Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Exécuté par Chantal (administrateur) sur CHANTAL-TOSH (TOSHIBA Satellite C660D) (26-08-2022 21:19:23)
Exécuté depuis C:\Users\Chantal\Downloads
Profils chargés: Chantal
Plate-forme: Microsoft Windows 10 Famille Version 1903 18362.1016 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\104.0.5112.102_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\CR_E878A.tmp\setup.exe <2>
(C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCopyAccelerator.exe
(DTUHandler.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\104.0.5112.102_chrome_installer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (Realsil Microelectronics Inc.) [Fichier non signé] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA CORPORATION -> TOSHIBA)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [MicrosoftEdgeAutoLaunch_4796770476E5E28F5B54BE5ED6E4C9E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Uninstall 22.156.0724.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\22.156.0724.0002" (Pas de fichier)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [Fichier non signé]
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02F10C61-CAC8-4497-BB7F-1D5E0EC3462A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {0328FCFB-283B-4DEB-B838-4A5BD67F7D96} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {064F79F2-C73B-4980-9D69-32ED70EBA6BC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {0C24A9EA-F1FD-467D-A9D1-55FAAF367AA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17B4D564-663E-44C0-9DBF-B65C67DCB57F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {19D2A3A3-B90F-414B-A0C7-4B0BBE94CA9E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Pas de fichier)
Task: {1A256662-4EA2-47F3-828D-45D0CA41751F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {1E248291-E1BE-4D3B-9990-104F7CDA67FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {24FAB9C4-961B-4809-9041-4B47B42506EE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {252FA0F3-4289-4E1F-AED6-CC33A92C8969} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {26E10B77-EA49-430E-B071-0545E1D26E74} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {2D988E45-5E1B-4476-A349-E7EC3F7E7CCD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {2FD74DE8-A9EF-483E-85FC-9FBA697ED1A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3EC28363-29FE-4840-A5D8-5F6E869567A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {408D7A11-754C-4F53-8208-CBB966B511A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {446E5B66-3F0B-4192-B4FF-D24DC926BF78} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {46FADC15-E7E6-4ADF-950D-63691AB46C85} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {479E92CA-1093-442C-831C-A53897084F89} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4C858C4C-9414-4C3E-A8FB-B1B93BBEBAE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {53A98DAB-0BB0-4E12-8EB6-ED13E05E381C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {546238FC-9401-47CC-9AF9-6ADC370F4207} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5AB0ED5B-D73E-4A12-81D9-4E0A9F5C0C09} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {627B326E-0758-4B3A-A07D-C353C82B3160} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {63B33B40-8689-43BE-8137-EC807062AC66} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {7CA818B6-3872-4E0B-839D-6402AF9EF2A0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {7E27D1E5-F413-4F14-B601-A465D09A75A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {81A48D2A-24E0-4C7C-B45C-C457325E5B96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {843B1B99-131F-4614-B05B-E0C3B623D7F7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {8D4A33E6-D4AA-4CF6-8DE9-A48038BE89A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {95CF707F-3B69-43E5-BACC-D838A39BF3C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {9FCF891A-C4BA-4110-8BE4-B0C07CFD68CA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {A625C4C1-F79E-4C66-A231-C54CF282821B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {AA278C26-723F-4A64-ABED-B40BF94A6458} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {AB3294B3-67D7-4BFB-9E0B-326266A60D6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADDC4260-60ED-474B-BF97-A4F5E47B799D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B81B5CE6-3C43-46BA-84DF-33CB75159798} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BB2B56B6-9A87-4841-B71C-6B9CB9226666} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {BD0BBB2C-ED80-4137-8B5D-F15A80853982} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {C611E0F0-186D-4037-BCDB-D614EDFBB53E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {CB1DFBD6-3255-4558-8354-87DFB39FEC80} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D43916AC-EF5D-4685-8A10-C1BD2E3D5532} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {D59B0D9E-4231-41B3-B4E8-3612230E8A41} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D8C8A0A8-C5D2-4919-8D96-391B15FAF499} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {DF04879B-3BD1-4753-A039-EF116E170F40} - \ConfigFree Startup Programs -> Pas de fichier <==== ATTENTION
