Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022
Exécuté par Françoise (administrateur) sur FRANÇOISE-PC (31-07-2022 11:32:56)
Exécuté depuis C:\Users\Françoise\Downloads
Profils chargés: Françoise
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(explorer.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {1b12fc04-b1d4-11e5-b0df-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {3fa45339-0b91-11e6-a03c-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {3fa45382-0b91-11e6-a03c-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {859115c5-fc26-11ea-af9b-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8c255b66-0acb-11e6-b7ef-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8eec5bd9-0949-11e6-8525-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8eec5c09-0949-11e6-8525-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {94f3dc64-f247-11e9-8f10-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {975ffa65-0a14-11e6-8a5c-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {b14eedac-71d0-11eb-9cd1-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {e22e9eb2-bd66-11e5-8936-d0509957b262} - E:\LaunchU3.exe -a
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {fdad11d0-01e9-11e9-9ce7-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2018-01-10] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Hewlett-Packard Corporation) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON XP-640 Series 64MonitorBE: C:\Windows\system32\E_YLMBRHE.DLL [182784 2015-12-08] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\Windows\system32\hpf3l02t.dll [138752 2010-05-14] (Hewlett-Packard Company) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {243FC454-09AD-470A-B716-284DBA75DFE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {2C90947D-24D4-4597-B3A9-48AD55C6D7E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6DF114B5-5455-44D2-A8A4-DE07FDFBEE15} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [256800 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {8FC5C30B-5CFF-4D86-A925-7B38002F259E} - System32\Tasks\{5C72F07A-176E-40C3-AE1E-FE7922E728FA} => C:\Windows\system32\pcalua.exe -a D:\Drivers\LAN\REALTEK\(5814)\setup.exe -d D:\Drivers\LAN\REALTEK\(5814)
Task: {913E8D01-7808-405F-A4FF-E62B5F13F285} - System32\Tasks\CCleanerSkipUAC - Françoise => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9706EFF5-E3D1-4487-8F9F-264C1D5FE971} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Pas de fichier)
Task: {A53AB438-3341-4FD4-BE02-71845497F5C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {AA1AEFC9-F594-444F-9935-647BFD6EEEDE} - System32\Tasks\AdobeAAMUpdater-1.0-Françoise-PC-Françoise => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {AF9A02F5-0E7B-427B-9D67-893FD5C8D09C} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BA12DE5E-7A13-4C12-84F1-8263966F5DA3} - System32\Tasks\{024875D6-930C-4D3A-8D9B-E49924F62544} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {BA62C90F-0E7F-4D4A-B414-FC85555B5E5E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1645704 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {D079C632-CF6B-465F-AE12-7CA7B21FFF44} - System32\Tasks\{EF3723A2-32A5-47A8-8B85-A3FECF93B10A} => C:\Windows\system32\pcalua.exe -a D:\Drivers\LAN\Atheros\(v2.1.0.21)\setup.exe -d D:\Drivers\LAN\Atheros\(v2.1.0.21)
Task: {DE5BE796-8F87-4D08-A742-7CD032B2725D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F2EC4179-83A1-4581-97B2-198619055B3D} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32837648 2022-07-27] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {F6145834-090E-4006-BD87-F70EE76F1B0E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {F6EE8CC6-F1EC-415B-AC03-F45147586651} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FC214EEE-1342-411C-801F-816D875E9CF9} - System32\Tasks\{BE73739F-4827-4F72-B8F1-FF4DDC016307} => C:\Windows\system32\pcalua.exe -a C:\Users\Françoise\Desktop\setupx.exe -d C:\Users\Françoise\Desktop
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2275248B-E298-42A1-8502-9FF741E62EA6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{810437E3-8163-4D15-BBD1-A81DE1ADBEA7}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 98u2rt1r.default-1489409510178-1501359798060
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031 [2022-07-31]
FF Extension: (AdBlocker Ultimate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (To Google Translate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-24]
FF Extension: (KProxy Extension) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\jid1-XgC5trUcILmXBw@jetpack.xpi [2021-11-17]
FF Extension: (uBlock Origin) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Extension: (Startpage.com - recherche privé) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-08-23]
FF Extension: (Bitwarden) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-07-08]
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\zxi65xqg.default-1553513110843 [2022-04-01]
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060 [2022-06-19]
FF Session Restore: Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060 -> est activé.
