Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2021 Exécuté par 17 ak (administrateur) sur LAPTOP-R3UEC1JN (HP HP Laptop 17-ak0xx) (16-04-2021 16:57:26) Exécuté depuis C:\Users\17 ak\Desktop Profils chargés: 17 ak Platform: Windows 10 Home Version 1909 18363.1500 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc.) [Fichier non signé] C:\Program Files\HPCommRecovery\HPCommRecovery.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3666536 2018-03-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKU\S-1-5-21-3084453028-3729531626-3511506604-1001\...\Run: [AE26B5A6DB4ECA7ADE2A32F1B9736DB3B83883FF._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 HKLM\...\Windows x64\Print Processors\Canon MG3200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB8.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3200 series: C:\WINDOWS\system32\CNMLMB8.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {133FDE33-0A0F-45DC-9E89-348A6DE6C735} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {22CB0391-500A-46BB-BADB-14615C0FC144} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {262E3FAF-6245-4C64-BD44-DDF0D5492D17} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs] Task: {2BC4231F-CBB8-482F-95F9-A43B1B134B21} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {36DF4333-F967-45B5-B6B7-F65C42389B56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {374AB118-CBF1-4337-B3B7-8DE27E485F5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {396370F0-5496-4D7A-AA16-2150FBBD9E0B} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> ) Task: {43D980E0-05F3-4C45-A8F7-77E15C94018F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {45B48573-0BB3-4FF7-82DD-2D186C78DE82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {48B0FE4C-A971-4CD6-A84A-2B6907A82215} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3084453028-3729531626-3511506604-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-19] (Microsoft Windows -> Microsoft Corporation) Task: {49580661-EBF4-4FCE-ADD6-1C04729A36C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {4D7A57A9-6A40-408F-8659-06051365F39B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-28] (Dropbox, Inc -> DropboxOEM) Task: {5AB80995-30B3-4FF3-8B6B-EF885004F839} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.) Task: {66D34FE1-B750-4C16-A7F1-8A9D4B079931} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-18] (Mozilla Corporation -> Mozilla Foundation) Task: {8FD0E3F5-E5D9-4A69-B808-B745464F79EC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-17] (Dropbox, Inc -> Dropbox, Inc.) Task: {9671DB36-F077-4BEF-ADA0-B8A2D011A4E4} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.) Task: {C42B1694-864F-4A09-8077-745D3EED5F47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CD05E8C8-0344-4A9A-BA24-30B74BFC2887} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {D6766AB7-EAEE-4057-AC6B-E945F65D46FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {ECE1E647-60C4-4EB7-A424-CEB7CD106B6C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-17] (Dropbox, Inc -> Dropbox, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7ead616a-49c2-4172-b345-75b19545d26e}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{e71f8bf4-55f5-4c60-849e-90935ca3c58b}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: eq6ict8t.default-1618574697601 FF ProfilePath: C:\Users\17 ak\AppData\Roaming\Mozilla\Firefox\Profiles\eq6ict8t.default-1618574697601 [2021-04-16] FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default [2021-04-16] CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.fr/" CHR Extension: (AdGuard AdBlocker) - C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2021-04-16] CHR Extension: (uBlock Origin) - C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-04-16] CHR Extension: (AVG SafePrice | Comparaison, offres, coupons) - C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2021-04-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-16] CHR Extension: (Chrome Media Router) - C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16] CHR Profile: C:\Users\17 ak\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-16] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-17] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-17] (Dropbox, Inc -> Dropbox, Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Fichier non signé] R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-07] (Malwarebytes Inc -> Malwarebytes) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) S4 CleanupPSvc; "C:\Program Files\AVG\TuneUp\TuneupSvc.