Rapport Frst.txt :

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Exécuté par Dulette (administrateur) sur DESKTOP-B0ESN8N (ASUSTeK COMPUTER INC. X411UA) (01-02-2021 08:56:21)
Exécuté depuis C:\Users\dulet\OneDrive\Desktop
Profils chargés: Dulette
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe <4>
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_6ea7dc2752605c07\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dulet\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Tersys Group OÜ -> Trust.Zone VPN Project) C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe <2>

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Trust.Zone VPN Client UI Helper] => C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe [6322584 2019-08-30] (Tersys Group OÜ -> Trust.Zone VPN Project)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2020-12-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2019-11-01] (Express Vpn LLC -> ExpressVPN)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2820884021-490180154-3507799189-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [3621776 2018-07-30] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-2820884021-490180154-3507799189-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11219376 2020-12-10] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-2820884021-490180154-3507799189-1001\...\MountPoints2: {5e48e63d-fb4a-11e7-bb3b-1c4d709c5864} - "G:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-11-21]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0C28BCCE-B48C-4323-898B-69E717B1FDA3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {1F77A3BF-65DA-4E2C-BDAE-39F539233FC1} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {29E5163B-E912-4A9E-8668-6710C9890776} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-12-01] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 92dc3d1a-9e3a-48f6-9817-44fc4240bbe5
Task: {3CF9F5FE-520B-44C0-8DC3-EF123E22DD38} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)
Task: {41B8C14D-5918-4263-A50C-5F9A6D815291} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {494E8322-C489-44E3-A4D3-3E289B37DF5B} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Fichier non signé]
Task: {51ABAC76-7287-4A67-8203-165E39214D13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-20] (Google Inc -> Google Inc.)
Task: {530886A0-6692-4BF2-B4BF-D4F0CABCF57F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-20] (Google Inc -> Google Inc.)
Task: {5FB5F012-34A4-4205-9522-9AA862AB40A2} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [Fichier non signé]
Task: {6EBA9AAC-6421-4C59-A4E2-E25B75E2FC61} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4661856 2020-11-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 4e711ae7-d34c-4135-86d3-54cac26a246f
Task: {6EDD1F38-64BD-446B-A7A4-068B1844C9BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {735625B9-EA5F-4A56-8455-BF0960A32972} - System32\Tasks\SUPERAntiSpyware Scheduled Task 397d4454-74ed-470e-adf8-92c3611820e2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:397d4454-74ed-470e-adf8-92c3611820e2
Task: {8B5B6CF0-F07D-43E1-A8C7-20A7A86B9C88} - System32\Tasks\SUPERAntiSpyware Scheduled Task 918e108c-6cdc-45ab-ab12-dd70af659e6a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:918e108c-6cdc-45ab-ab12-dd70af659e6a
Task: {9F3F195E-2F3A-4B1F-A97F-21FFFF99640C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C87E1EEA-02BE-4F3B-A331-248F043138E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CA78A9DC-5CED-446F-BD58-0BFE72E2E79E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [Fichier non signé]
Task: {CD2A651D-577F-40E6-8EBB-8736C93A5565} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831768 2016-08-29] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {D85B11BA-7708-46ED-9940-A8F0EE6B2CEE} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2480504 2017-04-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {D8D78F67-9993-4930-9E21-3503F38D797F} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {ED66BA67-1B2B-461D-8476-DC48AFC446AC} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5442656 2020-11-16] (Avast Software s.r.o. -> Avast Software)
Task: {EDC2935E-D7F4-444F-910A-0EE8BDD03A60} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {F68836A2-BEED-4FEE-ACE9-B1C802BE5D7E} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1188968 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
