Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01
Exécuté par titou (administrateur) sur LIAUDET (ASUSTeK COMPUTER INC. K30BF_M32BF) (22-02-2022 10:19:55)
Exécuté depuis C:\Users\titou\Downloads
Profils chargés: titou
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1526 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-07-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706864 2022-01-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Run: [Google Update] => C:\Users\titou\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-02-15] (Google LLC -> Google LLC)
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Run: [] => [X]
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4968224 2022-02-16] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Print\Monitors\HP AF11 Status Monitor: C:\WINDOWS\system32\hpinkstsAF11LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 6520 series): C:\WINDOWS\system32\HPDiscoPMAF11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
Startup: C:\Users\titou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk [2016-12-02]
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07A7E5A0-5B32-440B-A68E-FD1A8CA71E9C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {22C64926-164E-48CF-849C-15AD5782B7C5} - System32\Tasks\{AA31BCFD-77DA-4DBC-95EC-2C569E3215AA} => C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {25F34139-8E29-47E8-A038-8BD80A3F9C5A} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [21784 2013-08-24] (ASUSTeK Computer Inc. -> )
Task: {3020ED2F-566C-4CE4-8B78-BC0AFE1211FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {31A7BC65-39C5-449A-B2FB-E067135E981D} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {53C9BA09-C13F-4279-AFD9-C54E98EF6708} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [225592 2014-03-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {541BDCAE-AA7C-4BE7-89FB-C5D340358A03} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {5D2B5A1F-DB2D-415C-A0BE-2C28B338F084} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [937104 2014-03-21] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {5D6A7C84-7966-4275-BE65-C80DD7A60D9F} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [930448 2014-06-03] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {61B54CA5-E3D1-4116-92C4-A17C3ACDF068} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {68F1632D-1C2D-4A8B-8B18-49621D977055} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6BCE0D4E-A434-4DEF-BDA3-325BC285DC41} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7C749745-B553-4990-B64A-8DCD20F664F8} - System32\Tasks\{F7804916-36D7-4A63-9E91-0958E81AF633} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=fr-fr
Task: {7D3780C5-1554-4520-95A0-E34A983B94F7} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A2C2CE4-BCE4-434C-AE44-230BA3ED6B6B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002Core => C:\Users\titou\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-10] (Google Inc -> Google Inc.)
Task: {8A4BF379-6E02-4DA9-A890-39D11A2E0503} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {8AF615C4-B525-42AE-AA98-61DCE4AC8535} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {AF7F4E72-E3E0-4744-A425-2D1E56A4DCC1} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1271420549-3183862273-2381648090-1002_3 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-11-23] (Microsoft Windows -> Microsoft Corporation)
Task: {BFA94295-F3D4-47A5-98D7-17270FA4CD41} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [548512 2013-04-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C37CD77E-064E-4D83-A5F9-E9C0741939A4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4BD691C-CB5F-4232-97D6-46829DFDB4B5} - \Microsoft\Windows\Setup\EOONotify -> Pas de fichier <==== ATTENTION
Task: {CA03ACD5-5FB7-494B-A8A8-1EB219C2E687} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [919696 2014-03-18] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CFCD5762-EA6D-4594-A90E-7BBD6480B2F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA7146DB-328B-4103-80D5-314DB2C2BE33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {DB02F663-8D63-4EF2-BE61-90AB67EA9761} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {E90B13B3-8428-430D-8910-A7302191C3F8} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [216344 2014-02-21] (ASUSTeK Computer Inc. -> ASUSTeK)
Task: {ECBC9E4E-606B-4582-91DA-DBC86E3C7908} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002UA => C:\Users\titou\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-10] (Google Inc -> Google Inc.)
