Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Exécuté par Regis (administrateur) sur REGIS-TOSH (TOSHIBA Satellite C660) (14-02-2022 20:11:57)
Exécuté depuis C:\Users\Regis\Downloads
Profils chargés: Regis
Plate-forme: Microsoft Windows 10 Famille Version 1607 14393.2189 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\CR_4B68E.tmp\setup.exe <2>
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\98.0.4758.82_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\CR_1D727.tmp\setup.exe <2>
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\SP6\LU\LogitechUpdate.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(explorer.exe ->) (8bit Solutions LLC -> Bitwarden Inc.) C:\Program Files\Bitwarden\Bitwarden.exe <4>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\WINDOWS\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\98.0.4758.82_chrome_installer.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\LocationNotificationWindows.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <27>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atiesrxx.exe
(services.exe ->) (Realsil Microelectronics Inc.) [Fichier non signé] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\WINDOWS\System32\TODDSrv.exe
(svchost.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe <2>
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA CORPORATION -> TOSHIBA)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91683688 2020-06-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2020-03-28] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [PTOneClick] => C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe /AutoRunning="1" (Pas de fichier)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [CiscoMeetingDaemon] => "C:\Users\Regis\AppData\Local\WebEx\ciscowebexstart.exe" /daemon /from=autorun (Pas de fichier)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {02b68283-a207-11e6-8bb9-1c75087d3a2e} - "F:\Startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {08caca05-df3b-11e6-8bc5-1c75087d3a2e} - "F:\Startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {5dff1eb7-719a-11e6-8bb3-1c75087d3a2e} - "G:\startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {a0d9e4eb-6bb6-11e7-8bd6-1c75087d3a2e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP a211 Status Monitor: C:\WINDOWS\system32\hpinkstsa211LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3070 B611 series): C:\WINDOWS\system32\HPDiscoPMa211.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.1.7587.142\Installer\chrmstp.exe [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [Fichier non signé]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 8.3 PE.lnk [2016-12-10]
ShortcutTarget: PHOTOfunSTUDIO 8.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation -> Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\startup helper.lnk [2014-04-24]
ShortcutTarget: startup helper.lnk -> C:\Tnlenterprises\SentryVision\ControlPanel.exe (Tnlenterprises LLC) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0140D04F-5164-40D7-9C18-2F034F71F861} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {064D49BA-59CA-42E1-9EA6-9F84E2E72B06} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {0DD7CA05-B11D-4EA6-8B23-9472346645F5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0EC042A9-A273-405B-B6FF-F2B458FC9E6C} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-22] (Microsoft Windows -> Microsoft Corporation)
Task: {10B24754-B8D1-4D79-8A7D-4117F362842E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {10E74790-11AB-4E2F-8EF5-D1088377FE7E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1D3BA24E-7099-4311-8FBB-5BD195B8AFC9} - System32\Tasks\{8BE6D9BE-A6C3-4489-9739-E958EDBF6E82} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {22BFF2DA-17E4-4E21-9A50-742D30B7D764} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {238EF680-04DD-4D90-A867-D006DECC927D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {289361E8-CD0E-4F4F-B1EC-D52B7E35D74E} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (Pas de fichier)
Task: {2D1B9008-8C67-42C1-8D20-C0371EA68BDB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {2F108745-A6B7-4613-8471-6982BE6102DC} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-22] (Microsoft Windows -> Microsoft Corporation)
Task: {2F73005A-0A22-4FAC-91F4-2BC7605473E6} - System32\Tasks\{D54A854F-BC9F-467E-97FF-AD530554C5C3} => C:\Windows\system32\pcalua.exe -a C:\Tnlenterprises\SentryVision\Uninstall.exe
Task: {31359A34-8B14-4993-8930-9E739EF688B3} - System32\Tasks\Microsoft\Windows\rempl\shell-compact => C:\Program Files\rempl\remsh.exe /RunCompactOnly (Pas de fichier)
Task: {32BBA273-B654-4507-851B-2D9B6463EE28} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {3BE4FE1E-405A-45A4-8957-B029A5BC0F1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {3ED6684C-91DC-44E5-B7B6-2258C630E520} - System32\Tasks\{8297E57D-4A74-41AE-88D5-71EF42F3FB30} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{E9AE9A91-AB45-4321-87BD-AD34855D944F}
