Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022 Exécuté par sabri (administrateur) sur LAPTOP-NLU7REIO (Acer Aspire A317-51K) (17-01-2022 11:21:45) Exécuté depuis C:\Users\sabri\Downloads Profils chargés: sabri Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6fa21db95a1cf8ea\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6fa21db95a1cf8ea\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\identity_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14701.20262.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [868128 2019-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-02] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-03] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3894552 2022-01-15] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-215458350-3399390645-2663961020-1001\...\Run: [MicrosoftEdgeAutoLaunch_DEF08DD2D92F84109DD6FF56687EFCA8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [342232 2015-07-03] (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-12-19] ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {063A8100-9116-423A-B1ED-AB795E22E484} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2019-04-22] (Acer Incorporated -> Acer Incorporated) Task: {13386803-2EB8-4491-8C84-1DBF9FE46AE0} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION Task: {181FEE32-AD54-4267-9A8D-C8069B7103B6} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41776 2019-04-22] (Acer Incorporated -> ) Task: {1F0E079A-6ED3-4625-91C5-E91D93225D78} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447296 2019-02-21] (Acer Incorporated -> Acer Incorporated) Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\ACC" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\ACCAgent" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\ACCBackgroundApplication" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AcerCMUpdateTask2.1.16258" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\App Explorer" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - sabri" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-215458350-3399390645-2663961020-1001" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-220965142-751867435-1858797097-500" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Power Button" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Quick Access" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Software Update Application" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\UEIPInvitation" /ENABLE Task: {32912DF8-B9CB-483D-AB8E-47CF156E5C6F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {38E93C5F-A604-4CB5-A6C5-8A8DF7394F38} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4760344 2021-12-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 5d196af1-6e59-4394-b089-44f7f63cdd61 Task: {52675381-61C8-46AB-BA30-30739E0EB29C} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer) Task: {55F8A9D8-0DE4-4E6C-B928-30425B5A2BF2} - System32\Tasks\App Explorer => C:\Users\sabri\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe /LOGON (Pas de fichier) <==== ATTENTION Task: {58DEFE7B-9A11-4738-B769-08EB8AC9131B} - \Microsoft\Windows\Setup\SetupCleanupTask -> Pas de fichier <==== ATTENTION Task: {72B0D2E6-2318-4EAF-A113-C8A14EC95F59} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat (Pas de fichier) Task: {8B85D2C7-DFA8-40F5-9CC1-753BA54FA754} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {97AF26DA-F36E-4D16-8F81-B8E63E6294A0} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2021-12-16] (Avast Software s.r.o. -> Avast Software) Task: {9C05FFF2-8F9C-4B49-BDD6-E39017643F43} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-09-13] (Avast Software s.r.o. -> Avast Software) Task: {ACB8A156-94A3-41E5-9F6C-E27C1A4EE5D2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6475544 2021-12-14] (Avast Software s.r.o. -> Avast Software) Task: {AE30099F-04D7-4055-BBE6-0DEBFD499792} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4794672 2019-04-22] (Acer Incorporated -> ) Task: {B04FA292-6F25-4CE2-9354-71EB1B385BDD} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4760344 2022-01-15] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 61572e08-48fe-44f9-9d89-6bc9b7443c12 Task: {C5B60384-13E1-4523-B851-B75B9EC9F0EA} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2018-12-17] (Acer Incorporated -> Acer Incorporated) Task: {CE8F7927-6695-469D-A651-FBE5D4551BE2} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1226520 2021-12-18] (Avast Software s.r.o. -> AVAST Software) Task: {E63CF34B-93B2-4DDE-B040-1D8532EF548B} - \UbtFrameworkService -> Pas de fichier <==== ATTENTION Task: {ED1BFE16-494E-4C64-B7F9-EB64ABC4270B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-27] (Avast Software s.r.o. -> AVAST Software) Task: {F0E96B75-0D4E-45D5-A17B-AA25EF68B677} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2935088 2019-04-22] (Acer Incorporated -> ) Task: {F5AF6E4F-A26E-493C-A71B-3E620142B809} - \Microsoft\Windows\Speech\HeadsetButtonPress -> Pas de fichier <==== ATTENTION Task: {FC5D58EF-DB06-4255-93C9-4AF4DCFD072A} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770752 2019-02-21] (Acer Incorporated -> Acer Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{165596bb-0084-48cb-b3f7-7c8b9590b38b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4f7702b6-84a0-4b47-8ecc-f09916f6539f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{74e1a1ad-8738-46eb-8c26-cee5cf0ab6d2}: [NameServer] 100.120.240.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\sabri\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-17] Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\sabri\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-15] Chrome: ======= CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300336 2019-04-22] (Acer Incorporated -> Acer Incorporated) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1720088 2021-12-03] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-03] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-13] (Avast Software s.r.o. -> AVAST Software) R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13745432 2022-01-15] (Avast Software s.r.o. -> AVAST Software) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-15] (Malwarebytes Inc -> Malwarebytes) S4 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465728 2019-02-21] (Acer Incorporated -> Acer Incorporated) R4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [523584 2019-02-21] (Acer Incorporated -> Acer Incorporated) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9210136 2021-12-18] (Avast Software s.r.o. -> AVAST Software) S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-17] (Acer Incorporated -> Acer Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-27] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-27] (Avast Software s.r.o. -> AVAST Software) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [53904 2021-10-22] (AVAST Software s.r.o. -> The OpenVPN Project) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-27] (Avast Software s.r.o. -> AVAST Software) S3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [56960 2021-10-22] (Avast Software s.r.o. -> Avast Software) R3 aswWintun; C:\Windows\System32\drivers\aswWintun.sys [37104 2021-10-22] (Avast Software s.r.o. -> WireGuard LLC) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-07-31] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2022-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2022-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2022-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-01-15] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2022-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-17 11:18 - 2022-01-17 11:22 - 000022287 _____ C:\Users\sabri\Downloads\FRST.txt 2022-01-17 11:17 - 2022-01-17 11:22 - 000000000 ____D C:\FRST 2022-01-17 11:17 - 2022-01-17 11:17 - 002311680 _____ (Farbar) C:\Users\sabri\Downloads\FRST64.exe 2022-01-17 10:53 - 2022-01-17 10:53 - 000262553 _____ C:\Users\sabri\OneDrive\Documents\ZHPDiag.txt 2022-01-16 11:26 - 2022-01-16 11:36 - 000000000 ____D C:\Users\sabri\AppData\Roaming\ZHP 2022-01-16 11:25 - 2022-01-16 11:25 - 003283608 _____ (Nicolas Coolman) C:\Users\sabri\Downloads\ZHPDiag3.exe 2022-01-16 11:24 - 2022-01-16 11:24 - 000000000 ____D C:\Users\sabri\AppData\Local\ZHP 2022-01-16 11:13 - 2022-01-16 11:13 - 000000000 ___HD C:\$WinREAgent 2022-01-15 17:42 - 2022-01-15 17:42 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys.164226494931201 2022-01-15 17:38 - 2022-01-15 17:38 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2022-01-15 17:38 - 2022-01-15 17:38 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2022-01-15 17:38 - 2022-01-15 17:38 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2022-01-15 17:37 - 2022-01-15 17:37 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-01-15 17:37 - 2022-01-15 17:37 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-01-15 17:37 - 2022-01-15 17:37 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-01-15 17:37 - 2022-01-15 17:37 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2022-01-15 17:37 - 2022-01-15 17:37 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-01-15 17:35 - 2022-01-15 17:35 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-01-15 17:34 - 2022-01-15 17:34 - 002910904 _____ (Malwarebytes) C:\Users\sabri\Downloads\malwarebytes_4-5-0_fr_215092.exe 2022-01-15 17:16 - 2022-01-15 17:16 - 000002129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk 2022-01-15 17:16 - 2022-01-15 17:16 - 000000000 ____D C:\Windows\system32\gf2engine 2022-01-15 16:51 - 2022-01-15 17:30 - 000000000 ____D C:\ProgramData\SecTaskMan 2022-01-15 16:51 - 2022-01-15 16:51 - 003029920 _____ C:\Users\sabri\Downloads\SecurityTaskManager_Setup.exe 2022-01-15 16:46 - 2022-01-15 16:46 - 000003004 _____ C:\Windows\system32\Tasks\FUB 2022-01-15 16:40 - 2021-12-27 10:30 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2022-01-13 12:41 - 2022-01-13 12:41 - 000524768 _____ C:\Users\sabri\OneDrive\Documents\feuille de soins.pdf 2022-01-13 12:41 - 2022-01-13 12:41 - 000348772 _____ C:\Users\sabri\OneDrive\Documents\facture.pdf 2022-01-03 20:43 - 2022-01-03 20:43 - 000039728 _____ C:\Users\sabri\Downloads\attestation-nicolas-brigitte.pdf 2021-12-27 15:03 - 2021-12-27 15:03 - 000090181 _____ C:\Users\sabri\Downloads\CalendrierPaiement-1.pdf 2021-12-27 14:53 - 2021-12-27 14:53 - 000090181 _____ C:\Users\sabri\Downloads\CalendrierPaiement (1).pdf 2021-12-27 10:30 - 2021-12-27 10:30 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2021-12-27 10:30 - 2021-12-27 10:30 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys 2021-12-26 13:19 - 2021-12-26 13:19 - 000383799 _____ C:\Users\sabri\Downloads\Facture.pdf 2021-12-26 13:09 - 2021-12-26 13:09 - 000014439 _____ C:\Users\sabri\Downloads\CA20211226_130944.xlsx 2021-12-26 10:59 - 2021-12-26 10:59 - 000003860 _____ C:\Users\sabri\Downloads\CA20211226_105916.xlsx 2021-12-26 10:54 - 2021-12-26 10:54 - 000003861 _____ C:\Users\sabri\Downloads\CA20211226_105444.xlsx 2021-12-24 11:03 - 2021-12-24 11:03 - 000113232 _____ C:\Users\sabri\Downloads\Colissimo_23-12-2021-1.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-17 11:17 - 2021-08-30 16:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-17 10:47 - 2021-09-13 13:17 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-01-17 10:44 - 2021-08-30 18:13 - 000000000 __SHD C:\Users\sabri\IntelGraphicsProfiles 2022-01-15 18:04 - 2021-09-17 16:21 - 000003912 _____ C:\Windows\system32\Tasks\ACCAgent 2022-01-15 18:04 - 2021-09-17 16:21 - 000002790 _____ C:\Windows\system32\Tasks\ACC 2022-01-15 18:04 - 2021-09-17 16:21 - 000002388 _____ C:\Windows\system32\Tasks\ACCBackgroundApplication 2022-01-15 18:04 - 2021-09-17 16:21 - 000002356 _____ C:\Windows\system32\Tasks\Power Button 2022-01-15 18:04 - 2021-09-17 16:21 - 000002282 _____ C:\Windows\system32\Tasks\Quick Access 2022-01-15 17:46 - 2021-09-17 16:21 - 000004362 _____ C:\Windows\system32\Tasks\Software Update Application 2022-01-15 17:46 - 2021-09-13 13:06 - 000003752 _____ C:\Windows\system32\Tasks\AcerCMUpdateTask2.1.16258 2022-01-15 17:37 - 2021-08-30 16:03 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-01-15 17:35 - 2021-11-03 10:20 - 000000000 ____D C:\Program Files\Malwarebytes 2022-01-15 17:25 - 2021-08-30 16:03 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-15 17:25 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\AppReadiness 2022-01-15 17:18 - 2021-08-30 18:41 - 000000000 ___HD C:\OEM 2022-01-15 17:18 - 2021-08-30 17:56 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-01-15 17:18 - 2021-08-30 16:10 - 000000000 ____D C:\Windows\Panther 2022-01-15 17:18 - 2021-08-30 16:02 - 000000000 ____D C:\Windows\INF 2022-01-15 17:18 - 2019-06-19 09:51 - 000000000 ____D C:\ProgramData\install_clap 2022-01-15 17:16 - 2021-09-13 13:19 - 000000000 ____D C:\Users\sabri\AppData\Roaming\Avast Software 2022-01-15 17:16 - 2021-09-13 13:17 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2022-01-15 17:15 - 2021-09-13 13:15 - 000000000 ____D C:\ProgramData\Avast Software 2022-01-15 17:15 - 2021-09-13 13:15 - 000000000 ____D C:\Program Files\Avast Software 2022-01-15 16:47 - 2021-08-30 18:10 - 001772722 _____ C:\Windows\system32\PerfStringBackup.INI 2022-01-15 16:47 - 2021-08-30 16:06 - 000792858 _____ C:\Windows\system32\perfh00C.dat 2022-01-15 16:47 - 2021-08-30 16:06 - 000149988 _____ C:\Windows\system32\perfc00C.dat 2022-01-15 16:44 - 2021-08-30 17:56 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-15 16:42 - 2021-12-12 11:03 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-215458350-3399390645-2663961020-1001 2022-01-15 16:42 - 2021-08-30 18:15 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-215458350-3399390645-2663961020-1001 2022-01-15 16:42 - 2021-08-30 18:15 - 000000000 ___RD C:\Users\sabri\OneDrive 2022-01-15 16:42 - 2021-08-30 18:10 - 000002421 _____ C:\Users\sabri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-15 16:41 - 2021-08-30 18:10 - 000000000 ____D C:\Users\sabri 2022-01-15 16:41 - 2021-08-30 15:57 - 000032768 _____ C:\Windows\system32\config\ELAM 2022-01-15 16:40 - 2021-10-22 10:08 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update 2022-01-15 16:40 - 2021-08-30 17:56 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-15 16:40 - 2021-08-30 17:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-01-15 16:40 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\ServiceState 2022-01-15 16:40 - 2021-08-30 15:58 - 000000000 ____D C:\Windows\CbsTemp 2022-01-15 12:28 - 2021-11-03 09:53 - 000000000 ___HD C:\$SysReset 2022-01-15 12:28 - 2021-08-30 16:06 - 000000000 ____D C:\Windows\SysWOW64\fr 2022-01-15 12:28 - 2021-08-30 16:06 - 000000000 ____D C:\Windows\system32\OpenSSH 2022-01-15 12:28 - 2021-08-30 16:06 - 000000000 ____D C:\Windows\system32\fr 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\SysWOW64\F12 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\system32\UNP 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\system32\F12 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\system32\dsc 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___RD C:\Windows\PrintDialog 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\setup 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\oobe 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\InstallShield 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\downlevel 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\Com 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\SystemResources 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\WinMetadata 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\Sysprep 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\ShellExperiences 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\setup 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\oobe 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\migwiz 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\Keywords 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\ias 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\downlevel 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\Dism 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\Com 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\ShellExperiences 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\ShellComponents 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\IME 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\Containers 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\bcastdvr 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files\Windows Portable Devices 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files\Common Files\System 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-01-15 12:28 - 2021-08-30 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2022-01-15 12:28 - 2021-08-30 15:57 - 000000000 ____D C:\Windows\servicing 2022-01-15 12:23 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\registration 2022-01-15 12:09 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\system32\NDF 2022-01-15 11:02 - 2021-11-15 13:04 - 000001575 _____ C:\Windows\system32\config\VSMIDK 2022-01-14 11:07 - 2021-09-17 15:17 - 000000000 ____D C:\Windows\system32\MRT 2022-01-13 12:36 - 2021-08-30 18:16 - 000000000 ____D C:\Users\sabri\OneDrive\Documents\Scanned Documents 2022-01-03 20:25 - 2021-08-30 18:13 - 000000000 ____D C:\Users\sabri\AppData\Local\Packages 2022-01-01 20:47 - 2021-08-30 18:15 - 000000000 ____D C:\Users\sabri\AppData\Local\PlaceholderTileLogoFolder 2022-01-01 20:02 - 2021-08-30 16:03 - 000000000 ____D C:\Windows\LiveKernelReports 2021-12-27 10:30 - 2021-09-13 13:17 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2021-12-27 10:30 - 2021-09-13 13:17 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2021-12-26 13:01 - 2021-11-09 17:00 - 000000000 ____D C:\Users\sabri\AppData\Local\CrashDumps 2021-12-18 21:57 - 2021-08-30 15:57 - 000786432 _____ C:\Windows\system32\config\BBI ==================== Fichiers à la racine de certains dossiers ======== 2021-10-30 21:48 - 2021-10-30 21:48 - 000007598 _____ () C:\Users\sabri\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================