Task: {EE6FAB16-7162-464F-B280-08FB40EF457C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {FB9F13F0-0FE4-47C8-914D-B05646D29E9D} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [299288 2014-03-20] (ASUSTeK Computer Inc. -> ASUSTeK)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1271420549-3183862273-2381648090-501] => http=127.0.0.1:50877;https=127.0.0.1:50877
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{6b5f74c5-1336-45e2-82cc-bd0da3e99986}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{70ef74c1-8307-4e8f-af1b-32525bb4ec45}: [DhcpNameServer] 212.27.40.241 212.27.40.240
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\titou\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-22]
Edge Notifications: Default -> hxxps://www.usinages.com
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 773ge19v.default-1430065567729-1622046287234
FF ProfilePath: C:\Users\titou\AppData\Roaming\Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234 [2022-02-22]
FF Notifications: Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234 -> hxxps://www.usinages.com; hxxps://forum.zebulon.fr
FF Extension: (Privacy Badger) - C:\Users\titou\AppData\Roaming\Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-29]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-31]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default [2016-12-03]
CHR Extension: (Docs) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-02-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] (ASUSTeK Computer Inc. -> )
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-15] (ASUS Cloud Corporation) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634168 2022-01-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [416560 2018-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-09-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-16] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6659880 2021-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220472 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1193160 2018-08-02] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [168760 2018-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113912 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236816 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [290160 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110568 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [194120 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [161080 2018-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-22] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-22 10:19 - 2022-02-22 10:21 - 000031215 _____ C:\Users\titou\Downloads\FRST.txt
2022-02-22 10:17 - 2022-02-22 10:21 - 000000000 ____D C:\FRST
2022-02-22 10:14 - 2022-02-22 10:15 - 002312192 _____ (Farbar) C:\Users\titou\Downloads\FRST64(1).exe
2022-02-22 10:13 - 2022-02-22 10:13 - 002312192 _____ (Farbar) C:\Users\titou\Downloads\FRST64.exe
2022-02-21 21:26 - 2022-02-21 21:27 - 000000000 ____D C:\Users\titou\Downloads\CrystalDiskInfo8_15_2
2022-02-21 21:23 - 2022-02-21 21:23 - 005436736 _____ C:\Users\titou\Downloads\CrystalDiskInfo8_15_2.zip
2022-02-21 18:53 - 2022-02-21 18:54 - 000000000 ____D C:\Users\titou\Downloads\CrystalDiskMark8_0_4a
2022-02-21 18:48 - 2022-02-21 18:48 - 003796974 _____ C:\Users\titou\Downloads\CrystalDiskMark8_0_4a.zip
2022-02-20 08:55 - 2022-02-20 08:55 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1271420549-3183862273-2381648090-1002_3
2022-02-19 09:24 - 2022-02-19 09:24 - 011639120 _____ C:\Users\titou\Downloads\scie a chantourner delta 40-530C.pdf
2022-02-18 15:47 - 2022-02-19 08:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-17 09:21 - 2022-02-17 09:21 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-16 18:20 - 2022-02-16 18:20 - 000014433 _____ C:\Users\titou\Downloads\34203-1086442-dessiner-une-spirale.zip
2022-02-16 13:41 - 2022-02-16 13:41 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-16 13:41 - 2022-02-16 13:41 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-16 13:41 - 2022-02-16 13:41 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-16 13:40 - 2022-02-16 13:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-16 13:39 - 2022-02-16 13:39 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-16 13:38 - 2022-02-16 13:38 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-16 13:38 - 2022-02-16 13:38 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-16 13:12 - 2022-02-16 13:15 - 000000000 ___HD C:\$WinREAgent
2022-02-16 09:39 - 2022-02-22 09:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-15 21:48 - 2022-02-15 21:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-15 12:55 - 2022-02-15 12:55 - 000001202 _____ C:\Users\Public\Desktop\Avira.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-22 10:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-22 10:19 - 2016-11-27 17:40 - 000000000 ____D C:\Users\titou\AppData\LocalLow\Mozilla