Task: {FAA14B5C-05C0-4507-B796-1A7E330DFB1C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-08] (Avast Software s.r.o. -> AVAST Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 397d4454-74ed-470e-adf8-92c3611820e2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 918e108c-6cdc-45ab-ab12-dd70af659e6a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{2c27b0bd-a40a-490d-a8c5-4a1e3d005df0}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{3f3da1b5-ebdd-44c1-a05c-f36fd656d83d}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{550f319a-37c6-4f08-a685-ebfe676c5a31}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{7061603a-c62e-4bdf-b24b-dc8ebbc99a50}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{9fdc0724-0f66-4e9b-b865-128f2687ad30}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{9fdc0724-0f66-4e9b-b865-128f2687ad30}: [DhcpNameServer] 172.21.0.1 172.21.0.2
Tcpip\..\Interfaces\{b4814589-c182-4569-97d5-f437fe3feea4}: [NameServer] 109.236.87.2,144.217.75.55
Tcpip\..\Interfaces\{b4814589-c182-4569-97d5-f437fe3feea4}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{f4c078bc-564e-44ce-8c5e-ee2f6eb99490}: [NameServer] 109.236.87.2,144.217.75.55
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\dulet\Downloads
Edge Notifications: HKU\S-1-5-21-2820884021-490180154-3507799189-1001 -> hxxps://www.facebook.com; hxxps://www.tntendirect.com
Edge Profile: C:\Users\dulet\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31]
Edge DownloadDir: C:\Users\dulet\Downloads
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.tntendirect.com
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}

FireFox:
========
FF DefaultProfile: fvniqzhu.default
FF ProfilePath: C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default [2021-02-01]
FF Notifications: Mozilla\Firefox\Profiles\fvniqzhu.default -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF Extension: (Avast Passwords) - C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-19] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF Extension: (Avast Online Security) - C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default\Extensions\wrc@avast.com.xpi [2020-06-17]
FF Extension: (Unseen) - C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default\Extensions\{230ed5ec-936c-4ad1-b3d4-e2bb251bd1c3}.xpi [2018-12-01]
FF Extension: (Pas de nom) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [non trouvé(e)]
FF SearchPlugin: C:\Users\dulet\AppData\Roaming\Mozilla\Firefox\Profiles\fvniqzhu.default\searchplugins\bing-lavasoft-ff59.xml [2018-10-24]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-20]
CHR Extension: (Docs) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-20]
CHR Extension: (Google Drive) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-20]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-14]
CHR Extension: (Sheets) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-01-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Avast Online Security) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\dulet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2020-12-01] (Avast Software s.r.o. -> AVAST Software)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-11-01] (Express Vpn LLC -> ExpressVPN)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-01-29] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7897696 2020-11-18] (Avast Software s.r.o. -> AVAST Software)
R2 TZVPNCLIENT; C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe [6322584 2019-08-30] (Tersys Group OÜ -> Trust.Zone VPN Project)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154456 2017-05-25] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67416 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 MyWiFiDHCPDNS; "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-03-06] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-07-27] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-31] (Malwarebytes Corporation -> Malwarebytes)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2019-11-01] (ExprsVPN LLC -> ExpressVPN)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220600 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142440 2021-02-01] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2020-11-07] () [Fichier non signé]
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-11-01] (ExprsVPN LLC -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-01 08:53 - 2021-02-01 08:56 - 000000000 ____D C:\FRST
2021-02-01 08:41 - 2021-02-01 08:41 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-01 08:41 - 2021-02-01 08:41 - 000142440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-01 08:41 - 2021-02-01 08:41 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-31 22:04 - 2021-01-31 22:33 - 000000546 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 918e108c-6cdc-45ab-ab12-dd70af659e6a.job
2021-01-31 22:04 - 2021-01-31 22:33 - 000000546 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 397d4454-74ed-470e-adf8-92c3611820e2.job
2021-01-31 22:04 - 2021-01-31 22:04 - 000003790 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 397d4454-74ed-470e-adf8-92c3611820e2
2021-01-31 22:04 - 2021-01-31 22:04 - 000003708 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 918e108c-6cdc-45ab-ab12-dd70af659e6a
