Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2022 Exécuté par SJPF (administrateur) sur ELSA (Dell Inc. Inspiron N5030) (24-05-2022 19:46:22) Exécuté depuis C:\Users\SJPF\Downloads Profils chargés: SJPF Plate-forme: Microsoft Windows 7 Édition Familiale Premium (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3> (C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe (C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe ->) (Dell Inc -> SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistUI.exe (C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe (C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Mozilla Firefox\firefox.exe ->) (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\SJPF\Downloads\ZHPSuite(1).exe (Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Dell Inc -> SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (explorer.exe ->) (Dell Inc -> Dell Inc.) [Fichier non signé] C:\Program Files\Dell\QuickSet\quickset.exe (explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (Stardock Corporation -> Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (services.exe ->) (Absolute Software Corp. -> Absolute Software) [Fichier non signé] C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe (services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (services.exe ->) (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Inc -> SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe (services.exe ->) (Stardock Corporation) [Fichier non signé] C:\Program Files\Dell\DellDock\DockLogin.exe (Sonic Solutions -> ) C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-15] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3200672 2010-06-30] (Dell Inc -> Dell Inc.) [Fichier non signé] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-12] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) [Fichier non signé] HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] (Sonic Solutions -> ) HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (Pas de fichier) HKLM-x32\...\Run: [Absolute Notifier] => C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe [85672 2011-05-10] (Absolute Software Corp. -> Absolute Software) [Fichier non signé] HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2022668162-3722383456-3290056581-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd -> DT Soft Ltd) HKU\S-1-5-21-2022668162-3722383456-3290056581-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (Pas de fichier) HKU\S-1-5-21-2022668162-3722383456-3290056581-1000\...\MountPoints2: E - E:\AutoLaunch.exe HKU\S-1-5-21-2022668162-3722383456-3290056581-1000\...\MountPoints2: {645cbad0-6630-11e3-b951-180373525c1b} - E:\AutoLaunch.exe HKU\S-1-5-21-2022668162-3722383456-3290056581-1000\...\MountPoints2: {e2b8bc27-0fd0-11e1-b3b1-180373525c1b} - F:\SETUP.EXE HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Print\Monitors\EPSON SX430 Series 64MonitorBE: C:\Windows\system32\E_ILMHAE.DLL [120320 2016-12-16] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [755744 2013-02-08] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10672.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-14] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-06-02] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation -> Stardock Corporation) Startup: C:\Users\SJPF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-07-14] ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation -> Stardock Corporation) Startup: C:\Users\SJPF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2014-08-15] ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {16AAA521-4984-4CD6-9590-1F49F59FA6D9} - System32\Tasks\{8A30B0ED-2C8C-4D20-9471-EE96B05DD225} => C:\Windows\system32\pcalua.exe -a C:\Users\SJPF\Downloads\eMule0.50a-Installer.exe -d C:\Users\SJPF\Downloads Task: {31F29E4C-2FB4-487F-80D0-BE964CE5421D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software) Task: {4555E52A-11E0-4114-A8E3-35516A0B6889} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {613647C3-707B-4337-928A-339F576A7D50} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier) Task: {65EF615A-C57F-465D-8A00-33ABCCE70948} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-12] (Avast Software s.r.o. -> AVAST Software) Task: {69CA9F5E-9022-4E62-9B2B-FFD9CFFBFC13} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {726B1679-3DFC-4BD5-A740-4E90AC1C17ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {A44AB1BE-11D2-4700-9E8A-22DC3F62169D} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5422112 2013-02-08] (Hewlett Packard -> Hewlett-Packard Co.) Task: {AA8A10DC-07B0-440D-B576-A9D0D544EC5C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [26072 2019-11-23] (Dell Inc. -> Dell Inc.) Task: {B2D459AF-1E26-42DA-9593-09DAED572B45} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Task: {FCF6E9D3-A1CD-499B-9E8B-D47BAEB9C98C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1CECA3C7-8544-4A0D-AD7F-C5B6E56C03F7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A869485E-C980-4F52-8D55-C21D9828C0C0}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\SJPF\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-24] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\SJPF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-24] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 2vjlqlx4.default FF ProfilePath: C:\Users\SJPF\AppData\Roaming\Mozilla\Firefox\Profiles\2vjlqlx4.default [2022-05-24] FF Notifications: Mozilla\Firefox\Profiles\2vjlqlx4.default -> hxxps://graindemalice.by.wonderpush.com; hxxps://www.facebook.com FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\SJPF\AppData\Roaming\Mozilla\Firefox\Profiles\2vjlqlx4.default\Extensions\sp@avast.com.xpi [2022-02-06] FF Extension: (Avast Online Security & Privacy) - C:\Users\SJPF\AppData\Roaming\Mozilla\Firefox\Profiles\2vjlqlx4.default\Extensions\wrc@avast.com.xpi [2022-05-03] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\SJPF\AppData\Roaming\Mozilla\Firefox\Profiles\2vjlqlx4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-05-24] FF SearchPlugin: C:\Users\SJPF\AppData\Roaming\Mozilla\Firefox\Profiles\2vjlqlx4.default\searchplugins\google-avast.xml [2017-05-23] FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [Pas de fichier] FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\SJPF\AppData\Local\Google\Chrome\User Data\Default [2022-05-24] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\SJPF\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-05-23] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\SJPF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AbsoluteNotifier; C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [10920 2011-05-10] (Absolute Software Corp. -> Absolute Software) [Fichier non signé] R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-12] (Avast Software s.r.o. -> AVAST Software) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2019-12-23] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> ) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2022-05-24] (Malwarebytes Inc -> Malwarebytes) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] (CyberLink -> ) R2 SftService; c:\program files (x86)\dell datasafe local backup\sftservice.EXE [1692480 2011-08-18] (Dell Inc -> SoftThinks SAS) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-23] (Dell Inc. -> Dell Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [908672 2013-01-27] (Microsoft Windows Hardware Compatibility Publisher -> ITE Technologies) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35680 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-21] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-04-12] (Avast Software s.r.o. -> AVAST Software) R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2374656 2010-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [172704 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2019-10-09] (Techporch Incorporated -> Dell Inc.) S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [32568 2017-04-11] (Techporch Incorporated -> Dell Computer Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-16] (DT Soft Ltd -> DT Soft Ltd) S3 massfilter; C:\Windows\System32\DRIVERS\massfilter.sys [11776 