2022-02-22 10:10 - 2015-01-19 16:19 - 000000000 ____D C:\Users\titou\AppData\Local\CrashDumps
2022-02-22 09:43 - 2021-02-13 20:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-22 09:43 - 2021-02-13 19:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-22 09:43 - 2020-12-09 01:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-20 18:14 - 2021-10-13 14:21 - 000000000 ____D C:\Users\titou\AppData\Local\Deployment
2022-02-20 14:34 - 2017-12-13 13:16 - 000207992 _____ C:\Users\titou\Documents\Demo.cao
2022-02-19 15:11 - 2020-09-23 17:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-19 09:12 - 2020-06-15 10:06 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-19 09:12 - 2020-06-15 10:06 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-19 09:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-19 09:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-19 08:57 - 2015-01-19 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-18 21:30 - 2021-02-13 17:39 - 000000000 ____D C:\Users\titou
2022-02-18 17:40 - 2021-10-10 08:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-18 17:40 - 2015-04-26 17:19 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-17 09:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-17 09:30 - 2021-12-11 10:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1271420549-3183862273-2381648090-1002
2022-02-17 09:30 - 2021-02-13 20:29 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1271420549-3183862273-2381648090-1002
2022-02-17 09:30 - 2021-02-13 17:39 - 000002466 _____ C:\Users\titou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-17 09:28 - 2021-02-13 20:18 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-17 09:28 - 2019-12-07 15:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-17 09:28 - 2019-12-07 15:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-16 21:14 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-16 21:11 - 2021-02-13 19:59 - 000542968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-16 21:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-16 14:17 - 2020-09-22 16:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-16 14:17 - 2019-08-31 08:54 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-16 14:16 - 2018-02-12 14:35 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-16 14:16 - 2015-01-18 18:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-16 13:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-16 13:38 - 2021-02-13 20:03 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-16 09:39 - 2015-01-18 08:21 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-15 21:50 - 2014-09-18 20:34 - 000000000 ____D C:\ProgramData\Realtek
2022-02-15 13:49 - 2015-01-18 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-15 13:42 - 2015-01-18 17:44 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-15 13:11 - 2015-09-04 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-02-15 13:10 - 2021-02-13 20:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-15 13:08 - 2017-04-12 07:23 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-02-15 13:06 - 2021-03-04 21:16 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7023c96aaff18
2022-02-15 13:06 - 2021-02-13 20:29 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-15 13:03 - 2016-12-13 18:16 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-02-15 13:00 - 2021-02-13 20:29 - 000003854 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002UA
2022-02-15 13:00 - 2021-02-13 20:29 - 000003586 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002Core
2022-02-15 12:55 - 2017-08-29 09:22 - 000000000 ____D C:\ProgramData\Package Cache
==================== Fichiers à la racine de certains dossiers ========
2012-07-25 00:50 - 2012-07-25 00:50 - 000001261 _____ () C:\Program Files (x86)\Hercus Model A - Imperial Thread.lat
2012-05-25 02:43 - 2012-05-25 02:43 - 000001272 _____ () C:\Program Files (x86)\Hercus Model A - Metric Thread.lat
2012-05-23 05:41 - 2012-05-23 05:41 - 000001309 _____ () C:\Program Files (x86)\Hercus Model A.lat
2012-07-25 00:29 - 2012-07-25 00:29 - 007023616 _____ (Vernon van Duijnhoven) C:\Program Files (x86)\LatheGears.exe
2012-07-01 23:29 - 2012-07-01 23:29 - 000001490 _____ () C:\Program Files (x86)\Nuttal.lat
2010-05-27 02:47 - 2010-05-27 02:47 - 000000295 _____ () C:\Program Files (x86)\Toreb (Swedish).lat
2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\titou\AppData\Roaming\IDFKR
2014-09-01 09:18 - 2014-09-01 09:18 - 000001248 _____ () C:\Users\titou\AppData\Roaming\ZRBMEL
2015-01-18 08:06 - 2016-07-25 14:29 - 001158182 _____ () C:\Users\titou\AppData\Local\BTServer.log