FF Extension: (To Google Translate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-13]
FF Extension: (uBlock Origin) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\uBlock0@raymondhill.net.xpi [2019-07-10]
FF Extension: (Startpage.com - recherche privé) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-06-02]
FF ProfilePath: c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox [2022-06-19]
FF Extension: (To Google Translate) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-11-30]
FF Extension: (uBlock Origin) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\uBlock0@raymondhill.net.xpi [2020-01-03]
FF Extension: (Startpage.com - recherche privé) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-11]
FF Extension: (Bitwarden - Gestionnaire de mots de passe gratuit) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2020-03-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2016-01-25] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2016-01-25] [] [non signé]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-05-19]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-07] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-07] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default [2022-07-26]
CHR NewTab: Default -> Not-active:"chrome-extension://becklgmbheknjjjaflpgodmbihommoke/stubby.html", Not-active:"chrome-extension://edlkcjfhiofedjdnbagmjhmkemmnnggg/stubby.html"
CHR Extension: (DiscoverLiveRadio) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\becklgmbheknjjjaflpgodmbihommoke [2020-08-23]
CHR Extension: (Avira Password Manager) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-06-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-07-26]
CHR Extension: (MyRadioAccess) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlkcjfhiofedjdnbagmjhmkemmnnggg [2020-08-23]
CHR Extension: (Protection Web Avira) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-07-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-19]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [282464 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-03-22] (Brother Industries, Ltd.) [Fichier non signé]
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8487456 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8487456 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG -> Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2020-08-04] (Microsoft) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2020-08-04] (Microsoft) [Fichier non signé]
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [215360 2022-06-21] (BullGuard LTD -> Avira Operations GmbH & Co. KG)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [96088 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [204136 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [193768 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [47560 2022-06-24] (Avira Operations GmbH -> Avira Operations GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
U1 aswbdisk; pas de ImagePath
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-07-31 11:32 - 2022-07-31 11:33 - 000026517 _____ C:\Users\Françoise\Downloads\FRST.txt
2022-07-31 11:32 - 2022-07-31 11:33 - 000000000 ____D C:\FRST
2022-07-31 11:32 - 2022-07-31 11:32 - 002369536 _____ (Farbar) C:\Users\Françoise\Downloads\FRST64.exe
2022-07-29 13:00 - 2022-07-31 10:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-27 18:30 - 2022-07-27 18:30 - 000003672 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupVerify
2022-07-24 23:05 - 2022-07-24 23:07 - 068566072 _____ C:\Users\Françoise\Downloads\wetransfer_vacances-de-famille-en-bretagne_2022-07-24_1204.zip
2022-07-23 09:53 - 2022-07-23 09:53 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2022-07-23 09:53 - 2022-07-23 09:53 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-07-01 10:29 - 2022-07-01 10:29 - 000000000 ____D C:\Users\Françoise\.ms-ad
2022-07-01 10:21 - 2022-07-05 23:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-07-31 11:06 - 2022-02-09 15:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-31 11:05 - 2016-11-16 17:34 - 000000000 ____D C:\Users\Françoise\AppData\LocalLow\Mozilla
2022-07-31 10:39 - 2017-07-13 13:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-31 10:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-07-31 10:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-07-31 10:19 - 2016-03-01 12:03 - 000000000 ____D C:\Program Files\CCleaner
2022-07-31 10:19 - 2016-02-27 12:12 - 000000000 ____D C:\Users\Françoise\AppData\Local\Adobe
2022-07-31 10:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2022-07-31 10:08 - 2016-01-18 15:36 - 000000000 ____D C:\ProgramData\Mozilla
2022-07-31 10:06 - 2016-04-23 14:04 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2022-07-31 10:06 - 2016-01-18 15:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-31 10:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-29 13:47 - 2022-06-30 09:49 - 002797632 _____ C:\Windows\system32\rtp.db
2022-07-29 13:04 - 2021-10-10 18:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-07-27 23:06 - 2018-11-07 16:13 - 000000000 ____D C:\Users\Françoise\AppData\Roaming\vlc
2022-07-27 22:45 - 2022-05-11 12:18 - 000715310 _____ C:\Windows\system32\perfh00C.dat