Task: {EB3A38D9-EF9D-4F50-890E-178B2C9E38DB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {EFFF85A9-F73A-4FE9-B519-EBFFDA20D72D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {F3348D14-7277-40F6-9933-A67A93AB2B9B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFB34941-A144-4803-9E2D-B21A9CC0E5F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a7e4d486-8134-43fe-b76f-b9fe5859d765}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Chantal\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-26]
FireFox:
========
FF ProfilePath: C:\Users\Chantal\AppData\Roaming\Mozilla\Firefox\Profiles\kodxiq5w.default-1658328896796 [2022-08-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1180838116-2508372-459551200-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Chantal\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-11] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default [2022-08-26]
CHR Notifications: Default -> hxxps://pixelgamersonline.com
CHR NewTab: Default -> Not-active:"chrome-extension://kohoehgoafblafjinhplmhcbphgaaobc/product.html", Not-active:"chrome-extension://djlhjlhdleajenoohfmbejoekdejjaib/product.html"
CHR DefaultSearchURL: Default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchCH&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms}
CHR DefaultSearchKeyword: Default -> orange.fr
CHR DefaultSuggestURL: Default -> hxxp://search.ke.voila.fr/fr/cmplopensearch/xml/fullxml?rdata={searchTerms}&id=-1&dtd=2.0
CHR Extension: (Docs) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (FromDocToPDF) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlhjlhdleajenoohfmbejoekdejjaib [2020-06-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-08-26]
CHR Extension: (Birst-gal) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flbgdblojichdhokifkhfldmmdefekeb [2017-07-25]
CHR Extension: (InternetSpeedRadar) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2020-06-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe [615760 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe [44976440 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TOSTABSYSSVC.exe [254272 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe [446232 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-20] (Microsoft Corporation) [Fichier non signé]
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc. -> McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TosSrvCtlDrv.sys [25824 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-31] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 MpKslc4b49abc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{43239AED-BFD5-4568-AA60-6141EA325DE5}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Exécuté par Chantal (administrateur) sur CHANTAL-TOSH (TOSHIBA Satellite C660D) (26-08-2022 21:19:23)
Exécuté depuis C:\Users\Chantal\Downloads
Profils chargés: Chantal
Plate-forme: Microsoft Windows 10 Famille Version 1903 18362.1016 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\104.0.5112.102_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\CR_E878A.tmp\setup.exe <2>
(C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCopyAccelerator.exe
(DTUHandler.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\D360\266f9158-0322-49be-b4b1-5aa7060869e0\WindowsUpdateBox.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{B09D1C0F-EFAC-4181-8397-D29AF2CD54E7}\104.0.5112.102_chrome_installer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (Realsil Microelectronics Inc.) [Fichier non signé] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DTUHandler.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA CORPORATION -> TOSHIBA)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\Run: [MicrosoftEdgeAutoLaunch_4796770476E5E28F5B54BE5ED6E4C9E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1180838116-2508372-459551200-1000\...\RunOnce: [Uninstall 22.156.0724.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Chantal\AppData\Local\Microsoft\OneDrive\22.156.0724.0002" (Pas de fichier)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [Fichier non signé]
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-19]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02F10C61-CAC8-4497-BB7F-1D5E0EC3462A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {0328FCFB-283B-4DEB-B838-4A5BD67F7D96} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {064F79F2-C73B-4980-9D69-32ED70EBA6BC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {0C24A9EA-F1FD-467D-A9D1-55FAAF367AA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17B4D564-663E-44C0-9DBF-B65C67DCB57F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {19D2A3A3-B90F-414B-A0C7-4B0BBE94CA9E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Pas de fichier)
Task: {1A256662-4EA2-47F3-828D-45D0CA41751F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {1E248291-E1BE-4D3B-9990-104F7CDA67FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {24FAB9C4-961B-4809-9041-4B47B42506EE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {252FA0F3-4289-4E1F-AED6-CC33A92C8969} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {26E10B77-EA49-430E-B071-0545E1D26E74} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {2D988E45-5E1B-4476-A349-E7EC3F7E7CCD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {2FD74DE8-A9EF-483E-85FC-9FBA697ED1A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3EC28363-29FE-4840-A5D8-5F6E869567A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {408D7A11-754C-4F53-8208-CBB966B511A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {446E5B66-3F0B-4192-B4FF-D24DC926BF78} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {46FADC15-E7E6-4