563B07} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7092120 2023-04-18] (Avast Software s.r.o. -> Avast Software)
Task: {E6D5F923-7E66-44EC-9479-F0C2D0E7671D} - System32\Tasks\CCleanerSkipUAC - Baloo => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F1B5229A-092D-473B-BC5C-49852F042EEE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5254336 2023-05-10] (Microsoft Windows -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => Pas de fichier
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f349e0d-57f4-4bab-b8b0-bd6e92b71872}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cc017631-f2b7-4bb4-85c8-07e7fe38ad64}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Utilisateur\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-24]
Edge DownloadDir: Default -> C:\Users\Utilisateur\Downloads
Edge Notifications: Default -> hxxps://investmeny.org; hxxps://lecridescrocs.com; hxxps://onemacusa.com; hxxps://onemacusa.net; hxxps://particuliers.engie.fr; hxxps://success-news.net; hxxps://thepcgames.net; hxxps://turbobit.net; hxxps://www.bloggif.com; hxxps://www.bricorama.fr; hxxps://www.gktorrent.cc; hxxps://www.jeuxdepc.fr; hxxps://www.oxtorrent.tv; hxxps://www.sendspace.com; hxxps://www.torrent9.gg; hxxps://www.xn--thepratebay-fcb.com; hxxps://www.zetorrents.tv
Edge HomePage: Default -> hxxps://webmail.sfr.fr/fr_FR/main.html#welcome
Edge DefaultSearchURL: Default -> hxxps://www.labanquepostale.fr/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/favicon.png
Edge Extension: (Edge relevant text changes) - C:\Users\Utilisateur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2022-12-04]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Safe Torrent Scanner) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-10-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-09]
CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-04]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
Opera:
=======
OPR Profile: C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable [2023-05-24]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-05-20]
OPR Extension: (Opera Wallet) - C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-05-20]
OPR Extension: (Opera AI Prompts) - C:\Users\Utilisateur\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-20]
StartMenuInternet: (HKU\S-1-5-21-545318232-1085552943-1941466372-1001) OperaStable - "C:\Users\Utilisateur\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8808344 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2079128 2023-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [584088 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17396632 2023-05-02] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9007000 2023-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [9255384 2023-05-20] (Malwarebytes Inc. -> Malwarebytes)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10043288 2023-05-13] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336256 2023-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31360 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235880 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391800 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297824 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95904 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39592 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [270472 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556104 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105232 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80408 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [942936 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [703280 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212640 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319552 2023-05-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76664 2023-04-14] (Avast Software s.r.o. -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_022b; C:\WINDOWS\System32\drivers\RzDev_022b.sys [56152 2021-03-22] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-05-24 07:48 - 2023-05-24 07:50 - 000023898 _____ C:\Users\Utilisateur\Downloads\FRST.txt
2023-05-24 07:48 - 2023-05-24 07:48 - 000000000 ____D C:\Users\Utilisateur\Downloads\FRST-OlderVersion
2023-05-24 07:47 - 2023-05-24 07:49 - 000000000 ____D C:\FRST
2023-05-24 07:38 - 2023-05-24 07:48 - 002382848 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRST64 (1).exe
2023-05-23 17:39 - 2023-05-23 17:39 - 000003584 _____ C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-05-20 15:39 - 2023-05-20 15:39 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lets Travel - Welcome To Ukraine
2023-05-20 15:39 - 2023-05-20 15:39 - 000000000 ____D C:\Program Files (x86)\Lets Travel - Welcome To Ukraine
2023-05-20 15:34 - 2023-05-20 15:34 - 000108328 _____ C:\Users\Utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT
2023-05-20 14:54 - 2023-05-20 15:01 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Jake Everest 2 - Gunung Padang The Unseen Civilization
2023-05-20 14:54 - 2023-05-20 14:54 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\BabiKmicApps
2023-05-20 14:51 - 2023-05-20 15:40 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Graphium_Studio
2023-05-20 14:36 - 2023-05-20 14:36 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Jewel Match Origin2 CE_Steam
2023-05-20 09:14 - 2023-05-20 09:15 - 000004244 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1684566863
2023-05-20 09:14 - 2023-05-20 09:15 - 000001538 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-05-20 09:14 - 2023-05-20 09:14 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Opera Software
2023-05-20 09:13 - 2023-05-20 09:13 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Opera Software
2023-05-20 08:50 - 2023-05-23 07:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Malwarebytes
2023-05-15 17:31 - 2023-05-15 17:30 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-05-14 14:50 - 2023-05-14 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2023-05-14 14:50 - 2023-05-14 14:50 - 000000000 ____D C:\ProgramData\driverscloud.com
2023-05-14 14:50 - 2023-05-14 14:50 - 000000000 ____D C:\Program Files\Cybelsoft
2023-05-10 08:02 - 2023-05-10 08:02 - 000000000 ___HD C:\$WinREAgent