2022-07-27 22:45 - 2022-05-11 12:18 - 000136996 _____ C:\Windows\system32\perfc00C.dat
2022-07-27 22:45 - 2009-07-14 07:13 - 001581406 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-27 22:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-07-27 18:36 - 2020-07-01 16:48 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 18:36 - 2020-07-01 16:48 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-26 17:01 - 2022-06-30 09:47 - 000204136 _____ (Avira Operations GmbH) C:\Windows\system32\Drivers\rtp_filesystem_filter.sys
2022-07-26 17:01 - 2022-06-30 09:47 - 000193768 _____ (Avira Operations GmbH) C:\Windows\system32\Drivers\rtp_process_monitor.sys
2022-07-24 10:18 - 2016-01-03 16:35 - 000000000 ____D C:\Users\Françoise\AppData\Local\ElevatedDiagnostics
2022-07-23 18:21 - 2016-01-19 13:13 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-23 18:21 - 2016-01-19 13:13 - 000000000 ____D C:\Windows\system32\MRT
2022-07-23 10:03 - 2018-05-07 17:41 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-07-23 09:53 - 2022-05-18 09:30 - 000003312 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2022-07-23 09:53 - 2022-05-18 09:30 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2022-07-23 09:53 - 2022-05-18 09:30 - 000000965 _____ C:\Users\Public\Desktop\Avira.lnk
2022-07-23 09:53 - 2022-05-18 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-07-01 10:29 - 2016-01-03 15:49 - 000000000 ____D C:\Users\Françoise
2022-07-01 10:17 - 2022-05-18 09:30 - 000000000 ____D C:\Program Files (x86)\Avira
==================== Fichiers à la racine de certains dossiers ========
2016-01-26 19:57 - 2016-01-26 19:57 - 000000697 _____ () C:\Users\Françoise\AppData\Roaming\ConvAPIPlugin.log
2018-07-18 16:49 - 2019-08-28 12:16 - 000001456 _____ () C:\Users\Françoise\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2016-05-21 10:46 - 2016-05-21 10:46 - 000002595 _____ () C:\Users\Françoise\AppData\Local\recently-used.xbel
2021-01-04 10:35 - 2021-01-04 10:35 - 000000017 _____ () C:\Users\Françoise\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-05-17 10:11
==================== Fin de FRST.txt ========================
Exécuté par Françoise (administrateur) sur FRANÇOISE-PC (31-07-2022 11:32:56)
Exécuté depuis C:\Users\Françoise\Downloads
Profils chargés: Françoise
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(explorer.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(taskeng.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Fichier non signé]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {1b12fc04-b1d4-11e5-b0df-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {3fa45339-0b91-11e6-a03c-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {3fa45382-0b91-11e6-a03c-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {859115c5-fc26-11ea-af9b-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8c255b66-0acb-11e6-b7ef-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8eec5bd9-0949-11e6-8525-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {8eec5c09-0949-11e6-8525-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {94f3dc64-f247-11e9-8f10-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {975ffa65-0a14-11e6-8a5c-d0509957b262} - E:\AutoRun.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {b14eedac-71d0-11eb-9cd1-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {e22e9eb2-bd66-11e5-8936-d0509957b262} - E:\LaunchU3.exe -a
HKU\S-1-5-21-4006483327-3957098522-990465952-1000\...\MountPoints2: {fdad11d0-01e9-11e9-9ce7-d0509957b262} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2018-01-10] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Hewlett-Packard Corporation) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON XP-640 Series 64MonitorBE: C:\Windows\system32\E_YLMBRHE.DLL [182784 2015-12-08] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\Windows\system32\hpf3l02t.dll [138752 2010-05-14] (Hewlett-Packard Company) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {243FC454-09AD-470A-B716-284DBA75DFE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {2C90947D-24D4-4597-B3A9-48AD55C6D7E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6DF114B5-5455-44D2-A8A4-DE07FDFBEE15} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [256800 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {8FC5C30B-5CFF-4D86-A925-7B38002F259E} - System32\Tasks\{5C72F07A-176E-40C3-AE1E-FE7922E728FA} => C:\Windows\system32\pcalua.exe -a D:\Drivers\LAN\REALTEK\(5814)\setup.exe -d D:\Drivers\LAN\REALTEK\(5814)
Task: {913E8D01-7808-405F-A4FF-E62B5F13F285} - System32\Tasks\CCleanerSkipUAC - Françoise => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9706EFF5-E3D1-4487-8F9F-264C1D5FE971} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Pas de fichier)