2021-01-31 22:03 - 2021-01-31 22:03 - 000000000 ____D C:\Users\dulet\AppData\Roaming\SUPERAntiSpyware.com
2021-01-31 22:03 - 2021-01-31 22:03 - 000000000 ____D C:\Users\dulet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-01-31 22:02 - 2021-01-31 22:03 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-01-31 22:02 - 2021-01-31 22:02 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-01-31 21:59 - 2021-01-31 21:59 - 169256168 _____ (SUPERAntiSpyware) C:\Users\dulet\Downloads\SUPERAntiSpyware.exe
2021-01-31 21:39 - 2021-01-31 21:46 - 000000000 ____D C:\AdwCleaner
2021-01-31 21:39 - 2021-01-31 21:39 - 008457584 _____ (Malwarebytes) C:\Users\dulet\Downloads\adwcleaner_8.0.9.1.exe
2021-01-31 21:32 - 2021-01-31 21:32 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-31 21:32 - 2021-01-31 21:32 - 000220600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-31 21:32 - 2021-01-31 21:32 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-31 21:32 - 2021-01-31 21:32 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-31 21:32 - 2021-01-31 21:32 - 000000000 ____D C:\Users\dulet\AppData\Local\mbam
2021-01-31 21:32 - 2021-01-31 21:31 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-31 21:32 - 2021-01-31 21:31 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-31 21:31 - 2021-01-31 21:31 - 002086424 _____ (Malwarebytes) C:\Users\dulet\Downloads\MBSetup.exe
2021-01-31 21:31 - 2021-01-31 21:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-31 21:31 - 2021-01-31 21:31 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-31 20:54 - 2021-01-31 20:54 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-01-31 20:54 - 2021-01-31 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-01-31 20:54 - 2021-01-31 20:54 - 000000000 ____D C:\Program Files\iTunes
2021-01-31 20:54 - 2021-01-31 20:54 - 000000000 ____D C:\Program Files\iPod
2021-01-31 20:51 - 2021-01-31 20:51 - 000001426 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2021-01-31 20:51 - 2021-01-31 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-01-31 18:38 - 2021-01-31 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-29 17:57 - 2021-01-31 20:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-24 17:18 - 2021-01-24 17:18 - 000000000 ____D C:\ProgramData\PassMark
2021-01-24 17:18 - 2021-01-24 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WirelessMon
2021-01-24 17:18 - 2021-01-24 17:18 - 000000000 ____D C:\Program Files\WirelessMon
2021-01-24 17:16 - 2021-01-24 17:17 - 013151176 _____ (PassMark Software ) C:\Users\dulet\Downloads\wirelessmon_5-0-1002_en_126382.exe
2021-01-18 19:35 - 2021-01-18 19:35 - 000000000 ____D C:\Users\dulet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-13 20:47 - 2021-01-13 20:47 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:47 - 2021-01-13 20:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:47 - 2021-01-13 20:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:47 - 2021-01-13 20:47 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:47 - 2021-01-13 20:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:46 - 2021-01-13 20:46 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 20:44 - 2021-01-13 20:44 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:44 - 2021-01-13 20:44 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:44 - 2021-01-13 20:44 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:44 - 2021-01-13 20:44 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:44 - 2021-01-13 20:44 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:44 - 2021-01-13 20:44 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:43 - 2021-01-13 20:43 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:43 - 2021-01-13 20:43 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:43 - 2021-01-13 20:43 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:43 - 2021-01-13 20:43 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:43 - 2021-01-13 20:43 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-08 05:36 - 2021-01-08 05:36 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-08 05:36 - 2021-01-08 05:36 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-01 08:54 - 2018-09-16 18:09 - 000000000 ____D C:\Users\dulet\AppData\LocalLow\Mozilla
2021-02-01 08:48 - 2019-08-29 06:44 - 001681874 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-01 08:48 - 2019-03-19 13:00 - 000758242 _____ C:\WINDOWS\system32\perfh00C.dat
2021-02-01 08:48 - 2019-03-19 13:00 - 000142898 _____ C:\WINDOWS\system32\perfc00C.dat
2021-02-01 08:48 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-01 08:48 - 2018-06-28 06:12 - 000000000 ____D C:\Users\dulet\AppData\Local\AVAST Software
2021-02-01 08:44 - 2019-02-05 06:14 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-01 08:41 - 2019-08-30 05:48 - 000000000 ____D C:\Program Files\Trust.Zone VPN Client
