Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05.2019 01
Exécuté par AM (administrateur) sur AM-PC (ASUS All Series) (14-05-2019 09:11:30)
Exécuté depuis C:\Users\AM\Desktop
Profils chargés: AM (Profils disponibles: AM)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Logiciels\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Logiciels\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Logiciels\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Logiciels\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Logiciels\CSR Harmony\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Logiciels\CSR Harmony\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Logiciels\CSR Harmony\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Logiciels\CSR Harmony\CsrBtService.exe
(Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.) C:\Logiciels\CyberPower\ppped.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Logiciels\Origin\OriginWebHelperService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Logiciels\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Logiciels\KeyScrambler\x64\KeyScrambler.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2016-02-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Logiciels\Avast\AvLaunch.exe [261000 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [CsrHCRPServer] => C:\Logiciels\CSR Harmony\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Logiciels\CSR Harmony\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Logiciels\CSR Harmony\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Logiciels\CSR Harmony\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Logiciels\CSR Harmony\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Logiciels\CSR Harmony\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [567088 2017-06-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [KeyScrambler] => C:\Logiciels\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7390424 2017-06-23] (Acronis International GmbH -> )
HKU\S-1-5-21-3213217244-4118625139-1921511415-1000\...\Run: [GUDelayStartup] => C:\Logiciels\Glary Utilities 5\StartupManager.exe [44024 2019-04-22] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3213217244-4118625139-1921511415-1000\...\Run: [Steam] => C:\Jeux\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3213217244-4118625139-1921511415-1000\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64672 2019-02-28] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-3213217244-4118625139-1921511415-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-04-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3213217244-4118625139-1921511415-1000\...\MountPoints2: {3138779d-e03b-11e8-a1e7-7824af3a54ea} - "F:\Autorun.exe"
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\Software\...\AppCompatFlags\Custom\MM6.exe: [{84bf240a-4f25-43f0-868a-14367b186544}.sdb] -> Game Compatibility Database Data
HKLM\Software\...\AppCompatFlags\InstalledSDB\{84bf240a-4f25-43f0-868a-14367b186544}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{84bf240a-4f25-43f0-868a-14367b186544}.sdb [2013-06-28]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Logiciels\CSR Harmony\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2019-02-08]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {08D92DBB-2F59-4272-BFD4-642BF253982E} - System32\Tasks\CCleanerSkipUAC => C:\Logiciels\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20BB906A-8300-42FA-861B-19068CDD4EC9} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?aaa=KICMOJLJKJHMNJJJLJGMCNNMNJHMGMCNLMNMOJKJCNHMOJLJOJCNLMOJLJKJHMLMIMOJIMGMGMLMJNJICMHMCNLMCNMMFMOMOMCNIMNMJMCNOMKMPMJMMMFMPMCNPMCNOMKMPMJMMMCNNMJNPICMPMFMFMPMJNHICMEKMICNJJCKJNBJCMOLCLJNKJCMJNNICMJNDJCMJJNIJNMJCMPMFMPMFMPMJNFICMN (l'élément de données a 26 caractères en plus).