Task: {422191DE-0D69-4150-8ABE-E4FDC27AF611} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {42C5206C-0E5D-4A21-BD57-4588480FB546} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4417812A-01A9-4111-BAEA-D7BDC328FF1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {442F369E-9BB6-49BA-90D5-D88D3243FA9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {488E5C5A-06E5-4934-BFE8-4E98F46C84F4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {49271073-EC90-4738-BE5F-58AD91645F9F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4CE678D6-3101-46DA-AC5E-4FE9E139B797} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {5503B104-1588-4F28-8011-AAE00E3F0F27} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {56B5F341-62F8-44C7-90CD-F0BE36CD4C1D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {5B0A5449-77A1-43A0-BCB8-BCE5C5247C1B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F64770A-DD36-4904-A6C7-197093D11C2A} - System32\Tasks\Microsoft\Windows\rempl\shell-restore => C:\Program Files\rempl\remsh.exe /RunRestoreHealthOnly (Pas de fichier)
Task: {61C8FCD4-0DDC-4777-8D63-C7C4FF138A32} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {668D2034-F30E-46E5-A7E6-B30B567DE873} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-sih => C:\Program Files\rempl\remsh.exe /RunSihScanOnly (Pas de fichier)
Task: {67E75CC1-23FC-4694-9DC0-5C6283CCAA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {698D17F3-A925-490D-B6F6-F23F20E255B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-07-06] (Adobe Inc. -> Adobe)
Task: {6DAECA8A-099D-4C2D-8116-EFDC4884BFFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {742C3BDD-FD74-4D65-B655-1FA1429D41AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {77FF5813-53E2-4FDE-BF46-54743AB959E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2020-03-28] (Piriform Ltd -> Piriform Ltd)
Task: {78344D27-2091-4433-9FBC-F38791019576} - \Auslogics\BoostSpeed\Start BoostSpeed оn Regis logon -> Pas de fichier <==== ATTENTION
Task: {787AE067-48CF-4DC1-8E09-64E163131F24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {799BA594-F2E5-420B-AC90-567457890046} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe /RunMaintenanceTasksOnly (Pas de fichier)
Task: {7FB300B9-6AD5-4618-958B-054BF42D287F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {86A6B435-28E7-4D0E-8F72-E4BD21C394C6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {88153B55-41DD-4178-BAEA-1A8C874384B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {882F0458-2948-4B39-B836-E44F3B0040CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2174832 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
Task: {88F658C9-449D-428D-8FAB-155DE2D83B11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360 2017-04-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {913C142E-6184-4076-8478-7606C304713F} - \ConfigFree Startup Programs -> Pas de fichier <==== ATTENTION
Task: {926CF0F4-6747-4989-B0C8-0E2DE9DD5CB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {92E86335-A568-4E5D-80ED-03C26BA62E00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {93505B86-ACB9-47BD-AFDF-8F08ED4ECB1C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {97A7450D-DCC3-4FAD-A8B6-A7FE373E8A12} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {98097EC3-2775-4671-AA6F-559B9FCF1905} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {9C424AC0-B2BF-4243-B0D4-2AB33F6F8C1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {9F0EC738-C755-4BB5-937C-489607A00BB8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2174832 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
Task: {A49CEA33-6396-4CC5-A5C8-50B28F2D76D5} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {A761CA9A-21B2-4952-82B8-826B8EFD3C6F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {ACDA33E1-FEC2-4158-8A2F-844F76F8EF15} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3A8ED20-5933-4038-BF9F-EA4F222DBBEA} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-storagesense => C:\Program Files\rempl\remsh.exe /RunStorageSenseTaskOnly (Pas de fichier)
Task: {B66BC9E0-501F-47D7-B809-21F6B2E54605} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {B841AA28-1EA2-4690-8DFC-7B24D29EDBC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {BE1D2D93-78C7-43F5-A99F-BE3FA4880D81} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C8E9D3B3-F9FB-44DB-B367-2B1900D10A79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {D1D871D3-9B7C-4146-AA1B-52320DCA551B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {D5DE39E7-6495-4A27-A7F2-501221129D5C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {DF1109DE-0248-448F-B0D1-B0ADFEAE9D94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF4D2069-B1F1-4957-902F-88AECBABD107} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E61B22E2-5B7E-4D8F-8E23-582ED10FFF21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {E7EFD3A6-AEDD-4DFB-893C-E01A78899E2F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {E8CD239F-EAC9-4D00-B9C2-CF56A64BCED2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-06] (Adobe Inc. -> Adobe)
Task: {E8D72C2D-9508-46D1-B77F-76C831C1A345} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EADDFED2-BE20-4D8B-88C5-BFCA3FE52F7C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {ED961819-B1FD-4477-B230-2E74AC97BA13} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {EF7DA325-114C-4AFB-8CBD-BD06FE2A609B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