Task: {A53AB438-3341-4FD4-BE02-71845497F5C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Task: {AA1AEFC9-F594-444F-9935-647BFD6EEEDE} - System32\Tasks\AdobeAAMUpdater-1.0-Françoise-PC-Françoise => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {AF9A02F5-0E7B-427B-9D67-893FD5C8D09C} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {BA12DE5E-7A13-4C12-84F1-8263966F5DA3} - System32\Tasks\{024875D6-930C-4D3A-8D9B-E49924F62544} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {BA62C90F-0E7F-4D4A-B414-FC85555B5E5E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1645704 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {CCBAF3C3-01E8-455A-AA86-5855164B9E42} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {D079C632-CF6B-465F-AE12-7CA7B21FFF44} - System32\Tasks\{EF3723A2-32A5-47A8-8B85-A3FECF93B10A} => C:\Windows\system32\pcalua.exe -a D:\Drivers\LAN\Atheros\(v2.1.0.21)\setup.exe -d D:\Drivers\LAN\Atheros\(v2.1.0.21)
Task: {DE5BE796-8F87-4D08-A742-7CD032B2725D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F2EC4179-83A1-4581-97B2-198619055B3D} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32837648 2022-07-27] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {F6145834-090E-4006-BD87-F70EE76F1B0E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {F6EE8CC6-F1EC-415B-AC03-F45147586651} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {FC214EEE-1342-411C-801F-816D875E9CF9} - System32\Tasks\{BE73739F-4827-4F72-B8F1-FF4DDC016307} => C:\Windows\system32\pcalua.exe -a C:\Users\Françoise\Desktop\setupx.exe -d C:\Users\Françoise\Desktop
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2275248B-E298-42A1-8502-9FF741E62EA6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{810437E3-8163-4D15-BBD1-A81DE1ADBEA7}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 98u2rt1r.default-1489409510178-1501359798060
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031 [2022-07-31]
FF Extension: (AdBlocker Ultimate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (To Google Translate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-24]
FF Extension: (KProxy Extension) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\jid1-XgC5trUcILmXBw@jetpack.xpi [2021-11-17]
FF Extension: (uBlock Origin) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Extension: (Startpage.com - recherche privé) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-08-23]
FF Extension: (Bitwarden) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\03tbsuqv.default-release-1598195789031\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-07-08]
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\zxi65xqg.default-1553513110843 [2022-04-01]
FF ProfilePath: C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060 [2022-06-19]
FF Session Restore: Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060 -> est activé.
FF Extension: (To Google Translate) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-13]
FF Extension: (uBlock Origin) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\uBlock0@raymondhill.net.xpi [2019-07-10]
FF Extension: (Startpage.com - recherche privé) - C:\Users\Françoise\AppData\Roaming\Mozilla\Firefox\Profiles\98u2rt1r.default-1489409510178-1501359798060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-06-02]
FF ProfilePath: c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox [2022-06-19]
FF Extension: (To Google Translate) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-11-30]
FF Extension: (uBlock Origin) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\uBlock0@raymondhill.net.xpi [2020-01-03]
FF Extension: (Startpage.com - recherche privé) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-11]
FF Extension: (Bitwarden - Gestionnaire de mots de passe gratuit) - c:\programdata\kaspersky lab\safebrowser\kis\s-1-5-21-4006483327-3957098522-990465952-1000\firefox\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2020-03-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2016-01-25] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2016-01-25] [] [non signé]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-05-19]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2018-12-07] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2018-12-07] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default [2022-07-26]
CHR NewTab: Default -> Not-active:"chrome-extension://becklgmbheknjjjaflpgodmbihommoke/stubby.html", Not-active:"chrome-extension://edlkcjfhiofedjdnbagmjhmkemmnnggg/stubby.html"
CHR Extension: (DiscoverLiveRadio) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\becklgmbheknjjjaflpgodmbihommoke [2020-08-23]
CHR Extension: (Avira Password Manager) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-06-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-07-26]
CHR Extension: (MyRadioAccess) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlkcjfhiofedjdnbagmjhmkemmnnggg [2020-08-23]
CHR Extension: (Protection Web Avira) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-07-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Françoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-19]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [Fichier non signé]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [282464 2022-07-14] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-03-22] (Brother Industries, Ltd.) [Fichier non signé]
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8487456 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8487456 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG -> Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2020-08-04] (Microsoft) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2020-08-04] (Microsoft) [Fichier non signé]
