Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-06-2022 Exécuté par Nathange (administrateur) sur NATHANGE (ASUSTeK COMPUTER INC. X751LJ) (09-06-2022 20:53:36) Exécuté depuis C:\Users\Nathange\Desktop\Téléchargements Profils chargés: Nathange Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1706 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4> (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\ProgramData\SetupTPDriver\SetupSync.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (C:\Windows\SysWOW64\cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe (C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (explorer.exe ->) (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\Nathange\AppData\Roaming\ZHP\ZHPSuite.exe (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\ProgramData\SetupTPDriver\SetupSync.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (msiexec.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BatchCaller.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (services.exe ->) (Corel Corporation -> ) C:\Windows\SysWOW64\PSIService.exe (services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-06-07] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5412632 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (Pas de fichier) HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\Run: [MicrosoftEdgeAutoLaunch_A195EC2DD7A621C2292D100AC7640868] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\MountPoints2: {005038ad-cb55-11eb-9caf-80a58935ec50} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\MountPoints2: {0c6dc0a8-fc6f-11eb-9cb9-80a58935ec50} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2256402154-31552669-3576289504-1001\...\MountPoints2: {7c9ed6c6-6864-11ea-9c4d-80a58935ec50} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2256402154-31552669-3576289504-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2256402154-31552669-3576289504-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2256402154-31552669-3576289504-500\...\RunOnce: [Uninstall 19.002.0107.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrateur\AppData\Local\Microsoft\OneDrive\19.002.0107.0005" (Pas de fichier) BootExecute: autocheck autochk * sdnclean64.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {120B2A95-0DEA-4CF9-BDC8-A3EE99F8A555} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier) Task: {4A27FB23-FEB8-4B84-809B-29DD5A3E3DDE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {4B56F4EC-6A6A-466D-88ED-7686D1E2618D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {53E33383-4C62-467B-806B-CA877E816057} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-11-27] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {57BE20BA-1F54-46A9-92DB-77AA3A2C1945} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {5E1286D0-DF38-4A02-9444-7CAB8C5AB7AF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6E61027C-15C5-49E2-B42B-F761C21B29B3} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier) Task: {71219608-F4AA-468E-85B6-48194A5403C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software) Task: {779A58D5-2C12-4AC3-8004-8142A8D54006} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {832BAA89-AB2F-433B-B358-6869535FA165} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {91ABEE22-5C1D-4049-B73D-D0DF1F75B677} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Nathange\Desktop\adwcleaner_8.0.6.exe /r (Pas de fichier) Task: {C0AE8953-A4C9-444D-969C-F7619EDFE2BA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9A8144F2A83380F => C:\Users\Administrateur\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task Task: {C27954BE-C6C6-4739-81D8-6F284213A71C} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe /c (Pas de fichier) Task: {E0CCDE44-0810-46ED-8E3D-A6DEE14C1F34} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-06-07] (Avast Software s.r.o. -> AVAST Software) Task: {FF05E962-F767-495D-B4E8-EEAEA4EF5034} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{4362ec7a-1123-43b7-a763-d32d1c2b752a}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7da0ce12-fe5c-4d0c-b69f-a4f6de04b9e0}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{fc06ab32-8401-4800-bfa4-94c015516600}: [DhcpNameServer] 192.168.1.254 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Nathange\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-09] FireFox: ======== FF DefaultProfile: pxt38z0k.default-1611590610425 FF ProfilePath: C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425 [2022-06-09] FF DownloadDir: C:\Users\Nathange\Desktop\Téléchargements FF Notifications: Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425 -> hxxps://www.decitre.fr FF Extension: (AdBlocker Ultimate) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-28] FF Extension: (Enhancer for YouTube™) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-05-16] FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\firefox@ghostery.com.xpi [2022-06-09] FF Extension: (Privacy