Task: {F1B972FE-3B72-4F15-9ECF-6E946D746EEF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {F2CF9F42-8A2C-4E81-9F92-3A75C5801EB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {F35BBC19-B73C-4B29-9389-5A73BDE27C78} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {F476AAE0-C925-47CA-9F58-88EA4BC2C00B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {F77AA276-A332-41BD-A550-37E91B04D4DC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {F93C9BB1-8D03-4F51-8311-775872A995D0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35438c1a-da10-4782-a6c4-892175d8d3c0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{38effc89-6765-481f-8b85-eb7911c6af4a}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{c679a0ca-4d25-4d42-bfde-2482fe231a2b}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF DefaultProfile: vmp9ew9h.default-1497028271375
FF ProfilePath: C:\Users\Regis\AppData\Roaming\TomTom\HOME\Profiles\md06my8a.default [2017-07-29]
FF ProfilePath: C:\Users\Regis\AppData\Roaming\Mozilla\Firefox\Profiles\vmp9ew9h.default-1497028271375 [2022-02-14]
FF Extension: (IBM Security Rapport) - C:\Users\Regis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-02-13] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Cisco Webex Extension) - C:\Users\Regis\AppData\Roaming\Mozilla\Firefox\Profiles\vmp9ew9h.default-1497028271375\Extensions\ciscowebexstart1@cisco.com.xpi [2022-02-13]
FF Extension: (Cisco WebEx Extension) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\ciscowebexstart1@cisco.com.xpi [2020-03-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-07-06] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-07-06] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-93965435-1970107836-2515385258-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) [Fichier non signé]
Chrome:
=======
CHR Profile: C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default [2022-02-13]
CHR Extension: (Docs) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-04]
CHR Extension: (Google Drive) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-04]
CHR Extension: (YouTube) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-04]
CHR Extension: (Skype) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-04-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR HKU\S-1-5-21-93965435-1970107836-2515385258-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83056 2017-04-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-06] (Adobe Inc. -> Adobe)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.1.7587.142\elevation_service.exe [1408840 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016648 2021-11-08] (IBM -> IBM Corp.)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [192912 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103704 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-06-14] () [Fichier non signé]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MpKsl0df71714; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9FA428C-0AE9-4B5D-80DA-0EE564A0846D}\MpKslDrv.sys [49424 2022-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsleea61419; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9FA428C-0AE9-4B5D-80DA-0EE564A0846D}\MpKslDrv.sys [49424 2022-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [456168 2021-11-08] (IBM -> IBM Corp.)
R4 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2021-01-20] (IBM -> IBM Corp.)
R1 RapportCerberus_2104058; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2104058.sys [1491920 2022-02-13] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [554792 2021-11-08] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [405032 2021-11-08] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [455824 2021-11-08] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [576144 2021-11-08] (IBM -> IBM Corp.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 scvad_simple; C:\WINDOWS\System32\drivers\SplitCamAudio.sys [23552 2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\WINDOWS\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-12-16] (OMT-LIDER, TOV -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-14 20:11 - 2022-02-14 20:23 - 000043093 _____ C:\Users\Regis\Downloads\FRST.txt
2022-02-14 20:10 - 2022-02-14 20:10 - 000000000 ____D C:\Users\Regis\Downloads\FRST-OlderVersion
2022-02-14 20:03 - 2022-02-14 20:21 - 000000000 ____D C:\FRST
2022-02-14 20:01 - 2022-02-14 20:10 - 002312192 _____ (Farbar) C:\Users\Regis\Downloads\FRST64.exe
2022-02-14 19:58 - 2022-02-14 19:58 - 000001242 _____ C:\Users\Regis\Desktop\ZHPDiag.txt
2022-02-14 19:50 - 2022-02-14 19:50 - 000000913 _____ C:\Users\Regis\Desktop\ZHPSuite.lnk
2022-02-14 19:49 - 2022-02-14 19:49 - 003479704 _____ (Nicolas Coolman) C:\Users\Regis\Downloads\ZHPSuite.exe
2022-02-14 19:41 - 2022-02-14 19:41 - 000012824 _____ C:\Users\Regis\Desktop\OpenHardwareMonitor.Report.txt
2022-02-14 19:38 - 2022-02-14 19:39 - 000000000 ____D C:\Users\Regis\Downloads\Nouveau dossier (2)
2022-02-14 19:35 - 2022-02-14 19:35 - 000001923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk
2022-02-14 19:35 - 2022-02-14 19:35 - 000001911 _____ C:\Users\Public\Desktop\Bitwarden.lnk
2022-02-14 19:34 - 2022-02-14 19:35 - 000000000 ____D C:\Program Files\Bitwarden
2022-02-14 19:33 - 2022-02-14 19:33 - 000714120 _____ (Bitwarden Inc.) C:\Users\Regis\Downloads\Bitwarden-Installer-1.31.2(1).exe