Task: {2B38EC48-ACC9-4A59-9151-E8C5FE169B54} - System32\Tasks\GU5SkipUAC => C:\Logiciels\Glary Utilities 5\Integrator.exe [915952 2019-04-22] (Glarysoft LTD -> Glarysoft Ltd)
Task: {3CBA0E2A-E2CF-4EA6-AE40-3449CF5755E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3E0E10F1-13E1-4759-AF3E-C7ADC6270708} - System32\Tasks\{C89B3494-655C-4675-86B8-64F2A8DCE877} => C:\WINDOWS\system32\pcalua.exe -a D:\_SETIMG\EPSSWT.EXE -d D:\ -c /NOWIZ:"..\EPSETUP.EXE"
Task: {3E876AEA-7BC6-4068-A18F-7B86A9A0BE6B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-14] (Adobe Inc. -> Adobe)
Task: {41678E25-ACE4-48D6-B621-0233041012B0} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\BigUpgrade.exe
Task: {55747CA9-470E-4880-A019-C9127F1DDD78} - System32\Tasks\{2357DBE0-351A-4955-90D1-05D6C5374E80} => C:\WINDOWS\system32\pcalua.exe -a "C:\Jeux\Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe" -d "C:\Jeux\Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin"
Task: {6F0575B5-BFC4-4285-AA3E-B52C55068982} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-14] (Adobe Inc. -> Adobe)
Task: {7083400C-7D92-4EFB-A358-6C02B5261F10} - System32\Tasks\S-1-5-21-3213217244-4118625139-1921511415-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [132608 2018-12-08] (Microsoft Windows -> Microsoft Corporation)
Task: {7F0B9FD8-8E97-4DE9-AF69-1132A16D048E} - \Reason Core Security Scheduled Scan -> Pas de fichier <==== ATTENTION
Task: {82E79BB1-0BF3-4BF7-BFD7-1F409AB2E4BA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {8317A9FF-89E2-49E5-A401-C1D4250B373F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {845F8E1E-98D2-4A6A-8CF9-650599722CDF} - System32\Tasks\{9D3462B9-C395-4ACC-A139-FDD61C6662F1} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe" -d "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\"
Task: {9D168B7B-9007-4A9F-BCEF-B52EBA209DB2} - System32\Tasks\PrivaZer_SkipUAC => C:\Logiciels\PrivaZer\PrivaZer.exe [17289944 2019-05-13] (Goversoft LLC -> Goversoft LLC)
Task: {A7EF54ED-511B-4854-8EBE-16DB934932C7} - System32\Tasks\Avast Emergency Update => C:\Logiciels\Avast\AvEmUpdate.exe [2925960 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {AA82F93C-BF77-40DA-9143-75A0B2830A73} - System32\Tasks\Microsoft\Office\Actualizaciones automáticas de Office => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Task: {B9497EF1-CE57-4560-B67A-2864C491E715} - System32\Tasks\{C47E490F-4D09-44B5-B647-C846D7F147E2} => C:\WINDOWS\system32\pcalua.exe -a D:\EPSETUP.EXE -d D:\
Task: {BB8BFA2E-5387-4980-A0E2-B82AF45435BD} - System32\Tasks\{91E6EC18-DFDF-432E-9554-6F5590ABC876} => D:\setup.exe
Task: {C22DB93A-958D-4764-90D3-D6CCF4E3B607} - System32\Tasks\SafeZone scheduled Autoupdate 1454338840 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {DEA29BCC-CAE2-444A-9816-335B20498FF1} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1389392 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {E2372BBA-59C5-4177-A548-66439C9A031A} - System32\Tasks\CCleaner Update => C:\Logiciels\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F549C6AE-365F-408C-B839-859A557517F3} - System32\Tasks\Driver Booster SkipUAC (AM) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\..\Interfaces\{4001dd7a-5a80-4bb1-9826-e2ef1bda4f49}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cc24421c-6e2c-4ba8-b694-ab846c68c378}: [NameServer] 100.120.148.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3213217244-4118625139-1921511415-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3213217244-4118625139-1921511415-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: 13p3wiit.default
FF ProfilePath: C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default [2019-05-14]
FF Homepage: Mozilla\Firefox\Profiles\13p3wiit.default -> hxxps://www.google.com/?hl=fr
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-09]
FF Extension: (AdBlock) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-05-09]
FF Extension: (Simple Translate) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\simple-translate@sienori.xpi [2019-05-12]
FF Extension: (Avast Online Security) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\wrc@avast.com.xpi [2019-05-09]
FF Extension: (Google Traduction) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\{41a71134-b81e-49c5-be44-154c1b981153}.xpi [2019-05-09]
FF Extension: (Désactivation de Google Analytics) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2019-05-09] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Extension: (Sticky Password extension) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2019-05-09] [UpdateUrl:hxxps://www.stickypassword.com/static/Mozilla/updates.json]
FF Extension: (Baidu Search Update) - C:\Users\AM\AppData\Roaming\Mozilla\Firefox\Profiles\13p3wiit.default\features\{4cd5f25e-bb3d-4c73-8afb-5d85b657bdc5}\baidu-code-update@mozillaonline.com.xpi [2019-05-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3213217244-4118625139-1921511415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-10-24] (Ubisoft Entertainment Sweden AB -> )
StartMenuInternet: Firefox-8CD848453EA43B34 - C:\Logiciels\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> )
R3 aswbIDSAgent; C:\Logiciels\Avast\aswidsagent.exe [6660888 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Logiciels\Avast\AvastSvc.exe [362488 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Logiciels\Avast\afwServ.exe [373416 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Logiciels\Avast\wsc_proxy.exe [57504 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R2 BtSwitcherService; C:\Logiciels\CSR Harmony\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Logiciels\CSR Harmony\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Logiciels\CSR Harmony\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Logiciels\CSR Harmony\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-09-24] (INTERNET PROJECT LLC -> Freemake)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 MBAMService; C:\Logiciels\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis International GmbH -> Acronis)
S3 Origin Client Service; C:\Logiciels\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Logiciels\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 ppped; C:\Logiciels\CyberPower\ppped.exe [1013696 2012-03-27] (Cyber Power Systems, Inc. -> Cyber Power Systems, Inc.)