ADF-950D-63691AB46C85} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {479E92CA-1093-442C-831C-A53897084F89} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4C858C4C-9414-4C3E-A8FB-B1B93BBEBAE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {53A98DAB-0BB0-4E12-8EB6-ED13E05E381C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {546238FC-9401-47CC-9AF9-6ADC370F4207} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5AB0ED5B-D73E-4A12-81D9-4E0A9F5C0C09} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {627B326E-0758-4B3A-A07D-C353C82B3160} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {63B33B40-8689-43BE-8137-EC807062AC66} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {7CA818B6-3872-4E0B-839D-6402AF9EF2A0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {7E27D1E5-F413-4F14-B601-A465D09A75A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {81A48D2A-24E0-4C7C-B45C-C457325E5B96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {843B1B99-131F-4614-B05B-E0C3B623D7F7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {8D4A33E6-D4AA-4CF6-8DE9-A48038BE89A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {95CF707F-3B69-43E5-BACC-D838A39BF3C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {9FCF891A-C4BA-4110-8BE4-B0C07CFD68CA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {A625C4C1-F79E-4C66-A231-C54CF282821B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {AA278C26-723F-4A64-ABED-B40BF94A6458} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {AB3294B3-67D7-4BFB-9E0B-326266A60D6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADDC4260-60ED-474B-BF97-A4F5E47B799D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B81B5CE6-3C43-46BA-84DF-33CB75159798} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BB2B56B6-9A87-4841-B71C-6B9CB9226666} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {BD0BBB2C-ED80-4137-8B5D-F15A80853982} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {C611E0F0-186D-4037-BCDB-D614EDFBB53E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {CB1DFBD6-3255-4558-8354-87DFB39FEC80} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D43916AC-EF5D-4685-8A10-C1BD2E3D5532} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {D59B0D9E-4231-41B3-B4E8-3612230E8A41} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D8C8A0A8-C5D2-4919-8D96-391B15FAF499} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {DF04879B-3BD1-4753-A039-EF116E170F40} - \ConfigFree Startup Programs -> Pas de fichier <==== ATTENTION
Task: {EB3A38D9-EF9D-4F50-890E-178B2C9E38DB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {EFFF85A9-F73A-4FE9-B519-EBFFDA20D72D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {F3348D14-7277-40F6-9933-A67A93AB2B9B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFB34941-A144-4803-9E2D-B21A9CC0E5F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a7e4d486-8134-43fe-b76f-b9fe5859d765}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Chantal\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-26]
FireFox:
========
FF ProfilePath: C:\Users\Chantal\AppData\Roaming\Mozilla\Firefox\Profiles\kodxiq5w.default-1658328896796 [2022-08-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [Fichier non signé]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1180838116-2508372-459551200-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Chantal\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-11] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default [2022-08-26]
CHR Notifications: Default -> hxxps://pixelgamersonline.com
CHR NewTab: Default -> Not-active:"chrome-extension://kohoehgoafblafjinhplmhcbphgaaobc/product.html", Not-active:"chrome-extension://djlhjlhdleajenoohfmbejoekdejjaib/product.html"
CHR DefaultSearchURL: Default -> hxxp://r.orange.fr/r?ref=O_OI_hook_openSearchCH&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms}
CHR DefaultSearchKeyword: Default -> orange.fr
CHR DefaultSuggestURL: Default -> hxxp://search.ke.voila.fr/fr/cmplopensearch/xml/fullxml?rdata={searchTerms}&id=-1&dtd=2.0
CHR Extension: (Docs) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (FromDocToPDF) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlhjlhdleajenoohfmbejoekdejjaib [2020-06-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-08-26]
CHR Extension: (Birst-gal) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\flbgdblojichdhokifkhfldmmdefekeb [2017-07-25]
CHR Extension: (InternetSpeedRadar) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2020-06-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Chantal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe [615760 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [Fichier non signé]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe [44976440 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TOSTABSYSSVC.exe [254272 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe [446232 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-20] (Microsoft Corporation) [Fichier non signé]
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc. -> McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TosSrvCtlDrv.sys [25824 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-31] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 MpKslc4b49abc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{43239AED-BFD5-4568-AA60-6141EA325DE5}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)