2023-05-09 11:13 - 2023-05-09 11:13 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Peaksel
2023-04-29 15:12 - 2023-04-29 15:12 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\IteraLabs
2023-04-29 15:12 - 2023-04-29 15:12 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\IteraLabs
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-05-23 22:10 - 2020-11-06 21:11 - 000000000 ___RD C:\Users\Utilisateur\Desktop\A VOIR
2023-05-23 22:10 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-23 21:43 - 2022-08-18 14:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-23 20:56 - 2020-04-24 17:47 - 000000000 ____D C:\Program Files\CCleaner
2023-05-23 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-23 15:27 - 2020-04-24 14:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Office
2023-05-23 11:24 - 2020-04-24 14:26 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Excel
2023-05-23 07:28 - 2022-08-18 14:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-05-22 21:50 - 2020-05-01 20:11 - 000000000 ____D C:\ProgramData\TEMP
2023-05-22 17:47 - 2023-04-03 10:53 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\JetDogs
2023-05-22 17:47 - 2020-10-09 07:43 - 000000000 ___RD C:\Games
2023-05-22 17:47 - 2020-04-21 18:56 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\D3DSCache
2023-05-22 10:18 - 2022-02-22 08:41 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\IGDump
2023-05-21 19:31 - 2020-04-26 15:56 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2023-05-21 13:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-21 12:37 - 2022-08-18 11:58 - 000000000 ____D C:\Users\Utilisateur
2023-05-21 07:54 - 2020-10-04 10:37 - 000000000 ___RD C:\Users\Utilisateur\Documents\LOGICIELS
2023-05-21 07:52 - 2020-04-24 14:53 - 000000000 ___RD C:\Users\Utilisateur\Documents\W-BOITE A OUTILS
2023-05-20 19:05 - 2020-04-22 00:22 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Packages
2023-05-20 18:13 - 2020-04-24 16:03 - 000000000 ___RD C:\Users\Utilisateur\Desktop\JEUX
2023-05-20 17:38 - 2020-04-30 17:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-20 14:26 - 2020-04-26 20:01 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\8floor
2023-05-19 09:13 - 2020-10-04 10:37 - 000000000 ___RD C:\Users\Utilisateur\Documents\IDENTIFIANTS-Favoris-Ordi- répertoire
2023-05-18 10:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-16 15:02 - 2023-01-04 17:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-15 17:31 - 2020-11-10 19:33 - 000703280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000556104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000319552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000297824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000270472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000105232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000095904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000080408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-05-15 17:31 - 2020-11-10 19:33 - 000039592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-05-15 17:31 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-05-15 17:30 - 2020-11-10 19:33 - 000942936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-05-15 17:30 - 2020-11-10 19:33 - 000391800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-05-15 17:30 - 2020-11-10 19:33 - 000235880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-05-15 17:30 - 2020-11-10 19:33 - 000031360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-05-15 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-15 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-15 09:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-15 09:25 - 2023-04-14 16:05 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-05-15 09:25 - 2022-08-18 14:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-15 09:25 - 2022-08-18 14:21 - 000473008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-15 09:25 - 2021-02-09 14:04 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-15 09:25 - 2020-04-25 15:51 - 000000000 ____D C:\ProgramData\Avast Software
2023-05-15 09:24 - 2020-12-13 08:34 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2023-05-15 09:24 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-15 09:09 - 2023-02-23 10:51 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc
2023-05-14 15:13 - 2023-04-14 16:08 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2023-05-13 14:34 - 2022-08-18 11:58 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows
2023-05-12 07:31 - 2022-08-18 14:48 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 07:31 - 2022-08-18 14:48 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-10 10:05 - 2022-08-18 14:39 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-10 10:05 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2023-05-10 10:05 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2023-05-10 09:55 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-05-10 09:55 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-05-10 09:55 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\system32\fr
2023-05-10 09:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-10 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-10 08:40 - 2022-08-18 14:24 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-10 08:00 - 2020-04-26 14:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 07:55 - 2020-04-26 14:42 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-04 10:02 - 2020-04-24 16:50 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Word
2023-05-03 17:12 - 2020-08-14 12:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-03 17:02 - 2020-06-18 11:55 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-04-29 15:13 - 2022-07-19 14:03 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Tiny Little Lion
2023-04-25 12:04 - 2020-11-10 19:33 - 000269464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw40360222dbdce8e7.tmp
==================== Fichiers à la racine de certains dossiers ========
2014-07-10 08:16 - 2014-07-10 08:16 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2023-05-23 17:39 - 2023-05-23 17:39 - 000003584 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================