S3 QFXUpdateService; C:\Logiciels\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6688232 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [526376 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-15] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-03-30] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\WINDOWS\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [366432 2019-04-27] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GenericMount; C:\WINDOWS\System32\drivers\GenericMount.sys [54320 2009-09-21] (Symantec Corporation -> Symantec Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2018-07-09] (Glarysoft LTD -> Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-30] (Martin Malik - REALiX -> REALiX(tm))
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-03-22] (Zemana Ltd. -> Zemana Ltd.)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-05] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit Information Technology -> IObit)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2018-10-14] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 SRS_HDAL_Service; C:\WINDOWS\system32\drivers\SRS_HDAL_amd64.sys [533280 2010-11-15] (SRS Labs, Inc -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267552 2019-04-27] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [193376 2019-04-27] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [601432 2019-04-27] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
U5 UnlockerDriver5; C:\Logiciels\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [279392 2019-04-27] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-09-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-10-03] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-05-14 09:11 - 2019-05-14 09:12 - 000030020 _____ C:\Users\AM\Desktop\FRST.txt
2019-05-14 09:11 - 2019-05-14 09:11 - 000000000 ____D C:\FRST
2019-05-14 09:07 - 2019-05-14 09:07 - 002434048 _____ (Farbar) C:\Users\AM\Desktop\FRST64.exe
2019-05-13 18:24 - 2019-05-13 18:24 - 000000000 ____D C:\Program Files\Windows Security
2019-05-10 16:42 - 2019-05-10 16:42 - 000001060 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-05-10 16:42 - 2019-05-10 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-05-10 16:29 - 2019-05-10 16:29 - 000000000 ____D C:\AdwCleaner
2019-05-09 15:18 - 2019-05-09 15:18 - 000000000 ____D C:\Users\AM\AppData\Local\Macromedia
2019-05-09 15:03 - 2019-05-09 15:03 - 000000937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-09 15:03 - 2019-05-09 15:03 - 000000925 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-05-09 15:03 - 2019-05-09 15:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-05 14:36 - 2019-05-05 14:36 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-03 17:47 - 2019-05-03 17:47 - 000001383 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-27 18:12 - 2019-05-11 14:10 - 000604080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-27 18:12 - 2019-04-27 18:12 - 000000000 ____D C:\WINDOWS\Panther
2019-04-27 15:11 - 2019-04-27 15:11 - 000001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-04-27 15:11 - 2019-04-27 15:11 - 000001274 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-04-27 15:09 - 2019-04-27 15:11 - 001267552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-04-27 15:09 - 2019-04-27 15:11 - 000601432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-04-27 15:09 - 2019-04-27 15:11 - 000366432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-04-27 15:09 - 2019-04-27 15:11 - 000193376 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-04-27 15:09 - 2019-04-27 15:09 - 000301408 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2286.sys
2019-04-27 15:09 - 2019-04-27 15:09 - 000000000 ____D C:\Users\AM\AppData\Roaming\Acronis
2019-04-27 15:08 - 2019-04-27 15:15 - 000000000 ____D C:\ProgramData\Acronis