2017-04-12 13:09 - 2018-10-25 18:52 - 000013824 _____ () C:\Users\titou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-15 12:50 - 2021-12-05 18:10 - 000007605 _____ () C:\Users\titou\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par titou (administrateur) sur LIAUDET (ASUSTeK COMPUTER INC. K30BF_M32BF) (22-02-2022 10:19:55)
Exécuté depuis C:\Users\titou\Downloads
Profils chargés: titou
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1526 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-07-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706864 2022-01-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Run: [Google Update] => C:\Users\titou\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-02-15] (Google LLC -> Google LLC)
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Run: [] => [X]
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4968224 2022-02-16] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Print\Monitors\HP AF11 Status Monitor: C:\WINDOWS\system32\hpinkstsAF11LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 6520 series): C:\WINDOWS\system32\HPDiscoPMAF11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
Startup: C:\Users\titou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Photosmart 6520 series.lnk [2016-12-02]
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {07A7E5A0-5B32-440B-A68E-FD1A8CA71E9C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {22C64926-164E-48CF-849C-15AD5782B7C5} - System32\Tasks\{AA31BCFD-77DA-4DBC-95EC-2C569E3215AA} => C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {25F34139-8E29-47E8-A038-8BD80A3F9C5A} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [21784 2013-08-24] (ASUSTeK Computer Inc. -> )
Task: {3020ED2F-566C-4CE4-8B78-BC0AFE1211FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {31A7BC65-39C5-449A-B2FB-E067135E981D} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {53C9BA09-C13F-4279-AFD9-C54E98EF6708} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [225592 2014-03-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {541BDCAE-AA7C-4BE7-89FB-C5D340358A03} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {5D2B5A1F-DB2D-415C-A0BE-2C28B338F084} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [937104 2014-03-21] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {5D6A7C84-7966-4275-BE65-C80DD7A60D9F} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [930448 2014-06-03] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {61B54CA5-E3D1-4116-92C4-A17C3ACDF068} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {68F1632D-1C2D-4A8B-8B18-49621D977055} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6BCE0D4E-A434-4DEF-BDA3-325BC285DC41} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7C749745-B553-4990-B64A-8DCD20F664F8} - System32\Tasks\{F7804916-36D7-4A63-9E91-0958E81AF633} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=fr-fr
Task: {7D3780C5-1554-4520-95A0-E34A983B94F7} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A2C2CE4-BCE4-434C-AE44-230BA3ED6B6B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002Core => C:\Users\titou\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-10] (Google Inc -> Google Inc.)
Task: {8A4BF379-6E02-4DA9-A890-39D11A2E0503} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {8AF615C4-B525-42AE-AA98-61DCE4AC8535} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {AF7F4E72-E3E0-4744-A425-2D1E56A4DCC1} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1271420549-3183862273-2381648090-1002_3 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-11-23] (Microsoft Windows -> Microsoft Corporation)
Task: {BFA94295-F3D4-47A5-98D7-17270FA4CD41} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [548512 2013-04-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C37CD77E-064E-4D83-A5F9-E9C0741939A4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4BD691C-CB5F-4232-97D6-46829DFDB4B5} - \Microsoft\Windows\Setup\EOONotify -> Pas de fichier <==== ATTENTION
Task: {CA03ACD5-5FB7-494B-A8A8-1EB219C2E687} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [919696 2014-03-18] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CFCD5762-EA6D-4594-A90E-7BBD6480B2F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA7146DB-328B-4103-80D5-314DB2C2BE33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {DB02F663-8D63-4EF2-BE61-90AB67EA9761} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {E90B13B3-8428-430D-8910-A7302191C3F8} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [216344 2014-02-21] (ASUSTeK Computer Inc. -> ASUSTeK)
Task: {ECBC9E4E-606B-4582-91DA-DBC86E3C7908} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002UA => C:\Users\titou\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-10] (Google Inc -> Google Inc.)
