Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021 Exécuté par da3 (administrateur) sur DESKTOP-H23K5HH (Hewlett-Packard HP ENVY m6 Notebook PC) (03-12-2021 17:45:11) Exécuté depuis C:\Users\da3\Downloads Profils chargés: da3 Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1387 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\SAntivirus\SAntivirusIC.exe.VIR () [Fichier non signé] C:\Program Files (x86)\SAntivirus\SAntivirusService.VIR (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe <5> (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.UI.Application.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.) [Fichier non signé] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1315228392-2020377948-2734086372-1001\...\Run: [Chromium] => "c:\users\da3\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-1315228392-2020377948-2734086372-1001\...\Run: [MicrosoftEdgeAutoLaunch_F51D801B7701735660FF3C09BAC48902] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-1315228392-2020377948-2734086372-1001\...\Run: [] => [X] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0BF35FE0-8FCE-486D-A423-EC53824D33A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.) Task: {27E5A2CB-EC78-49AD-8A02-A87FA4A13860} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.) Task: {341FC73C-7934-4A82-80A5-42AA0434BA6B} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {3948159E-53D6-4E21-AF80-35DEC9AD9FCC} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30215736 2021-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {44BE0C6E-A9D5-4C75-900A-EC2157DDE0D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.) Task: {5B12FB6E-0B5C-46BF-AB65-810340958569} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {5C04BF2C-075C-4CB5-A1A8-84BC557E5E30} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1673272 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {680C5994-27AC-4810-AE7F-87CBE281A87F} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {6AED16CF-8D6C-49B8-AD11-529865EDE85A} - System32\Tasks\HPCeeScheduleForda3 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.) Task: {78533C7D-89E0-42BA-90EB-37F6DBE2CC9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [218992 2018-01-10] (HP Inc. -> HP Inc.) Task: {9E4E5134-765D-4644-B51C-048200BBC383} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.) Task: {B08BEF36-AD62-4B2F-850D-25F7EE4FA3BA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> ) Task: {B0CFDACB-9F6F-4185-86AA-693BD1D25EF4} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [237216 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {C454561E-BFDB-4099-A719-5D3489BFB402} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.) Task: {F5C88A5C-3454-4685-9642-49C1ADCF9A90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForda3.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{23f2418c-ac02-470a-aac0-f4324483a675}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{58d4309f-7385-490f-9f70-6c0881f64e5d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge HomeButtonPage: HKU\S-1-5-21-1315228392-2020377948-2734086372-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m990320¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQJC5Wg747oLYty8zKZ5p%2FhxnpNZEvmmWa8ME1bsdcStyKSZ5NrTY7zw5u3c7al7oADBoCzQQmc2pCbxqwqvXerudcbdMibgUUzeYcIi%2FrWKziMVavPuYCi5FUC7EX0dDfnPG3%2FBg2aUgiQ8g0XrkxwZXZTp4Sr2YrGtQ%2FRZ09XWDcjpn6LTT3BlXGyqCc1XU65wTwSGfxePs0RxpXc8S8z5CC14Ktt4v%2FZwFi80xiRnYxinAdtRlU%2FsmsG7N4uoqYjbFsuYhQMcIAwe%2BEHGWVuA03Kch9%2FYZD%2BVvDKqq5AI4lWombR30DU5fgYbPRVBWlysHE3I8ew3I6xmyep%2FjCYQ%3D%3D Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\da3\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-03] Edge HomePage: Default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m990320¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQJC5Wg747oLYty8zKZ5p%2Fh0ZXI77Tz%2F9wl1GAIKMN4Zf9McuwfBrcHjWYtSsGo6xM3oq6FKaszTizt33z0A7iWHErzhNkcqhXNSX2YjD90b5cz1i5feOHMbpUSEQl7sDJiRiS%2BLsa%2BTPD5P8fzwuxD0wgW6y9Z7UAg8WyANqorlbxjh1D1dX1kkxz5%2Bzj4O37TJsM7L2fLYoh%2B7Wtq9GNxoeRVvWd2B0oDdpbHc3NYZeWhUb1zuHWTnOTw7rcxxMJAMG5hJz7kc4bHkGyHfbnUWIgATO8aLxFPcqzadME5ibargYmk%2FwaH0%2Bun732yHvsymBrEk5qXUaiD5Lc5fUgIskdTFu8KpW1%2BRFC9QxJjpk%3D Edge StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m990320¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQJC5Wg747oLYty8zKZ5p%2Fh1%2FyMDm%2BkEGxwfdntV%2FN6tRnlu4rQsQtxBJh6UhTbFRg%2F3jKlSJZP3O18fKSJeUQ8RA9P8Fk1FRA6JctN1PYpbgDAQBdvdOA3ssRuhnylmYU8IzBVas%2F8rWcXvpwjVEtrj4bZb086sVkVvyYt5O07oB1sbwnLrd%2FgqT9yFqWaAun0o0BLnZ4EqK6g%2BM0Xp6TXKq0%2BPFoZ8eJOkafZFxOn8fGTWAbQSjKmHJfURTGGoWBQEZHBDkjf9OaDjKc37zXSBy%2BptUdBPyp04WHjkjq%2BXI2Ld3iaubJ0%2BV7L%2FiM1c0v%2B7yOudc8eD48AaKz5oAhXNSZHBG9fdbsSMl%2FH5D0dPk%3D" Edge DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m990320¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQJC5Wg747oLYty8zKZ5p%2Fh1%2FyMDm%2BkEGxwfdntV%2FN6tS%2FqdyP%2FaiagyDe5yvRbsS9WUYrvEPoMdA0biRU7zCk2OuDDfcuYTq1iI2rXsG2OLlvoh4seIZDCbxwjbO5JLeRqkk391chR0os%2FUZEVBijqmpT0fTPLB%2FbWlxrXFTrLeQ7lDqXxag6Fq9AwmXA6%2BbBYbr14PNDU4SuY4iwZe5p%2F9fqaq50Yr9HriloCerGC2Ad0xzCNUWgUE7nqbaF%2F1ntZtTdWomNDO%2FwidGZXoxRbgi%2FMj7BSgxUkVdcBCbDKYD0mTdJJyNu9%2BcBK28TsGvU%2FYxzswIP54m%2B2DirL4At0Q%3D%3D&p={searchTerms} Edge DefaultSearchKeyword: Default -> search.yahoo.com Edge DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms} Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2998096 2021-11-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [275320 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [273536 2021-11-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc. -> HP Inc.) R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.) S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (IDT, Inc.) [Fichier non signé] R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [35328 2013-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Validity Sensors, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SAntivirusIC; C:\Program Files (x86)\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION R2 SAntivirusSvc; C:\Program Files (x86)\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.) R1 SANTIVIRUSKD; C:\Program Files (x86)\SAntivirus\SAntivirusKD.sys [90096 2020-01-15] (Accès refusé) [Fichier non signé] <==== ATTENTION S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-11] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-03 17:45 - 2021-12-03 17:46 - 000020170 _____ C:\Users\da3\Downloads\FRST.txt 2021-12-02 21:09 - 2021-12-02 21:35 - 000262775 _____ C:\Users\da3\Desktop\ZHPDiag.txt 2021-12-02 21:09 - 2021-12-02 21:09 - 000323391 _____ C:\Users\da3\Desktop\ZHPDiag.html 2021-12-02 21:02 - 2021-12-02 21:18 - 000000864 _____ C:\Users\da3\Desktop\ZHPSuite.lnk 2021-12-02 21:01 - 2021-12-02 20:59 - 003477656 _____ (Nicolas Coolman) C:\Users\da3\Desktop\ZHPSuite.exe 2021-12-02 20:44 - 2021-12-03 17:45 - 000000000 ____D C:\FRST 2021-12-02 20:44 - 2021-12-02 20:44 - 000000000 ____D C:\Users\da3\Downloads\FRST-OlderVersion 2021-12-02 20:43 - 2021-12-02 20:44 - 002311680 _____ (Farbar) C:\Users\da3\Downloads\FRST64-2.1.exe 2021-12-02 18:05 - 2021-12-02 18:05 - 007511448 _____ (VS Revo Group ) C:\Users\da3\Downloads\revosetup-2.3.5.exe 2021-12-02 18:00 - 2021-12-02 18:01 - 007746848 _____ (EnigmaSoft Limited) C:\Users\da3\Downloads\SpyHunter-Installer.exe 2021-12-01 14:36 - 2021-12-01 14:36 - 000011785 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-12-01 14:35 - 2021-12-01 14:35 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-12-01 