2019-04-27 15:08 - 2019-04-27 15:11 - 000340312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-04-27 15:08 - 2019-04-27 15:11 - 000163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-04-27 15:08 - 2019-04-27 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2019-04-27 15:08 - 2019-04-27 15:08 - 000000000 ____D C:\Program Files (x86)\Acronis
2019-04-17 21:08 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-04-15 18:42 - 2019-04-15 18:42 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-14 16:05 - 2019-04-27 11:33 - 000000795 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-14 16:05 - 2019-04-14 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-14 15:22 - 2019-04-14 15:22 - 000000000 ____D C:\Users\AM\AppData\Local\Molotov
2019-04-14 15:15 - 2019-05-11 22:44 - 000000000 ____D C:\Users\AM\AppData\Roaming\Molotov
2019-04-14 15:15 - 2019-04-14 15:22 - 000002301 _____ C:\Users\AM\Desktop\Molotov.lnk
2019-04-14 15:15 - 2019-04-14 15:22 - 000000000 ____D C:\Users\AM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov
2019-04-14 15:14 - 2019-04-14 15:22 - 000000000 ____D C:\Users\AM\AppData\Local\SquirrelTemp

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-05-14 09:11 - 2018-10-03 16:54 - 000047258 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-05-14 09:08 - 2019-03-29 19:17 - 000000000 ____D C:\Users\AM\AppData\LocalLow\Mozilla
2019-05-14 08:57 - 2018-08-31 19:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-14 08:51 - 2018-08-31 19:10 - 001848696 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-14 08:51 - 2018-04-12 18:19 - 000789954 _____ C:\WINDOWS\system32\perfh00C.dat
2019-05-14 08:51 - 2018-04-12 18:19 - 000149486 _____ C:\WINDOWS\system32\perfc00C.dat
2019-05-14 08:51 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-14 08:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-14 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-14 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-14 08:47 - 2018-08-31 19:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-14 08:47 - 2016-09-14 09:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-13 22:45 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-13 22:45 - 2017-07-02 15:31 - 000000000 ____D C:\Users\AM\AppData\Local\PrivaZer
2019-05-13 22:30 - 2015-05-26 09:38 - 000000000 ____D C:\Users\AM\AppData\Local\Ubisoft Game Launcher
2019-05-13 21:20 - 2019-03-04 19:26 - 000000000 ___SD C:\Users\AM\Documents\Sticky Passwords
2019-05-13 18:14 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-13 17:38 - 2018-07-12 11:37 - 000000000 ____D C:\Users\AM\Documents\2-Provisoire
2019-05-13 17:09 - 2015-05-28 18:18 - 000000000 ____D C:\Users\AM\AppData\Roaming\ZHP
2019-05-13 15:05 - 2017-12-27 09:57 - 000000000 ____D C:\Users\AM\AppData\Local\CrashDumps
2019-05-13 14:35 - 2017-07-02 15:31 - 000001655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2019-05-13 14:35 - 2017-07-02 15:31 - 000001643 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2019-05-13 14:35 - 2015-05-24 21:50 - 000000000 ____D C:\Logiciels
2019-05-12 21:59 - 2018-12-22 22:05 - 000000000 ____D C:\Users\AM\Documents\Assassin's Creed Origins
2019-05-11 22:45 - 2018-08-31 19:03 - 000000000 ____D C:\Users\AM
2019-05-11 15:53 - 2018-01-05 12:04 - 000000000 ____D C:\Users\AM\Documents\1-INSTANCES
2019-05-10 16:08 - 2015-05-25 09:45 - 000000000 ____D C:\Users\AM\AppData\Local\Google
2019-05-10 16:08 - 2015-05-25 09:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-09 16:40 - 2018-09-24 09:59 - 000000000 ____D C:\Users\AM\AppData\Local\D3DSCache
2019-05-09 15:03 - 2018-11-12 11:20 - 000000000 ____D C:\Users\AM\AppData\Roaming\Mozilla
2019-05-09 15:03 - 2018-11-12 11:20 - 000000000 ____D C:\Users\AM\AppData\Local\Mozilla
2019-05-08 15:59 - 2019-03-01 18:11 - 000000000 ____D C:\Users\AM\AppData\Roaming\2K