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [215360 2022-06-21] (BullGuard LTD -> Avira Operations GmbH & Co. KG)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
R1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [96088 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R2 rtp_filesystem_filter; C:\Windows\System32\DRIVERS\rtp_filesystem_filter.sys [204136 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\Windows\System32\DRIVERS\rtp_process_monitor.sys [193768 2022-07-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\Windows\System32\DRIVERS\rtp_traverse.sys [47560 2022-06-24] (Avira Operations GmbH -> Avira Operations GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
U1 aswbdisk; pas de ImagePath
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-07-31 11:32 - 2022-07-31 11:33 - 000026517 _____ C:\Users\Françoise\Downloads\FRST.txt
2022-07-31 11:32 - 2022-07-31 11:33 - 000000000 ____D C:\FRST
2022-07-31 11:32 - 2022-07-31 11:32 - 002369536 _____ (Farbar) C:\Users\Françoise\Downloads\FRST64.exe
2022-07-29 13:00 - 2022-07-31 10:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-27 18:30 - 2022-07-27 18:30 - 000003672 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupVerify
2022-07-24 23:05 - 2022-07-24 23:07 - 068566072 _____ C:\Users\Françoise\Downloads\wetransfer_vacances-de-famille-en-bretagne_2022-07-24_1204.zip
2022-07-23 09:53 - 2022-07-23 09:53 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2022-07-23 09:53 - 2022-07-23 09:53 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-07-01 10:29 - 2022-07-01 10:29 - 000000000 ____D C:\Users\Françoise\.ms-ad
2022-07-01 10:21 - 2022-07-05 23:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-07-31 11:06 - 2022-02-09 15:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-31 11:05 - 2016-11-16 17:34 - 000000000 ____D C:\Users\Françoise\AppData\LocalLow\Mozilla
2022-07-31 10:39 - 2017-07-13 13:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-31 10:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-07-31 10:30 - 2009-07-14 06:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-07-31 10:19 - 2016-03-01 12:03 - 000000000 ____D C:\Program Files\CCleaner
2022-07-31 10:19 - 2016-02-27 12:12 - 000000000 ____D C:\Users\Françoise\AppData\Local\Adobe
2022-07-31 10:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2022-07-31 10:08 - 2016-01-18 15:36 - 000000000 ____D C:\ProgramData\Mozilla
2022-07-31 10:06 - 2016-04-23 14:04 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2022-07-31 10:06 - 2016-01-18 15:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-31 10:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-29 13:47 - 2022-06-30 09:49 - 002797632 _____ C:\Windows\system32\rtp.db
2022-07-29 13:04 - 2021-10-10 18:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-07-27 23:06 - 2018-11-07 16:13 - 000000000 ____D C:\Users\Françoise\AppData\Roaming\vlc
2022-07-27 22:45 - 2022-05-11 12:18 - 000715310 _____ C:\Windows\system32\perfh00C.dat
2022-07-27 22:45 - 2022-05-11 12:18 - 000136996 _____ C:\Windows\system32\perfc00C.dat
2022-07-27 22:45 - 2009-07-14 07:13 - 001581406 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-27 22:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-07-27 18:36 - 2020-07-01 16:48 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-27 18:36 - 2020-07-01 16:48 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-26 17:01 - 2022-06-30 09:47 - 000204136 _____ (Avira Operations GmbH) C:\Windows\system32\Drivers\rtp_filesystem_filter.sys
2022-07-26 17:01 - 2022-06-30 09:47 - 000193768 _____ (Avira Operations GmbH) C:\Windows\system32\Drivers\rtp_process_monitor.sys
2022-07-24 10:18 - 2016-01-03 16:35 - 000000000 ____D C:\Users\Françoise\AppData\Local\ElevatedDiagnostics
2022-07-23 18:21 - 2016-01-19 13:13 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-23 18:21 - 2016-01-19 13:13 - 000000000 ____D C:\Windows\system32\MRT
2022-07-23 10:03 - 2018-05-07 17:41 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-07-23 09:53 - 2022-05-18 09:30 - 000003312 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2022-07-23 09:53 - 2022-05-18 09:30 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2022-07-23 09:53 - 2022-05-18 09:30 - 000000965 _____ C:\Users\Public\Desktop\Avira.lnk
2022-07-23 09:53 - 2022-05-18 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-07-01 10:29 - 2016-01-03 15:49 - 000000000 ____D C:\Users\Françoise
2022-07-01 10:17 - 2022-05-18 09:30 - 000000000 ____D C:\Program Files (x86)\Avira
==================== Fichiers à la racine de certains dossiers ========
2016-01-26 19:57 - 2016-01-26 19:57 - 000000697 _____ () C:\Users\Françoise\AppData\Roaming\ConvAPIPlugin.log
2018-07-18 16:49 - 2019-08-28 12:16 - 000001456 _____ () C:\Users\Françoise\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2016-05-21 10:46 - 2016-05-21 10:46 - 000002595 _____ () C:\Users\Françoise\AppData\Local\recently-used.xbel
2021-01-04 10:35 - 2021-01-04 10:35 - 000000017 _____ () C:\Users\Françoise\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-05-17 10:11
==================== Fin de FRST.txt ========================