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2022-05-24] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2022-05-24] (Malwarebytes Inc -> Malwarebytes) S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-24 19:40 - 2022-05-24 19:40 - 000379966 _____ C:\Users\SJPF\Desktop\ZHPDiag.html 2022-05-24 19:20 - 2022-05-24 19:20 - 003483336 _____ (Nicolas Coolman) C:\Users\SJPF\Downloads\ZHPSuite(1).exe 2022-05-24 18:29 - 2022-05-24 18:29 - 000001747 _____ C:\Users\SJPF\Desktop\MBAM.txt 2022-05-24 17:50 - 2022-05-24 17:50 - 002546400 _____ (Malwarebytes) C:\Users\SJPF\Downloads\MBSetup(3).exe 2022-05-24 17:47 - 2022-05-24 17:47 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-05-24 17:47 - 2022-05-24 17:47 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-05-24 17:43 - 2022-05-24 17:43 - 000000000 ____D C:\Users\SJPF\AppData\Local\mbam 2022-05-24 17:42 - 2022-05-24 17:47 - 000001922 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-05-24 17:42 - 2022-05-24 17:47 - 000001910 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-05-24 17:41 - 2022-05-24 17:39 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-05-24 17:36 - 2022-05-24 17:37 - 210366080 _____ (Malwarebytes) C:\Users\SJPF\Downloads\mb4-setup-consumer-4.3.0.218-1.0.1273-1.0.39721.exe 2022-05-24 17:35 - 2022-05-24 17:35 - 002546400 _____ (Malwarebytes) C:\Users\SJPF\Downloads\MBSetup(2).exe 2022-05-24 17:21 - 2022-05-24 17:21 - 000002380 _____ C:\Users\SJPF\Desktop\AdwCleaner[C00].txt 2022-05-24 17:15 - 2022-05-24 17:20 - 000000000 ____D C:\AdwCleaner 2022-05-24 17:15 - 2022-05-24 17:15 - 008551608 _____ (Malwarebytes) C:\Users\SJPF\Downloads\adwcleaner_8.3.2.exe 2022-05-24 14:41 - 2022-05-24 14:41 - 000014721 _____ C:\Users\SJPF\Desktop\ZHPCleaner (R).txt 2022-05-24 14:37 - 2022-05-24 14:37 - 000014649 _____ C:\Users\SJPF\Desktop\ZHPCleaner (S).txt 2022-05-24 14:08 - 2022-05-24 14:08 - 003296968 _____ (Nicolas Coolman) C:\Users\SJPF\Downloads\ZHPCleaner(1).exe 2022-05-24 11:52 - 2022-05-24 11:52 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-05-24 11:52 - 2022-05-24 11:52 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-05-24 11:50 - 2022-05-24 11:50 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-05-24 11:50 - 2022-05-24 11:50 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-05-24 11:19 - 2022-05-24 11:19 - 000000085 _____ C:\Windows\wininit.ini 2022-05-24 10:43 - 2022-05-24 10:43 - 000000000 ____D C:\Users\SJPF\Downloads\Wub(3) 2022-05-24 10:42 - 2022-05-24 10:42 - 001035973 _____ C:\Users\SJPF\Downloads\Wub(3).zip 2022-05-24 10:42 - 2022-05-24 10:42 - 001035973 _____ C:\Users\SJPF\Downloads\Wub(2).zip 2022-05-24 10:40 - 2022-05-24 10:40 - 001035973 _____ C:\Users\SJPF\Downloads\Wub(1).zip 2022-05-24 10:39 - 2022-05-24 10:39 - 001035973 _____ C:\Users\SJPF\Downloads\Wub.zip 2022-05-23 19:23 - 2022-05-23 19:23 - 000042877 _____ C:\Users\SJPF\Desktop\FRST.txt 2022-05-23 19:22 - 2022-05-23 19:22 - 000064292 _____ C:\Users\SJPF\Desktop\Shortcut.txt 2022-05-23 19:22 - 2022-05-23 19:22 - 000039475 _____ C:\Users\SJPF\Desktop\Addition.txt 2022-05-23 19:21 - 2022-05-23 19:21 - 000064289 _____ C:\Users\SJPF\Downloads\Shortcut.txt 2022-05-23 19:12 - 2022-05-23 19:21 - 000039472 _____ C:\Users\SJPF\Downloads\Addition.txt 2022-05-23 19:01 - 2022-05-24 19:48 - 000026005 _____ C:\Users\SJPF\Downloads\FRST.txt 2022-05-23 19:01 - 2022-05-24 19:47 - 000000000 ____D C:\FRST 2022-05-23 19:00 - 2022-05-23 19:00 - 002367488 _____ (Farbar) C:\Users\SJPF\Downloads\FRST64.exe 2022-05-23 18:56 - 2022-05-24 19:40 - 000311362 _____ C:\Users\Public\Desktop\ZHPDiag.txt 2022-05-23 18:31 - 2022-05-23 18:31 - 003483336 _____ (Nicolas Coolman) C:\Users\SJPF\Downloads\ZHPSuite.exe 2022-05-23 15:57 - 2022-05-23 15:57 - 000000000 __SHD C:\found.022 2022-05-23 15:45 - 2022-05-23 15:45 - 000000000 __SHD C:\found.021 2022-05-23 12:54 - 2022-05-23 12:54 - 000000000 ____D C:\Users\SJPF\AppData\Local\Windows Live 2022-05-23 12:52 - 2022-05-23 12:53 - 000000000 ____D C:\Windows\system32\SPReview 2022-05-23 12:30 - 2022-05-23 12:30 - 000000000 ____D C:\$WINDOWS.~BT 2022-05-23 12:29 - 2022-05-23 12:29 - 000000000 ___HD C:\$Windows.