Badger) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30] FF Extension: (uBlock Origin) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\uBlock0@raymondhill.net.xpi [2022-04-07] FF Extension: (Somber Forest) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{47de2169-7209-453e-99bb-f17ca709401b}.xpi [2022-05-01] FF Extension: (Three Wolf Moon Shirt) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{50193c98-9eee-4b67-9244-95ced154911d}.xpi [2021-01-25] FF Extension: (Beach dog - Jen) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{5812e137-9e3d-4405-8ce5-0934532fc732}.xpi [2022-05-01] FF Extension: (tiger eyes light blue) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{885baf65-4fb9-43e1-9a87-c552d440dcc9}.xpi [2021-01-25] FF Extension: (Lone Wolf Theme by M♥Donna) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{9500e3b5-726a-45b0-b2e8-ebcf7381d9a9}.xpi [2021-07-01] FF Extension: (Blue Grass Rain Shower Petite by MaDonna) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{c1e85863-311d-4a55-93fa-77b3fd30c19e}.xpi [2021-01-25] FF Extension: (Fall Colors at Dusk by M♥Donna) - C:\Users\Nathange\AppData\Roaming\Mozilla\Firefox\Profiles\pxt38z0k.default-1611590610425\Extensions\{f0d899ce-c3f8-49a9-a31b-2154b6728d31}.xpi [2021-07-29] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) Opera: ======= OPR Profile: C:\Users\Nathange\AppData\Roaming\Opera Software\Opera Stable [2022-05-01] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8432776 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-21] (Avast Software s.r.o. -> AVAST Software) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-12-06] (Brother Industries, Ltd.) [Fichier non signé] R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] U2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] (Corel Corporation -> ) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38912 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382608 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255136 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102048 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [45072 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271600 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548968 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [662160 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218608 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [321928 2022-06-07] (Avast Software s.r.o. -> AVAST Software) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-09 20:52 - 2022-06-09 20:55 - 000000000 ____D C:\FRST 2022-06-09 20:27 - 2022-06-09 20:45 - 000367741 _____ C:\Users\Public\Desktop\ZHPDiag.txt 2022-06-09 20:09 - 2022-06-09 20:33 - 000000910 _____ C:\Users\Nathange\Desktop\ZHPSuite.lnk 2022-06-09 19:11 - 2022-06-09 19:11 - 000068406 _____ C:\Users\Nathange\Documents\NEWS ZONE ANTIMALWARE.txt 2022-06-07 08:39 - 2022-06-07 08:39 - 000218608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2022-06-07 08:39 - 2022-06-07 08:38 - 000269136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-06-01 09:11 - 2022-06-02 22:02 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-05-31 11:33 - 2022-05-31 11:33 - 000000000 ____D C:\Users\Nathange\Desktop\Century21 2022-05-30 08:59 - 2022-05-30 08:59 - 000117122 _____ C:\Users\Nathange\Desktop\releve_Avril-Lorys_20220429.pdf 2022-05-13 18:58 - 2022-05-13 18:58 - 000000000 ____D C:\WINDOWS\LastGood 2022-05-11 18:10 - 2022-05-11 18:10 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2022-05-11 07:17 - 2022-05-11 07:17 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-05-11 07:15 - 2022-05-11 07:15 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-05-11 07:14 - 2022-05-11 07:14 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-05-11 06:09 - 2022-05-11 06:09 - 000000000 ___HD C:\$WinREAgent ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-06-09 20:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-09 20:53 - 2021-01-25 18:19 - 000000000 ____D C:\Users\Nathange\Desktop\Téléchargements 2022-06-09 20:45 - 2018-01-16 15:34 - 000000000 ____D C:\Users\Nathange\AppData\Roaming\ZHP 2022-06-09 20:11 - 2016-11-18 19:41 - 000000000 ____D C:\Users\Nathange\AppData\LocalLow\Mozilla 2022-06-09 20:09 - 2021-06-13 13:30 - 000000000 ____D C:\Users\Nathange\Desktop\a ranger 2022-06-09 20:09 - 2018-01-16 15:34 - 000000000 ____D C:\Users\Nathange\AppData\Local\ZHP 2022-06-09 19:51 - 2020-08-01 09:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-09 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-09 18:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-09 18:38 - 2018-01-02 23:34 - 000000000 ____D C:\Users\Nathange\AppData\Local\Packages 2022-06-09 18:37 - 2018-06-06 13:24 - 000000000 ____D C:\Users\Nathange\AppData\Local\PlaceholderTileLogoFolder 2022-06-09 18:03 - 2018-07-09 20:37 - 000000000 ____D C:\Users\Nathange\AppData\Local\AVAST Software 2022-06-09 17:31 - 2022-02-10 20:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-09 17:27 - 2019-09-25 11:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-06-09 17:27 - 2016-01-22 16:28 - 000000000 __SHD C:\Users\Nathange\IntelGraphicsProfiles 2022-06-09 17:26 - 2015-10-22 02:49 - 000000000 ____D C:\ProgramData\AVAST Software 2022-06-09 17:25 - 2020-08-01 09:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-06-09 17:25 - 2020-08-01 09:15 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-09 17:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-06-09 17:25 - 2015-10-22 02:34 - 000000000 ____D C:\ProgramData\NVIDIA 2022-06-09 17:24 - 2019-12-07 11:03 - 002359296 _____ C:\WINDOWS\system32\config\BBI 2022-06-09 17:15 - 2018-06-07 11:01 - 000000000 ____D C:\Users\Nathange\AppData\Local\D3DSCache 2022-06-09 17:03 - 2021-01-06 22:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-06-09 16:20 - 2020-11-10 14:01 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-06-09 08:32 - 2020-08-01 09:25 - 000000000 ____D C:\Users\Nathange 2022-06-09 08:23 - 2018-06-09 09:25 - 000000000 ____D C:\Users\Nathange\AppData\Local\CrashDumps 2022-06-07 08:40 - 2021-01-06 22:14 - 000382608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-06-07 08:40 - 2021-01-06 22:14 - 000321928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-06-07 08:39 - 2021-01-06 22:14 - 000662160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-06-07 08:39 - 2021-01-06 22:14 - 000271600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-06-07 08:39 - 2021-01-06 22:14 - 000255136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-06-07 08:39 - 2021-01-06 22:14 - 000102048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-06-07 08:39 - 2021-01-06 22:14 - 000086120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-06-07 08:39 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-06-07 08:38 - 2021-01-06 22:14 - 000857488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-06-07 08:38 - 2021-01-06 22:14 - 000548968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-06-07 08:38 - 2021-01-06 22:14 - 000232648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-06-07 08:38 - 2021-01-06 22:14 - 000111056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-06-07 08:38 - 2021-01-06 22:14 - 000045072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-06-07 08:38 - 2021-01-06 22:14 - 000038912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2022-06-05 13:22 - 2020-06-16 16:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-02 22:02 - 2018-01-02 19:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-02 20:41 - 2021-12-13 16:08 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2256402154-31552669-3576289504-1001 2022-06-02 20:41 - 2020-08-01 09:52 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2256402154-31552669-3576289504-1001 2022-06-02 20:41 - 2020-08-01 09:25 - 000002468 _____ C:\Users\Nathange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-06-01 16:04 - 2020-08-01 09:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-06-01 16:04 - 2020-07-16 16:57 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-05-30 10:26 - 2021-09-04 12:43 - 000000000 ____D C:\Users\Nathange\Desktop\TISF 2022-05-28 07:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-05-23 15:50 - 2020-12-30 16:38 - 000000000 ____D C:\Users\Nathange\Desktop\scanbrother 2022-05-21 15:09 - 2020-11-10 14:06 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2022-05-17 21:35 - 2022-04-28 19:41 - 000000000 ____D C:\Users\Nathange\Desktop\Watsap 2022-05-16 16:19 - 2019-06-16 09:53 - 000000000 ____D C:\Users\Nathange\Documents\Nath 2022-05-11 17:50 - 2020-08-01 09:40 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-11 17:50 - 2019-12-07 16:49 - 000800422 _____ C:\WINDOWS\system32\perfh00C.dat 2022-05-11 17:50 - 2019-12-07 16:49 - 000155328 _____ C:\WINDOWS\system32\perfc00C.dat 2022-05-11 17:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-05-11 17:46 - 2020-08-01 09:16 - 000450008 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-05-11 17:40 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-05-11 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-05-11 17:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-05-11 17:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-05-11 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-05-11 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-05-11 10:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-05-11 06:01 - 2018-01-02 23:48 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-05-11 05:53 - 2018-01-02 23:47 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2021-10-30 12:42 - 2021-12-04 17:46 - 003291288 _____ (Nicolas Coolman) C:\Users\Nathange\ZHPCleaner.exe 2018-01-02 23:36 - 2020-07-15 11:48 - 000000165 _____ () C:\Users\Nathange\AppData\Roaming\sp_data.sys 2020-11-18 20:08 - 2020-11-18 20:08 - 000000000 _____ () C:\Users\Nathange\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================