Task: {EE6FAB16-7162-464F-B280-08FB40EF457C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {FB9F13F0-0FE4-47C8-914D-B05646D29E9D} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [299288 2014-03-20] (ASUSTeK Computer Inc. -> ASUSTeK)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1271420549-3183862273-2381648090-501] => http=127.0.0.1:50877;https=127.0.0.1:50877
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{6b5f74c5-1336-45e2-82cc-bd0da3e99986}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{70ef74c1-8307-4e8f-af1b-32525bb4ec45}: [DhcpNameServer] 212.27.40.241 212.27.40.240
HKU\S-1-5-21-1271420549-3183862273-2381648090-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\titou\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-22]
Edge Notifications: Default -> hxxps://www.usinages.com
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 773ge19v.default-1430065567729-1622046287234
FF ProfilePath: C:\Users\titou\AppData\Roaming\Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234 [2022-02-22]
FF Notifications: Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234 -> hxxps://www.usinages.com; hxxps://forum.zebulon.fr
FF Extension: (Privacy Badger) - C:\Users\titou\AppData\Roaming\Mozilla\Firefox\Profiles\773ge19v.default-1430065567729-1622046287234\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-29]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-31]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default [2016-12-03]
CHR Extension: (Docs) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\titou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [538000 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-09-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-02-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] (ASUSTeK Computer Inc. -> )
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe [71680 2014-01-15] (ASUS Cloud Corporation) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634168 2022-01-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [416560 2018-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-09-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-16] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6659880 2021-04-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22848 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2021-11-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220472 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1193160 2018-08-02] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [168760 2018-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113912 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236816 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [290160 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110568 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [194120 2018-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [161080 2018-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-22] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-22 10:19 - 2022-02-22 10:21 - 000031215 _____ C:\Users\titou\Downloads\FRST.txt
2022-02-22 10:17 - 2022-02-22 10:21 - 000000000 ____D C:\FRST
2022-02-22 10:14 - 2022-02-22 10:15 - 002312192 _____ (Farbar) C:\Users\titou\Downloads\FRST64(1).exe
2022-02-22 10:13 - 2022-02-22 10:13 - 002312192 _____ (Farbar) C:\Users\titou\Downloads\FRST64.exe
2022-02-21 21:26 - 2022-02-21 21:27 - 000000000 ____D C:\Users\titou\Downloads\CrystalDiskInfo8_15_2
2022-02-21 21:23 - 2022-02-21 21:23 - 005436736 _____ C:\Users\titou\Downloads\CrystalDiskInfo8_15_2.zip
2022-02-21 18:53 - 2022-02-21 18:54 - 000000000 ____D C:\Users\titou\Downloads\CrystalDiskMark8_0_4a
2022-02-21 18:48 - 2022-02-21 18:48 - 003796974 _____ C:\Users\titou\Downloads\CrystalDiskMark8_0_4a.zip
2022-02-20 08:55 - 2022-02-20 08:55 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1271420549-3183862273-2381648090-1002_3
2022-02-19 09:24 - 2022-02-19 09:24 - 011639120 _____ C:\Users\titou\Downloads\scie a chantourner delta 40-530C.pdf
2022-02-18 15:47 - 2022-02-19 08:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-02-17 09:21 - 2022-02-17 09:21 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-02-16 18:20 - 2022-02-16 18:20 - 000014433 _____ C:\Users\titou\Downloads\34203-1086442-dessiner-une-spirale.zip
2022-02-16 13:41 - 2022-02-16 13:41 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-16 13:41 - 2022-02-16 13:41 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-16 13:41 - 2022-02-16 13:41 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-16 13:40 - 2022-02-16 13:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-16 13:39 - 2022-02-16 13:39 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-16 13:38 - 2022-02-16 13:38 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-16 13:38 - 2022-02-16 13:38 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-16 13:12 - 2022-02-16 13:15 - 000000000 ___HD C:\$WinREAgent
2022-02-16 09:39 - 2022-02-22 09:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-15 21:48 - 2022-02-15 21:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-15 12:55 - 2022-02-15 12:55 - 000001202 _____ C:\Users\Public\Desktop\Avira.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-22 10:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-22 10:19 - 2016-11-27 17:40 - 000000000 ____D C:\Users\titou\AppData\LocalLow\Mozilla