2022-02-13 15:01 - 2022-02-13 15:03 - 000000000 ____D C:\Users\Regis\Downloads\Nouveau dossier
2022-02-13 14:47 - 2022-02-14 19:37 - 000000000 ____D C:\Users\Regis\AppData\Roaming\Bitwarden
2022-02-13 14:47 - 2022-02-13 14:47 - 000000000 ____D C:\Users\Regis\AppData\Local\bitwarden-updater
2022-02-13 14:44 - 2022-02-13 14:45 - 000714120 _____ (Bitwarden Inc.) C:\Users\Regis\Downloads\Bitwarden-Installer-1.31.2.exe
2022-02-13 14:33 - 2022-02-13 15:00 - 000000000 ___HD C:\$WINDOWS.~BT
2022-02-13 14:19 - 2022-02-13 14:20 - 000000000 ___HD C:\$GetCurrent
2022-02-13 13:51 - 2022-02-13 13:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-93965435-1970107836-2515385258-1001
2022-02-13 11:43 - 2022-02-13 11:43 - 000000923 _____ C:\Users\Regis\Desktop\ZHPCleaner.lnk
2022-02-13 11:39 - 2022-02-14 19:49 - 000000000 ____D C:\Users\Regis\AppData\Local\ZHP
2022-02-13 11:39 - 2022-02-13 11:39 - 003293336 _____ (Nicolas Coolman) C:\Users\Regis\Downloads\ZHPCleaner.exe
2022-02-13 10:58 - 2022-02-14 19:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-13 10:58 - 2022-02-13 10:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-13 10:20 - 2022-02-13 13:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-13 10:02 - 2022-02-13 10:02 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc29dd3c02aacf539.tmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-14 20:24 - 2017-02-18 08:02 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4AC674E7-6092-4235-9062-CB2DC31F27F2}
2022-02-14 20:23 - 2012-12-07 18:18 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-14 20:20 - 2016-11-23 22:58 - 000000000 ____D C:\Users\Regis\AppData\LocalLow\Mozilla
2022-02-14 19:58 - 2015-12-05 14:00 - 000000000 ____D C:\Users\Regis\AppData\Roaming\ZHP
2022-02-14 19:34 - 2017-08-12 22:01 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-93965435-1970107836-2515385258-1001
2022-02-14 19:33 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-14 19:33 - 2016-06-04 18:40 - 000002449 _____ C:\Users\Regis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-13 15:11 - 2016-10-07 08:01 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2022-02-13 15:11 - 2016-10-07 08:01 - 000001890 _____ C:\WINDOWS\diagerr.xml
2022-02-13 15:10 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2022-02-13 15:01 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\Registration
2022-02-13 14:34 - 2016-10-07 08:19 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-13 14:31 - 2018-03-28 18:30 - 000000036 _____ C:\WINDOWS\progress.ini
2022-02-13 14:20 - 2018-03-28 17:48 - 000000000 ____D C:\Windows10Upgrade
2022-02-13 14:19 - 2016-10-07 07:27 - 006957034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-13 14:19 - 2016-07-16 23:40 - 003420106 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-13 14:19 - 2016-07-16 23:40 - 000940584 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-13 14:12 - 2016-10-07 07:28 - 000000000 ____D C:\Users\Regis
2022-02-13 14:09 - 2020-03-28 18:20 - 000000000 ____D C:\Users\Regis\AppData\Local\CrashDumps
2022-02-13 14:09 - 2017-08-09 20:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-13 14:08 - 2016-10-07 07:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-13 13:40 - 2014-09-06 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2022-02-13 13:37 - 2016-10-07 08:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-13 13:36 - 2017-06-28 16:26 - 000000000 ____D C:\Program Files\CCleaner
2022-02-13 13:36 - 2013-09-19 06:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-13 11:16 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-13 10:58 - 2013-09-19 06:47 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-13 10:58 - 2013-09-19 05:53 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-13 10:45 - 2016-07-16 07:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-13 10:44 - 2012-12-07 18:17 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-13 10:41 - 2012-12-08 12:23 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-02-13 10:39 - 2016-10-07 07:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-13 10:38 - 2016-10-07 07:28 - 000000000 ____D C:\Users\DefaultAppPool
2022-02-13 10:36 - 2020-03-28 18:39 - 000000000 ____D C:\Users\Regis\AppData\Local\AVAST Software
2022-02-13 10:36 - 2016-10-07 07:59 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-13 10:35 - 2016-10-07 07:59 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-13 10:05 - 2020-03-28 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-02-13 10:05 - 2012-11-29 16:19 - 000000000 ____D C:\Users\Regis\AppData\Roaming\Skype
==================== Fichiers à la racine de certains dossiers ========
2016-06-18 17:01 - 2016-06-18 17:11 - 002219008 _____ () C:\Users\Regis\ZHPDiag3.exe
2014-04-27 14:12 - 2014-04-27 14:13 - 000000185 _____ () C:\Users\Regis\AppData\Roaming\wss.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-02-13 11:17
==================== Fin de FRST.txt ========================
Exécuté par Regis (administrateur) sur REGIS-TOSH (TOSHIBA Satellite C660) (14-02-2022 20:11:57)
Exécuté depuis C:\Users\Regis\Downloads
Profils chargés: Regis
Plate-forme: Microsoft Windows 10 Famille Version 1607 14393.2189 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\CR_4B68E.tmp\setup.exe <2>