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2019-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [195504 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [195816 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 BthAudioHF; C:\WINDOWS\System32\drivers\RtkHfp.sys [116232 2016-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-04-10] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-07] (Malwarebytes Inc -> Malwarebytes) R3 MpKsle8ce79e1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6935C044-F162-48C7-B599-02A5144DAC11}\MpKslDrv.sys [97528 2021-04-16] (Microsoft Windows -> Microsoft Corporation) R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [86632 2020-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-16 16:57 - 2021-04-16 16:59 - 000020845 _____ C:\Users\17 ak\Desktop\FRST.txt 2021-04-16 16:48 - 2021-04-16 16:47 - 000314896 _____ C:\Users\17 ak\Desktop\ZHPDiag.txt 2021-04-16 14:35 - 2021-04-16 14:40 - 000018448 _____ C:\Users\17 ak\Desktop\Fixlog.txt 2021-04-16 14:35 - 2021-04-16 06:48 - 000005459 _____ C:\Users\17 ak\Desktop\fix.txt 2021-04-16 14:04 - 2021-04-16 14:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-16 14:01 - 2021-04-16 14:26 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-16 14:01 - 2021-04-16 14:05 - 000000000 ____D C:\Users\17 ak\Desktop\Anciennes données de Firefox 2021-04-16 13:59 - 2021-04-16 14:00 - 000342598 _____ C:\Users\17 ak\Desktop\favoris_16_04_2021.html 2021-04-16 13:56 - 2021-04-16 13:57 - 000333216 _____ (Mozilla) C:\Users\17 ak\Downloads\Firefox Installer.exe 2021-04-16 06:51 - 2021-04-16 06:51 - 000000000 ____D C:\Users\17 ak\AppData\LocalLow\AMD 2021-04-15 13:40 - 2021-04-15 13:39 - 003326104 _____ (Nicolas Coolman) C:\Users\17 ak\Desktop\ZHPCleaner(1).exe 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-04-14 20:30 - 2021-04-14 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-04-14 20:29 - 2021-04-14 20:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2021-04-14 20:27 - 2021-04-14 20:27 - 001758672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-14 20:27 - 2021-04-14 20:27 - 000232760 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-14 19:00 - 2021-04-16 16:58 - 000000000 ____D C:\FRST 2021-04-14 18:16 - 2021-04-16 16:47 - 000000135 _____ C:\Users\17 2021-04-14 18:14 - 2021-04-16 16:35 - 000000872 _____ C:\Users\17 ak\Desktop\ZHPSuite.lnk 2021-04-14 18:12 - 2021-04-14 18:13 - 003468440 _____ (Nicolas Coolman) C:\Users\17 ak\Desktop\ZHPSuite.exe 2021-04-14 18:11 - 2021-04-16 16:47 - 000000000 ____D C:\Users\17 ak\AppData\Roaming\ZHP 2021-04-14 18:11 - 2021-04-15 13:40 - 000000000 ____D C:\Users\17 ak\AppData\Local\ZHP 2021-04-14 18:11 - 2021-04-14 18:11 - 000000872 _____ C:\Users\17 ak\Desktop\ZHPDiag.lnk 2021-04-14 18:09 - 2021-04-15 17:53 - 002298368 _____ (Farbar) C:\Users\17 ak\Desktop\FRST64.exe 2021-04-14 18:08 - 2021-04-14 18:08 - 003274392 _____ (Nicolas Coolman) C:\Users\17 ak\Desktop\ZHPDiag3.exe 2021-04-13 18:59 - 2021-04-13 18:59 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe 2021-04-13 18:40 - 2021-04-13 18:40 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2021-04-13 17:25 - 2021-04-13 18:58 - 000228182 _____ C:\WINDOWS\ntbtlog.txt 2021-04-12 21:42 - 2021-04-12 21:42 - 000001190 _____ C:\Users\Public\Desktop\HiBit Uninstaller.lnk 2021-04-12 21:42 - 2021-04-12 21:42 - 000000000 ____D C:\Users\17 ak\AppData\Roaming\HiBitSoftware 2021-04-12 21:42 - 2021-04-12 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiBit Uninstaller 2021-04-12 21:42 - 2021-04-12 21:42 - 000000000 ____D C:\Program Files (x86)\HiBit Uninstaller 2021-04-12 21:32 - 2021-04-12 21:32 - 000000000 ____D C:\Users\17 