14:29 - 2021-12-02 18:06 - 000001080 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2021-12-01 14:29 - 2021-12-02 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-12-01 14:29 - 2021-12-01 14:29 - 000000000 ____D C:\Program Files\VS Revo Group 2021-12-01 14:28 - 2021-12-01 14:28 - 007511448 _____ (VS Revo Group ) C:\Users\da3\Downloads\revosetup.exe 2021-12-01 14:20 - 2021-12-01 14:20 - 000000000 ___HD C:\$WinREAgent 2021-12-01 14:08 - 2021-12-01 14:08 - 008540344 _____ (Malwarebytes) C:\Users\da3\Downloads\adwcleaner_8.3.1.exe 2021-12-01 13:14 - 2021-12-01 13:14 - 000000000 ____D C:\Users\Public\Security Sessions 2021-12-01 13:12 - 2021-12-01 13:12 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray 2021-12-01 13:12 - 2021-12-01 13:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2021-12-01 13:12 - 2021-10-22 08:45 - 000209088 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2021-12-01 13:12 - 2021-06-25 13:59 - 000022848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys 2021-12-01 13:12 - 2021-02-09 18:03 - 000199312 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2021-12-01 13:12 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2021-12-01 13:12 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2021-12-01 13:12 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2021-12-01 13:12 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2021-12-01 13:06 - 2021-12-01 13:06 - 000003778 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate 2021-12-01 13:06 - 2021-12-01 13:06 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter 2021-12-01 13:06 - 2021-12-01 13:06 - 000000000 ____D C:\Users\Public\Speedup Sessions 2021-12-01 13:06 - 2021-12-01 13:06 - 000000000 ____D C:\Users\da3\AppData\Local\Avira 2021-12-01 13:05 - 2021-12-01 13:12 - 000000000 ____D C:\Program Files (x86)\Avira 2021-12-01 13:05 - 2021-12-01 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2021-12-01 13:05 - 2021-12-01 13:05 - 000003636 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2021-12-01 13:05 - 2021-12-01 13:05 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2021-12-01 13:05 - 2021-12-01 13:05 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2021-12-01 13:05 - 2021-12-01 13:05 - 000001155 _____ C:\Users\Public\Desktop\Avira.lnk 2021-12-01 12:59 - 2021-12-01 13:14 - 000000000 ____D C:\ProgramData\Avira 2021-12-01 11:57 - 2021-12-01 11:57 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-12-01 11:56 - 2021-12-01 11:56 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-12-01 11:56 - 2021-12-01 11:56 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-12-01 11:55 - 2021-12-01 11:55 - 006043152 _____ (Avira Operations GmbH & Co. KG) C:\Users\da3\Downloads\avira_fr_sptl1_5275778-1638355933__phpws.exe 2021-12-01 11:55 - 2021-12-01 11:55 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-12-01 11:55 - 2021-12-01 11:55 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-12-01 11:55 - 2021-12-01 11:55 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-12-01 11:55 - 2021-12-01 11:55 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-12-01 11:55 - 2021-12-01 11:55 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-12-01 11:55 - 2021-12-01 11:55 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-12-01 11:55 - 2021-12-01 11:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-12-01 11:54 - 2021-12-01 11:54 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-12-01 11:54 - 2021-12-01 11:54 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-12-01 11:54 - 2021-12-01 11:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-12-01 11:54 - 2021-12-01 11:54 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-12-01 11:43 - 2021-12-01 11:43 - 