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{91855090-3F43-4280-A97E-A9C6CD6D746E}\AvastBrowserInstaller.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\98.0.4758.82_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\CR_1D727.tmp\setup.exe <2>
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\SP6\LU\LogitechUpdate.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\SP6\LU\LULnchr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(explorer.exe ->) (8bit Solutions LLC -> Bitwarden Inc.) C:\Program Files\Bitwarden\Bitwarden.exe <4>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\WINDOWS\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{3E2BBC6A-8BBA-4BC4-9B34-8F1B953006F2}\98.0.4758.82_chrome_installer.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\LocationNotificationWindows.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <27>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atiesrxx.exe
(services.exe ->) (Realsil Microelectronics Inc.) [Fichier non signé] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\WINDOWS\System32\TODDSrv.exe
(svchost.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe <2>
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA CORPORATION -> TOSHIBA)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91683688 2020-06-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2020-03-28] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [PTOneClick] => C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe /AutoRunning="1" (Pas de fichier)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\Run: [CiscoMeetingDaemon] => "C:\Users\Regis\AppData\Local\WebEx\ciscowebexstart.exe" /daemon /from=autorun (Pas de fichier)
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Regis\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {02b68283-a207-11e6-8bb9-1c75087d3a2e} - "F:\Startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {08caca05-df3b-11e6-8bc5-1c75087d3a2e} - "F:\Startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {5dff1eb7-719a-11e6-8bb3-1c75087d3a2e} - "G:\startme.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\...\MountPoints2: {a0d9e4eb-6bb6-11e7-8bd6-1c75087d3a2e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93965435-1970107836-2515385258-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP a211 Status Monitor: C:\WINDOWS\system32\hpinkstsa211LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3070 B611 series): C:\WINDOWS\system32\HPDiscoPMa211.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.1.7587.142\Installer\chrmstp.exe [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [Fichier non signé]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 8.3 PE.lnk [2016-12-10]
ShortcutTarget: PHOTOfunSTUDIO 8.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation -> Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\startup helper.lnk [2014-04-24]
ShortcutTarget: startup helper.lnk -> C:\Tnlenterprises\SentryVision\ControlPanel.exe (Tnlenterprises LLC) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0140D04F-5164-40D7-9C18-2F034F71F861} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {064D49BA-59CA-42E1-9EA6-9F84E2E72B06} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {0DD7CA05-B11D-4EA6-8B23-9472346645F5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0EC042A9-A273-405B-B6FF-F2B458FC9E6C} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-22] (Microsoft Windows -> Microsoft Corporation)
Task: {10B24754-B8D1-4D79-8A7D-4117F362842E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {10E74790-11AB-4E2F-8EF5-D1088377FE7E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1D3BA24E-7099-4311-8FBB-5BD195B8AFC9} - System32\Tasks\{8BE6D9BE-A6C3-4489-9739-E958EDBF6E82} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {22BFF2DA-17E4-4E21-9A50-742D30B7D764} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {238EF680-04DD-4D90-A867-D006DECC927D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {289361E8-CD0E-4F4F-B1EC-D52B7E35D74E} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (Pas de fichier)
Task: {2D1B9008-8C67-42C1-8D20-C0371EA68BDB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {2F108745-A6B7-4613-8471-6982BE6102DC} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2018-03-22] (Microsoft Windows -> Microsoft Corporation)
Task: {2F73005A-0A22-4FAC-91F4-2BC7605473E6} - System32\Tasks\{D54A854F-BC9F-467E-97FF-AD530554C5C3} => C:\Windows\system32\pcalua.exe -a C:\Tnlenterprises\SentryVision\Uninstall.exe
Task: {31359A34-8B14-4993-8930-9E739EF688B3} - System32\Tasks\Microsoft\Windows\rempl\shell-compact => C:\Program Files\rempl\remsh.exe /RunCompactOnly (Pas de fichier)
Task: {32BBA273-B654-4507-851B-2D9B6463EE28} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {3BE4FE1E-405A-45A4-8957-B029A5BC0F1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {3ED6684C-91DC-44E5-B7B6-2258C630E520} - System32\Tasks\{8297E57D-4A74-41AE-88D5-71EF42F3FB30} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{E9AE9A91-AB45-4321-87BD-AD34855D944F}