~WS 2022-05-03 17:33 - 2022-05-03 17:34 - 000115161 _____ C:\Users\SJPF\Desktop\RESULTAT LABO TSH 3 MAI.pdf 2022-05-03 17:28 - 2022-05-24 17:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-24 19:42 - 2016-04-26 11:54 - 000000000 ____D C:\Users\SJPF\AppData\Roaming\ZHP 2022-05-24 19:41 - 2012-01-23 21:09 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-24 19:17 - 2011-06-02 22:34 - 000748362 _____ C:\Windows\system32\perfh00C.dat 2022-05-24 19:17 - 2011-06-02 22:34 - 000150596 _____ C:\Windows\system32\perfc00C.dat 2022-05-24 19:17 - 2009-07-14 07:13 - 001671272 _____ C:\Windows\system32\PerfStringBackup.INI 2022-05-24 19:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-05-24 17:39 - 2017-03-12 10:59 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-05-24 17:38 - 2009-07-14 06:45 - 000019760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-05-24 17:38 - 2009-07-14 06:45 - 000019760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-05-24 17:34 - 2011-11-15 23:36 - 000000000 ____D C:\ProgramData\AVAST Software 2022-05-24 17:32 - 2016-11-21 10:02 - 000000000 ____D C:\Users\SJPF\AppData\LocalLow\Mozilla 2022-05-24 17:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2022-05-24 17:28 - 2011-06-02 20:16 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2022-05-24 17:27 - 2016-10-25 21:41 - 000065536 _____ C:\Windows\system32\Ikeext.etl 2022-05-24 17:27 - 2011-06-02 20:28 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks 2022-05-24 17:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-05-24 15:24 - 2017-03-14 15:21 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-05-24 15:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2022-05-24 15:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing 2022-05-24 14:43 - 2020-10-30 18:27 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-05-24 14:39 - 2021-09-14 09:22 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-05-24 14:34 - 2018-05-17 18:18 - 000000000 ____D C:\Users\SJPF\AppData\Local\AVAST Software 2022-05-24 14:08 - 2017-05-23 16:24 - 000000000 ____D C:\Users\SJPF\AppData\Local\ZHP 2022-05-24 11:21 - 2021-11-23 15:32 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2022-05-24 11:19 - 2021-11-23 15:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2022-05-24 11:19 - 2019-07-08 13:35 - 000000000 ____D C:\Users\SJPF\AppData\Roaming\WildTangent 2022-05-24 11:19 - 2011-06-02 20:12 - 000000000 ____D C:\ProgramData\WildTangent 2022-05-24 11:19 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2022-05-24 11:18 - 2013-06-01 10:01 - 000000000 ____D C:\ProgramData\Mozilla 2022-05-24 11:18 - 2013-06-01 10:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-05-24 11:05 - 2011-11-17 20:20 - 000000000 ____D C:\Users\SJPF\AppData\Local\Adobe 2022-05-24 11:02 - 2012-10-08 17:50 - 000000000 ____D C:\Windows\system32\Macromed 2022-05-24 11:02 - 2011-06-02 19:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2022-05-23 12:31 - 2009-04-28 18:27 - 000000000 ____D C:\Windows\Panther 2022-05-03 17:36 - 2016-05-11 03:13 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-05-03 17:36 - 2012-01-23 21:09 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA ==================== Fichiers à la racine de certains dossiers ======== 2011-07-14 19:12 - 2011-07-14 19:15 - 000000092 _____ () C:\Users\SJPF\AppData\Roaming\AbsoluteReminder.xml 2011-07-14 19:14 - 2011-07-14 19:15 - 005944360 _____ (Absolute Software Corp. ) C:\Users\SJPF\AppData\Roaming\LoJackSetup.exe 2019-04-19 08:56 - 2019-04-19 08:56 - 000000000 _____ () C:\Users\SJPF\AppData\Local\{021CB8EC-CFF6-4D8C-95EB-D320FBE6DC09} 2019-09-07 18:49 - 2019-09-07 18:49 - 000000000 _____ () C:\Users\SJPF\AppData\Local\{18D53968-7B9C-4118-A304-DB8A7C523A86} 2019-08-05 08:02 - 2019-08-05 08:02 - 000000000 _____ () C:\Users\SJPF\AppData\Local\{4C62D601-C0AB-428D-A17C-FAA520E0A568} 2019-07-16 12:51 - 2019-07-16 12:51 - 000000000 _____ () C:\Users\SJPF\AppData\Local\{4CA8CB0A-A8EF-4F8B-A804-ABF0927C667E} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2022-05-23 14:24 ==================== Fin de FRST.txt ========================