000001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-12-01 11:43 - 2021-12-01 11:43 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-12-01 09:50 - 2021-12-01 12:54 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForda3.job 2021-12-01 09:50 - 2021-12-01 09:50 - 000003240 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForda3 2021-11-27 14:27 - 2021-11-27 14:30 - 000000000 ____D C:\alogiciels ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-12-03 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-03 17:32 - 2020-01-15 21:05 - 000000000 ____D C:\Program Files (x86)\SAntivirus 2021-12-03 17:23 - 2021-05-02 23:46 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-03 17:23 - 2019-12-07 15:49 - 000756416 _____ C:\WINDOWS\system32\perfh00C.dat 2021-12-03 17:23 - 2019-12-07 15:49 - 000142186 _____ C:\WINDOWS\system32\perfc00C.dat 2021-12-03 17:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-03 17:16 - 2021-05-03 00:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-03 17:16 - 2017-01-16 18:14 - 000000000 __SHD C:\Users\da3\IntelGraphicsProfiles 2021-12-03 07:56 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-12-02 21:35 - 2017-05-26 19:23 - 000000000 ____D C:\Users\da3\AppData\Roaming\ZHP 2021-12-02 21:26 - 2021-05-02 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-02 21:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-02 21:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-02 21:17 - 2021-05-02 23:37 - 000000000 ____D C:\Users\da3 2021-12-02 21:13 - 2018-08-05 12:54 - 000000000 ____D C:\ProgramData\Packages 2021-12-02 21:13 - 2017-11-24 04:21 - 000000000 ____D C:\Users\da3\AppData\Local\Packages 2021-12-02 21:02 - 2017-05-26 19:23 - 000000000 ____D C:\Users\da3\AppData\Local\ZHP 2021-12-02 20:28 - 2021-05-02 23:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-02 20:28 - 2021-05-02 23:34 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-12-02 17:36 - 2020-01-15 21:04 - 000000000 ____D C:\ProgramData\ajfxq 2021-12-02 17:10 - 2021-05-02 23:27 - 000496928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-12-02 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-12-02 07:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-12-01 13:49 - 2018-08-05 13:40 - 000000000 ____D C:\AdwCleaner 2021-12-01 13:34 - 2020-01-15 21:06 - 000000000 ____D C:\Users\da3\AppData\Local\chromium 2021-12-01 13:12 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-12-01 12:01 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-12-01 12:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-12-01 12:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-12-01 12:00 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-12-01 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-12-01 11:45 - 2020-12-31 20:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-12-01 11:45 - 2017-01-16 17:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-12-01 11:43 - 2017-01-16 17:51 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-12-01 09:26 - 2021-05-03 00:26 - 000000000 ____D C:\Windows.old 2021-12-01 09:24 - 2021-05-03 02:43 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-01 09:24 - 2021-05-03 02:43 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73fa54b4911 ==================== Fichiers à la racine de certains dossiers ======== 2017-01-17 21:50 - 2017-01-18 17:22 - 000000285 _____ () C:\Users\da3\AppData\Roaming\burnaware.ini 2020-04-25 18:38 - 2020-04-25 18:38 - 000164786 _____ () C:\Users\da3\AppData\Roaming\Ladeceredike 2020-05-15 20:38 - 2020-05-15 20:38 - 000303924 _____ () C:\Users\da3\AppData\Roaming\Padotu 2020-02-13 20:38 - 2020-06-04 20:41 - 000000317 _____ () C:\Users\da3\AppData\Roaming\WB.CFG ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================