Task: {422191DE-0D69-4150-8ABE-E4FDC27AF611} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {42C5206C-0E5D-4A21-BD57-4588480FB546} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4417812A-01A9-4111-BAEA-D7BDC328FF1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {442F369E-9BB6-49BA-90D5-D88D3243FA9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {488E5C5A-06E5-4934-BFE8-4E98F46C84F4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {49271073-EC90-4738-BE5F-58AD91645F9F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4CE678D6-3101-46DA-AC5E-4FE9E139B797} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {5503B104-1588-4F28-8011-AAE00E3F0F27} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {56B5F341-62F8-44C7-90CD-F0BE36CD4C1D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {5B0A5449-77A1-43A0-BCB8-BCE5C5247C1B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F64770A-DD36-4904-A6C7-197093D11C2A} - System32\Tasks\Microsoft\Windows\rempl\shell-restore => C:\Program Files\rempl\remsh.exe /RunRestoreHealthOnly (Pas de fichier)
Task: {61C8FCD4-0DDC-4777-8D63-C7C4FF138A32} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {668D2034-F30E-46E5-A7E6-B30B567DE873} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-sih => C:\Program Files\rempl\remsh.exe /RunSihScanOnly (Pas de fichier)
Task: {67E75CC1-23FC-4694-9DC0-5C6283CCAA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {698D17F3-A925-490D-B6F6-F23F20E255B2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-07-06] (Adobe Inc. -> Adobe)
Task: {6DAECA8A-099D-4C2D-8116-EFDC4884BFFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {742C3BDD-FD74-4D65-B655-1FA1429D41AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {77FF5813-53E2-4FDE-BF46-54743AB959E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2020-03-28] (Piriform Ltd -> Piriform Ltd)
Task: {78344D27-2091-4433-9FBC-F38791019576} - \Auslogics\BoostSpeed\Start BoostSpeed оn Regis logon -> Pas de fichier <==== ATTENTION
Task: {787AE067-48CF-4DC1-8E09-64E163131F24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {799BA594-F2E5-420B-AC90-567457890046} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe /RunMaintenanceTasksOnly (Pas de fichier)
Task: {7FB300B9-6AD5-4618-958B-054BF42D287F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {86A6B435-28E7-4D0E-8F72-E4BD21C394C6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {88153B55-41DD-4178-BAEA-1A8C874384B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {882F0458-2948-4B39-B836-E44F3B0040CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2174832 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
Task: {88F658C9-449D-428D-8FAB-155DE2D83B11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360 2017-04-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {913C142E-6184-4076-8478-7606C304713F} - \ConfigFree Startup Programs -> Pas de fichier <==== ATTENTION
Task: {926CF0F4-6747-4989-B0C8-0E2DE9DD5CB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [385344 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {92E86335-A568-4E5D-80ED-03C26BA62E00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {93505B86-ACB9-47BD-AFDF-8F08ED4ECB1C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {97A7450D-DCC3-4FAD-A8B6-A7FE373E8A12} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {98097EC3-2775-4671-AA6F-559B9FCF1905} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {9C424AC0-B2BF-4243-B0D4-2AB33F6F8C1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {9F0EC738-C755-4BB5-937C-489607A00BB8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2174832 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
Task: {A49CEA33-6396-4CC5-A5C8-50B28F2D76D5} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {A761CA9A-21B2-4952-82B8-826B8EFD3C6F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {ACDA33E1-FEC2-4158-8A2F-844F76F8EF15} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3A8ED20-5933-4038-BF9F-EA4F222DBBEA} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-storagesense => C:\Program Files\rempl\remsh.exe /RunStorageSenseTaskOnly (Pas de fichier)
Task: {B66BC9E0-501F-47D7-B809-21F6B2E54605} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {B841AA28-1EA2-4690-8DFC-7B24D29EDBC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {BE1D2D93-78C7-43F5-A99F-BE3FA4880D81} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C8E9D3B3-F9FB-44DB-B367-2B1900D10A79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {D1D871D3-9B7C-4146-AA1B-52320DCA551B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {D5DE39E7-6495-4A27-A7F2-501221129D5C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {DF1109DE-0248-448F-B0D1-B0ADFEAE9D94} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF4D2069-B1F1-4957-902F-88AECBABD107} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E61B22E2-5B7E-4D8F-8E23-582ED10FFF21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {E7EFD3A6-AEDD-4DFB-893C-E01A78899E2F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {E8CD239F-EAC9-4D00-B9C2-CF56A64BCED2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-06] (Adobe Inc. -> Adobe)
Task: {E8D72C2D-9508-46D1-B77F-76C831C1A345} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {EADDFED2-BE20-4D8B-88C5-BFCA3FE52F7C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {ED961819-B1FD-4477-B230-2E74AC97BA13} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {EF7DA325-114C-4AFB-8CBD-BD06FE2A609B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