2022-02-22 10:10 - 2015-01-19 16:19 - 000000000 ____D C:\Users\titou\AppData\Local\CrashDumps
2022-02-22 09:43 - 2021-02-13 20:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-22 09:43 - 2021-02-13 19:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-22 09:43 - 2020-12-09 01:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-20 18:14 - 2021-10-13 14:21 - 000000000 ____D C:\Users\titou\AppData\Local\Deployment
2022-02-20 14:34 - 2017-12-13 13:16 - 000207992 _____ C:\Users\titou\Documents\Demo.cao
2022-02-19 15:11 - 2020-09-23 17:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-19 09:12 - 2020-06-15 10:06 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-19 09:12 - 2020-06-15 10:06 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-19 09:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-19 09:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-19 08:57 - 2015-01-19 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-18 21:30 - 2021-02-13 17:39 - 000000000 ____D C:\Users\titou
2022-02-18 17:40 - 2021-10-10 08:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-18 17:40 - 2015-04-26 17:19 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-17 09:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-17 09:30 - 2021-12-11 10:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1271420549-3183862273-2381648090-1002
2022-02-17 09:30 - 2021-02-13 20:29 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1271420549-3183862273-2381648090-1002
2022-02-17 09:30 - 2021-02-13 17:39 - 000002466 _____ C:\Users\titou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-17 09:28 - 2021-02-13 20:18 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-17 09:28 - 2019-12-07 15:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-17 09:28 - 2019-12-07 15:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-16 21:14 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-16 21:11 - 2021-02-13 19:59 - 000542968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-16 21:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-16 21:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-16 14:17 - 2020-09-22 16:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-02-16 14:17 - 2019-08-31 08:54 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-02-16 14:16 - 2018-02-12 14:35 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-16 14:16 - 2015-01-18 18:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-02-16 13:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-16 13:38 - 2021-02-13 20:03 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-16 09:39 - 2015-01-18 08:21 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-15 21:50 - 2014-09-18 20:34 - 000000000 ____D C:\ProgramData\Realtek
2022-02-15 13:49 - 2015-01-18 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-15 13:42 - 2015-01-18 17:44 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-15 13:11 - 2015-09-04 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-02-15 13:10 - 2021-02-13 20:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-15 13:08 - 2017-04-12 07:23 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-02-15 13:06 - 2021-03-04 21:16 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7023c96aaff18
2022-02-15 13:06 - 2021-02-13 20:29 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-15 13:03 - 2016-12-13 18:16 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-02-15 13:00 - 2021-02-13 20:29 - 000003854 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002UA
2022-02-15 13:00 - 2021-02-13 20:29 - 000003586 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1271420549-3183862273-2381648090-1002Core
2022-02-15 12:55 - 2017-08-29 09:22 - 000000000 ____D C:\ProgramData\Package Cache
==================== Fichiers à la racine de certains dossiers ========
2012-07-25 00:50 - 2012-07-25 00:50 - 000001261 _____ () C:\Program Files (x86)\Hercus Model A - Imperial Thread.lat
2012-05-25 02:43 - 2012-05-25 02:43 - 000001272 _____ () C:\Program Files (x86)\Hercus Model A - Metric Thread.lat
2012-05-23 05:41 - 2012-05-23 05:41 - 000001309 _____ () C:\Program Files (x86)\Hercus Model A.lat
2012-07-25 00:29 - 2012-07-25 00:29 - 007023616 _____ (Vernon van Duijnhoven) C:\Program Files (x86)\LatheGears.exe
2012-07-01 23:29 - 2012-07-01 23:29 - 000001490 _____ () C:\Program Files (x86)\Nuttal.lat
2010-05-27 02:47 - 2010-05-27 02:47 - 000000295 _____ () C:\Program Files (x86)\Toreb (Swedish).lat
2014-09-01 09:18 - 2014-09-01 09:18 - 000002086 _____ () C:\Users\titou\AppData\Roaming\IDFKR
2014-09-01 09:18 - 2014-09-01 09:18 - 000001248 _____ () C:\Users\titou\AppData\Roaming\ZRBMEL
2015-01-18 08:06 - 2016-07-25 14:29 - 001158182 _____ () C:\Users\titou\AppData\Local\BTServer.log
2017-04-12 13:09 - 2018-10-25 18:52 - 000013824 _____ () C:\Users\titou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-15 12:50 - 2021-12-05 18:10 - 000007605 _____ () C:\Users\titou\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================