2021-02-01 08:41 - 2017-12-06 18:51 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-01 08:40 - 2020-08-04 05:58 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-02-01 08:40 - 2019-08-29 06:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-01 08:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-01 08:40 - 2017-10-29 01:11 - 000000000 ___HD C:\Intel
2021-01-31 22:37 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-01-31 22:36 - 2019-08-29 06:45 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-31 22:32 - 2018-07-27 20:36 - 000000000 ____D C:\AdsFix
2021-01-31 22:18 - 2017-12-06 20:07 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-31 22:10 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-31 22:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-31 22:10 - 2017-12-09 11:53 - 000000000 ____D C:\Users\dulet\AppData\Local\Packages
2021-01-31 21:46 - 2018-10-21 14:18 - 000000000 ____D C:\Users\dulet\AppData\Roaming\Lavasoft
2021-01-31 21:46 - 2018-10-21 14:18 - 000000000 ____D C:\Users\dulet\AppData\Local\Lavasoft
2021-01-31 21:32 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-31 20:51 - 2018-11-03 11:09 - 000000000 ____D C:\ProgramData\Foxit Software
2021-01-31 20:51 - 2017-12-06 18:51 - 000000000 ____D C:\Users\dulet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-31 20:51 - 2017-12-06 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-31 20:51 - 2017-12-06 18:51 - 000000000 ____D C:\Program Files\WinRAR
2021-01-31 20:41 - 2018-09-16 18:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-31 20:27 - 2019-08-29 06:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-31 18:40 - 2019-08-29 06:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2820884021-490180154-3507799189-1001
2021-01-31 18:40 - 2019-08-29 06:37 - 000002403 _____ C:\Users\dulet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-31 18:40 - 2017-12-06 18:44 - 000000000 ___RD C:\Users\dulet\OneDrive
2021-01-31 18:38 - 2018-09-16 18:09 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-30 08:00 - 2020-07-04 21:27 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 08:00 - 2020-07-04 21:27 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-27 17:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-21 20:00 - 2017-10-29 01:07 - 000000000 ____D C:\Program Files\Intel
2021-01-18 19:35 - 2020-04-06 08:57 - 000000000 ____D C:\Users\dulet\AppData\Roaming\Zoom
2021-01-18 08:22 - 2020-07-04 21:27 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 08:22 - 2020-07-04 21:27 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-13 23:37 - 2020-11-21 20:55 - 000463480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 23:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 23:37 - 2017-12-09 12:04 - 000000000 ___RD C:\Users\dulet\3D Objects
2021-01-13 23:37 - 2017-10-29 01:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 23:35 - 2019-03-19 13:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 23:35 - 2019-03-19 13:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 23:35 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 21:00 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:57 - 2017-12-06 19:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:52 - 2017-12-06 19:23 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:43 - 2019-08-29 06:34 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-08 19:11 - 2018-03-06 19:03 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-08 05:36 - 2020-10-27 20:16 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-08 05:36 - 2020-04-21 06:46 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-08 05:36 - 2019-03-17 09:15 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-08 05:36 - 2019-01-20 09:51 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-08 05:36 - 2019-01-18 20:53 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-08 05:36 - 2019-01-18 20:53 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-08 05:36 - 2018-11-05 22:56 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-08 05:36 - 2018-06-27 08:05 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-08 05:36 - 2018-03-06 19:03 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-08 05:36 - 2018-03-06 19:03 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-08 05:36 - 2018-03-06 19:03 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-08 05:36 - 2018-03-06 19:03 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-08 05:36 - 2018-03-06 19:03 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Fichiers à la racine de certains dossiers ========

2018-12-20 04:50 - 2018-12-20 04:50 - 007895040 _____ () C:\Program Files (x86)\GUT8F3A.tmp
2017-12-06 18:45 - 2020-04-04 20:12 - 000000200 _____ () C:\Users\dulet\AppData\Roaming\sp_data.sys
2020-05-31 08:29 - 2020-05-31 08:29 - 000000017 _____ () C:\Users\dulet\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================