ak\AppData\Roaming\LibreOffice 2021-04-12 19:54 - 2021-04-13 18:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-04-12 18:04 - 2021-04-13 18:07 - 000000000 ____D C:\AVG_Remover 2021-04-11 11:02 - 2021-04-11 11:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-04-11 11:02 - 2021-04-11 11:02 - 000000000 ____D C:\Program Files\VS Revo Group 2021-04-11 08:58 - 2021-04-11 08:58 - 000000000 ____D C:\Support 2021-04-11 08:57 - 2021-04-11 08:57 - 000003800 ____H C:\appavgat.config 2021-04-10 18:13 - 2021-04-10 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2021-04-10 18:13 - 2021-04-10 18:13 - 000000000 ____D C:\Program Files\Defraggler 2021-04-10 17:53 - 2021-04-10 18:02 - 000000000 ____D C:\Users\17 ak\Documents\tech 2021-04-10 17:05 - 2021-04-10 17:05 - 000000000 ___HD C:\$AV_AVG 2021-04-10 17:02 - 2021-04-16 13:48 - 000000000 ____D C:\Program Files\CCleaner 2021-04-10 17:02 - 2021-04-10 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-04-10 15:42 - 2021-04-11 08:56 - 000000000 ____D C:\Users\17 ak\AppData\Local\D3DSCache 2021-04-10 15:34 - 2021-04-10 15:43 - 000000000 ____D C:\AdwCleaner 2021-04-10 15:10 - 2021-04-10 15:10 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-07 01:31 - 2021-04-07 01:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\17 ak\Downloads\HijackThis.exe 2021-04-07 00:32 - 2021-04-07 00:32 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-07 00:32 - 2021-04-07 00:32 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-04-07 00:32 - 2021-04-07 00:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-04-06 18:38 - 2021-04-06 18:38 - 002084016 _____ (Malwarebytes) C:\Users\17 ak\Downloads\MBSetup (1).exe 2021-04-06 13:59 - 2021-04-06 13:59 - 000055112 _____ C:\Users\17 ak\Downloads\03-04-2021-attestation-de-deplacement-derogatoire (4).pdf 2021-04-06 13:54 - 2021-04-06 13:54 - 000055112 _____ C:\Users\17 ak\Downloads\03-04-2021-attestation-de-deplacement-derogatoire (3).pdf 2021-04-06 13:53 - 2021-04-06 13:53 - 000055112 _____ C:\Users\17 ak\Downloads\03-04-2021-attestation-de-deplacement-derogatoire (2).pdf 2021-04-06 13:52 - 2021-04-06 13:52 - 000055112 _____ C:\Users\17 ak\Downloads\03-04-2021-attestation-de-deplacement-derogatoire (1).pdf 2021-04-04 18:29 - 2021-04-04 18:29 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA% 2021-04-04 12:55 - 2021-04-04 12:55 - 000031411 _____ C:\Users\17 ak\Downloads\Facture_Free_202103_15886471_1018552153.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-16 16:54 - 2019-08-12 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-16 16:49 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-16 15:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-16 15:48 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-16 14:47 - 2019-08-12 09:31 - 001924162 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-16 14:47 - 2019-03-19 14:00 - 000833170 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-16 14:47 - 2019-03-19 14:00 - 000167802 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-16 14:47 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2021-04-16 14:43 - 2019-08-12 10:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-16 14:43 - 2018-02-17 19:20 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-16 14:43 - 2018-02-17 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-16 14:42 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-04-16 14:42 - 2017-10-29 07:06 - 000065536 _____ C:\WINDOWS\psp_storage.bin 2021-04-16 14:26 - 2018-02-17 19:53 - 000000000 ____D C:\Users\17 ak\AppData\LocalLow\Mozilla 2021-04-16 14:04 - 2018-02-17 19:20 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-16 14:04 - 2018-02-17 19:20 - 000000960 _____ C:\Users\Public\Desktop\Firefox.lnk 2021-04-15 12:39 - 2018-02-21 21:07 - 000000000 ___RD C:\Users\17 ak\3D Objects 2021-04-15 12:39 - 2017-03-18 05:53 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-04-15 12:35 - 2019-08-12 09:02 - 000703168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-04-14 20:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-14 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-14 