Task: {F1B972FE-3B72-4F15-9ECF-6E946D746EEF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {F2CF9F42-8A2C-4E81-9F92-3A75C5801EB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {F35BBC19-B73C-4B29-9389-5A73BDE27C78} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {F476AAE0-C925-47CA-9F58-88EA4BC2C00B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {F77AA276-A332-41BD-A550-37E91B04D4DC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {F93C9BB1-8D03-4F51-8311-775872A995D0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35438c1a-da10-4782-a6c4-892175d8d3c0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{38effc89-6765-481f-8b85-eb7911c6af4a}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{c679a0ca-4d25-4d42-bfde-2482fe231a2b}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF DefaultProfile: vmp9ew9h.default-1497028271375
FF ProfilePath: C:\Users\Regis\AppData\Roaming\TomTom\HOME\Profiles\md06my8a.default [2017-07-29]
FF ProfilePath: C:\Users\Regis\AppData\Roaming\Mozilla\Firefox\Profiles\vmp9ew9h.default-1497028271375 [2022-02-14]
FF Extension: (IBM Security Rapport) - C:\Users\Regis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-02-13] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Cisco Webex Extension) - C:\Users\Regis\AppData\Roaming\Mozilla\Firefox\Profiles\vmp9ew9h.default-1497028271375\Extensions\ciscowebexstart1@cisco.com.xpi [2022-02-13]
FF Extension: (Cisco WebEx Extension) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\ciscowebexstart1@cisco.com.xpi [2020-03-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-07-06] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-07-06] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-02-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-93965435-1970107836-2515385258-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC) [Fichier non signé]
Chrome:
=======
CHR Profile: C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default [2022-02-13]
CHR Extension: (Docs) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-04]
CHR Extension: (Google Drive) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-04]
CHR Extension: (YouTube) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-04]
CHR Extension: (Skype) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-04-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\Regis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR HKU\S-1-5-21-93965435-1970107836-2515385258-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83056 2017-04-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-06] (Adobe Inc. -> Adobe)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-02-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.1.7587.142\elevation_service.exe [1408840 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3016648 2021-11-08] (IBM -> IBM Corp.)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [192912 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103704 2017-10-09] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-06-14] () [Fichier non signé]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-28] (Malwarebytes Corporation -> Malwarebytes)
S3 MpKsl0df71714; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9FA428C-0AE9-4B5D-80DA-0EE564A0846D}\MpKslDrv.sys [49424 2022-02-13] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsleea61419; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9FA428C-0AE9-4B5D-80DA-0EE564A0846D}\MpKslDrv.sys [49424 2022-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [456168 2021-11-08] (IBM -> IBM Corp.)
R4 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2021-01-20] (IBM -> IBM Corp.)
R1 RapportCerberus_2104058; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2104058.sys [1491920 2022-02-13] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [554792 2021-11-08] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [405032 2021-11-08] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [455824 2021-11-08] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [576144 2021-11-08] (IBM -> IBM Corp.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 scvad_simple; C:\WINDOWS\System32\drivers\SplitCamAudio.sys [23552 2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\WINDOWS\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-12-16] (OMT-LIDER, TOV -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-14 20:11 - 2022-02-14 20:23 - 000043093 _____ C:\Users\Regis\Downloads\FRST.txt
2022-02-14 20:10 - 2022-02-14 20:10 - 000000000 ____D C:\Users\Regis\Downloads\FRST-OlderVersion
2022-02-14 20:03 - 2022-02-14 20:21 - 000000000 ____D C:\FRST
2022-02-14 20:01 - 2022-02-14 20:10 - 002312192 _____ (Farbar) C:\Users\Regis\Downloads\FRST64.exe
2022-02-14 19:58 - 2022-02-14 19:58 - 000001242 _____ C:\Users\Regis\Desktop\ZHPDiag.txt
2022-02-14 19:50 - 2022-02-14 19:50 - 000000913 _____ C:\Users\Regis\Desktop\ZHPSuite.lnk
2022-02-14 19:49 - 2022-02-14 19:49 - 003479704 _____ (Nicolas Coolman) C:\Users\Regis\Downloads\ZHPSuite.exe
2022-02-14 19:41 - 2022-02-14 19:41 - 000012824 _____ C:\Users\Regis\Desktop\OpenHardwareMonitor.Report.txt
2022-02-14 19:38 - 2022-02-14 19:39 - 000000000 ____D C:\Users\Regis\Downloads\Nouveau dossier (2)
2022-02-14 19:35 - 2022-02-14 19:35 - 000001923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk
2022-02-14 19:35 - 2022-02-14 19:35 - 000001911 _____ C:\Users\Public\Desktop\Bitwarden.lnk
2022-02-14 19:34 - 2022-02-14 19:35 - 000000000 ____D C:\Program Files\Bitwarden
2022-02-14 19:33 - 2022-02-14 19:33 - 000714120 _____ (Bitwarden Inc.) C:\Users\Regis\Downloads\Bitwarden-Installer-1.31.2(1).exe
2022-02-13 15:01 - 2022-02-13 15:03 - 000000000 ____D C:\Users\Regis\Downloads\Nouveau dossier
2022-02-13 14:47 - 2022-02-14 19:37 - 000000000 ____D C:\Users\Regis\AppData\Roaming\Bitwarden
2022-02-13 14:47 - 2022-02-13 14:47 - 000000000 ____D C:\Users\Regis\AppData\Local\bitwarden-updater
2022-02-13 14:44 - 2022-02-13 14:45 - 000714120 _____ (Bitwarden Inc.) C:\Users\Regis\Downloads\Bitwarden-Installer-1.31.2.exe
2022-02-13 14:33 - 2022-02-13 15:00 - 000000000 ___HD C:\$WINDOWS.~BT
2022-02-13 14:19 - 2022-02-13 14:20 - 000000000 ___HD C:\$GetCurrent
2022-02-13 13:51 - 2022-02-13 13:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-93965435-1970107836-2515385258-1001
2022-02-13 11:43 - 2022-02-13 11:43 - 000000923 _____ C:\Users\Regis\Desktop\ZHPCleaner.lnk
2022-02-13 11:39 - 2022-02-14 19:49 - 000000000 ____D C:\Users\Regis\AppData\Local\ZHP
2022-02-13 11:39 - 2022-02-13 11:39 - 003293336 _____ (Nicolas Coolman) C:\Users\Regis\Downloads\ZHPCleaner.exe
2022-02-13 10:58 - 2022-02-14 19:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-13 10:58 - 2022-02-13 10:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-13 10:20 - 2022-02-13 13:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-13 10:02 - 2022-02-13 10:02 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc29dd3c02aacf539.tmp
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-14 20:24 - 2017-02-18 08:02 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4AC674E7-6092-4235-9062-CB2DC31F27F2}
2022-02-14 20:23 - 2012-12-07 18:18 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-14 20:20 - 2016-11-23 22:58 - 000000000 ____D C:\Users\Regis\AppData\LocalLow\Mozilla
2022-02-14 19:58 - 2015-12-05 14:00 - 000000000 ____D C:\Users\Regis\AppData\Roaming\ZHP
2022-02-14 19:34 - 2017-08-12 22:01 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-93965435-1970107836-2515385258-1001
2022-02-14 19:33 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-14 19:33 - 2016-06-04 18:40 - 000002449 _____ C:\Users\Regis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-13 15:11 - 2016-10-07 08:01 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2022-02-13 15:11 - 2016-10-07 08:01 - 000001890 _____ C:\WINDOWS\diagerr.xml
2022-02-13 15:10 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2022-02-13 15:01 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\Registration
2022-02-13 14:34 - 2016-10-07 08:19 - 000000000 ___DC C:\WINDOWS\Panther
2022-02-13 14:31 - 2018-03-28 18:30 - 000000036 _____ C:\WINDOWS\progress.ini
2022-02-13 14:20 - 2018-03-28 17:48 - 000000000 ____D C:\Windows10Upgrade
2022-02-13 14:19 - 2016-10-07 07:27 - 006957034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-13 14:19 - 2016-07-16 23:40 - 003420106 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-13 14:19 - 2016-07-16 23:40 - 000940584 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-13 14:12 - 2016-10-07 07:28 - 000000000 ____D C:\Users\Regis
2022-02-13 14:09 - 2020-03-28 18:20 - 000000000 ____D C:\Users\Regis\AppData\Local\CrashDumps
2022-02-13 14:09 - 2017-08-09 20:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-13 14:08 - 2016-10-07 07:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-13 13:40 - 2014-09-06 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
2022-02-13 13:37 - 2016-10-07 08:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-13 13:36 - 2017-06-28 16:26 - 000000000 ____D C:\Program Files\CCleaner
2022-02-13 13:36 - 2013-09-19 06:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-13 11:16 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-13 10:58 - 2013-09-19 06:47 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-13 10:58 - 2013-09-19 05:53 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-13 10:45 - 2016-07-16 07:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-13 10:44 - 2012-12-07 18:17 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-13 10:41 - 2012-12-08 12:23 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-02-13 10:39 - 2016-10-07 07:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-13 10:38 - 2016-10-07 07:28 - 000000000 ____D C:\Users\DefaultAppPool
2022-02-13 10:36 - 2020-03-28 18:39 - 000000000 ____D C:\Users\Regis\AppData\Local\AVAST Software
2022-02-13 10:36 - 2016-10-07 07:59 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-13 10:35 - 2016-10-07 07:59 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-13 10:05 - 2020-03-28 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-02-13 10:05 - 2012-11-29 16:19 - 000000000 ____D C:\Users\Regis\AppData\Roaming\Skype
==================== Fichiers à la racine de certains dossiers ========
2016-06-18 17:01 - 2016-06-18 17:11 - 002219008 _____ () C:\Users\Regis\ZHPDiag3.exe
2014-04-27 14:12 - 2014-04-27 14:13 - 000000185 _____ () C:\Users\Regis\AppData\Roaming\wss.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-02-13 11:17
==================== Fin de FRST.txt ========================