2019-05-08 15:13 - 2016-12-22 16:42 - 000000000 ___RD C:\Users\AM\Desktop\Maintenance
2019-05-07 18:25 - 2015-05-25 08:48 - 000000000 ____D C:\Users\AM\Documents\XDivers
2019-05-05 14:36 - 2019-02-14 16:34 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-03 17:47 - 2018-07-24 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-02 14:28 - 2017-12-18 20:01 - 000000000 ____D C:\Users\AM\AppData\Local\Packages
2019-04-27 15:11 - 2018-09-30 21:28 - 000279392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-04-27 15:11 - 2016-04-28 10:29 - 000163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2243.sys
2019-04-27 15:08 - 2017-12-30 22:02 - 000160600 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2227.sys
2019-04-27 11:33 - 2019-04-03 16:44 - 000003928 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-27 11:32 - 2017-05-01 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-04-27 11:32 - 2017-05-01 15:19 - 000000000 ____D C:\Program Files\RogueKiller
2019-04-27 11:25 - 2017-08-14 16:17 - 000000870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-17 22:42 - 2018-08-31 17:21 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-15 18:42 - 2019-04-12 21:07 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-15 18:42 - 2019-02-13 19:34 - 000526376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-04-15 18:42 - 2019-01-14 15:38 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-15 18:42 - 2019-01-04 22:00 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-15 18:42 - 2019-01-04 22:00 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-15 18:42 - 2019-01-04 22:00 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-15 18:42 - 2018-10-10 16:08 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-15 18:42 - 2018-08-31 19:07 - 000003952 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-15 18:42 - 2018-08-31 17:21 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-15 18:42 - 2018-08-31 17:21 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-15 18:42 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-14 15:49 - 2015-05-26 07:52 - 000000000 ____D C:\Jeux
2019-04-14 14:53 - 2018-08-31 19:07 - 000004734 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 14:53 - 2018-08-31 19:07 - 000004596 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-14 14:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-14 14:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-14 14:53 - 2015-06-05 11:45 - 000000000 ____D C:\Users\AM\AppData\Local\Adobe

==================== Fichiers à la racine de certains dossiers =======

2017-02-15 16:03 - 2019-03-11 16:40 - 003321728 _____ () C:\Users\AM\ZHPCleaner.exe
2017-02-15 16:06 - 2018-09-24 07:58 - 003166592 _____ () C:\Users\AM\ZHPDiag3.exe
2015-03-26 13:48 - 2015-03-26 13:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-06-28 10:36 - 2017-06-28 10:36 - 000000344 _____ () C:\Users\AM\AppData\Local\000ClearPageFileAtShutdown
2015-07-09 10:29 - 2015-07-09 16:58 - 000000129 _____ () C:\Users\AM\AppData\Local\91a0c3947881ab9c3b6e5ef5488904f5
2017-05-01 11:26 - 2017-05-01 11:28 - 503005056 _____ () C:\Users\AM\AppData\Local\AcronisTrueImage2016_6589.exe
2017-06-28 11:18 - 2017-06-28 11:20 - 503043688 _____ () C:\Users\AM\AppData\Local\AcronisTrueImage2016_6595.exe
2017-10-27 22:18 - 2019-03-03 19:46 - 000144714 _____ () C:\Users\AM\AppData\Local\ars.cache
2019-03-03 19:46 - 2019-03-03 19:46 - 000868367 _____ () C:\Users\AM\AppData\Local\census.cache
2018-01-09 17:29 - 2018-01-09 17:29 - 000000090 _____ () C:\Users\AM\AppData\Local\fusioncache.dat
2015-05-25 10:48 - 2018-08-29 15:34 - 000007617 _____ () C:\Users\AM\AppData\Local\resmon.resmoncfg
2019-03-03 19:41 - 2019-03-03 19:41 - 000000010 _____ () C:\Users\AM\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ===============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ============================