20:48 - 2018-02-19 12:22 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-14 20:47 - 2018-02-19 12:22 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-14 20:46 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-14 18:07 - 2020-06-25 17:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-12 14:32 - 2021-03-15 15:58 - 000002412 _____ C:\Users\17 ak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-12 14:32 - 2019-08-12 10:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3084453028-3729531626-3511506604-1001 2021-04-12 14:32 - 2018-01-20 15:26 - 000000000 ___RD C:\Users\17 ak\OneDrive 2021-04-11 11:58 - 2018-02-28 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-11 10:23 - 2019-12-07 17:30 - 000000000 ___HD C:\$WINDOWS.~BT 2021-04-11 10:16 - 2019-08-12 10:00 - 000100968 _____ C:\WINDOWS\diagwrn.xml 2021-04-11 10:16 - 2019-08-12 10:00 - 000100968 _____ C:\WINDOWS\diagerr.xml 2021-04-11 10:16 - 2019-07-27 00:16 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-11 08:56 - 2017-05-10 03:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-04-11 00:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration 2021-04-10 22:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-10 17:20 - 2018-02-17 19:51 - 000000000 ____D C:\Users\17 ak\AppData\Local\Google 2021-04-10 17:07 - 2021-01-25 16:11 - 000000000 ____D C:\ProgramData\Adguard 2021-04-10 17:07 - 2017-05-10 03:57 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-10 17:04 - 2017-05-10 04:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2021-04-10 17:04 - 2017-05-10 03:59 - 000000000 ____D C:\Program Files\HP 2021-04-10 17:03 - 2019-08-12 10:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2021-04-10 17:03 - 2017-05-10 03:59 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2021-04-10 17:02 - 2018-01-20 15:21 - 000000000 ____D C:\Users\17 ak\AppData\Roaming\hpqLog 2021-04-10 17:02 - 2018-01-20 15:21 - 000000000 ____D C:\Users\17 ak\AppData\Local\Hewlett-Packard 2021-04-10 16:52 - 2018-02-18 17:45 - 000000000 ____D C:\Users\17 ak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2021-04-10 16:39 - 2019-08-12 10:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-04-10 15:28 - 2019-05-23 02:45 - 000000000 ____D C:\Users\17 ak\AppData\Local\CrashDumps 2021-04-09 14:37 - 2017-10-29 07:10 - 000000000 ____D C:\ProgramData\Realtek 2021-04-09 03:59 - 2017-05-10 04:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-08 03:59 - 2020-06-25 17:46 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-08 03:59 - 2020-06-25 17:46 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-07 00:32 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-07 00:29 - 2019-02-27 23:47 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-06 23:46 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-06 18:07 - 2017-05-10 04:03 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2021-04-06 18:07 - 2017-05-10 04:03 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2021-04-04 18:16 - 2019-09-08 15:15 - 000002766 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch 2021-04-04 18:16 - 2019-08-12 10:01 - 000003740 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-04-04 18:16 - 2019-08-12 10:01 - 000003414 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-04-04 18:16 - 2019-08-12 10:01 - 000002856 _____ C:\WINDOWS\system32\Tasks\HPJumpStartLaunch 2021-04-04 18:16 - 2019-08-12 10:01 - 000002504 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS 2021-04-04 18:16 - 2019-08-12 10:01 - 000002318 _____ C:\WINDOWS\system32\Tasks\DropboxOEM 2021-04-04 18:16 - 2018-01-20 15:21 - 000000000 ____D C:\Users\17 ak\AppData\Local\ConnectedDevicesPlatform 2021-03-31 12:29 - 2018-02-22 19:18 - 000000000 ____D C:\Users\17 ak\AppData\Local\PlaceholderTileLogoFolder 2021-03-31 12:29 - 2018-02-21 20:35 - 000000000 ____D C:\Users\17 ak\AppData\Local\Packages ==================== Fichiers à la racine de certains dossiers ======== 2021-04-16 16:32 - 2021-04-16 16:33 - 000001428 _____ () C:\Users\17 ak\AppData\Local\BTServer.log ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================