Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05-2023 Exécuté par UNiK (administrateur) sur UNIK-BDMT03UR7K (TOSHIBA PORTEGE R30-A) (21-05-2023 07:57:57) Exécuté depuis C:\Users\UNiK\Desktop\FRST64.exe Profils chargés: UNiK Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2965 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (C:\Program Files\Apoint2K\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (C:\Program Files\Apoint2K\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (C:\Program Files\Apoint2K\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Wondershare\New TunesGo\ElevationService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2> (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2318.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [dBCC] => C:\Program Files\Dynabook\Battery Charging Control\dextsrv.exe [4675392 2020-08-01] (Dynabook Inc. -> Dynabook Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-3327866645-3855245838-3251330687-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40454048 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3327866645-3855245838-3251330687-1001\...\Run: [] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC) GroupPolicy-Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1547F191-0644-4944-B4CB-DAA60C886F42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {170F11C9-77A8-4C07-805F-490A5AC92697} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {2106EA84-C14D-4F83-8F87-07810F51C3C2} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {2106EA84-C14D-4F83-8F87-07810F51C3C2} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {2106EA84-C14D-4F83-8F87-07810F51C3C2} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {34D56DDB-7EED-4744-8A98-738F0CCE9EEE} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "369ae20b-9f56-457f-b94e-7595f9ebdaa4" --version "6.12.10490" --silent Task: {427466E4-3410-42E8-B942-57575BF896EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {55D78BE0-A50A-4B34-BF1D-B2322E19FE5C} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259912 2023-04-24] (Avira Operations GmbH -> Avira Operations GmbH) Task: {6947AC1B-FC49-4467-AD83-60749286819D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2020-08-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6F00D2AC-CA25-4FEB-87AE-A62C5B141CA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-08-07] (Google Inc -> Google Inc.) Task: {733AB5D3-D580-40A8-89A2-6E1B81C419B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation) Task: {78C2CEFE-0198-462F-915A-7E2C1052989D} - System32\Tasks\Opera scheduled Autoupdate 1600203216 => C:\Users\UNiK\AppData\Local\Programs\Opera\launcher.exe--scheduledautoupdate $(Arg0) Task: {79D4372B-4B32-44CA-8FD6-B4086C64C990} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1814072 2023-04-24] (Avira Operations GmbH -> Avira Operations GmbH) Task: {8643E364-A875-4E92-A1BE-9778217161A6} - System32\Tasks\CCleanerSkipUAC - UNiK => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {A458F536-8F31-4605-A0DC-45BD6042080A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-08-07] (Google Inc -> Google Inc.) Task: {A8CF2221-4EDE-4208-85F1-4C588C5DE469} - \Opera scheduled assistant Autoupdate 1600203219 -> Pas de fichier <==== ATTENTION Task: {C9F5FF85-B53A-43FF-AFA1-41455E183BE4} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [35381016 2023-04-02] (Avira Operations GmbH -> Avira Operations GmbH) Task: {F285F228-ED78-4B55-ADF8-29F7B131F8D9} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {F433751C-3D0D-4DF5-84B9-131E31EF5127} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{6ac09e46-f706-4e80-837e-8a77bdc781f6}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7c197301-d975-4ac9-94d6-7e6af5f95c74}: [DhcpNameServer] 192.168.0.254 8.8.8.8 1.1.1.1 8.8.4.4 Tcpip\..\Interfaces\{a8e93064-fc21-44fc-b84b-8884bef79ab8}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{fe1bda2c-de75-419a-ad3d-242e32410ccc}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\UNiK\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-26] FireFox: ======== FF DefaultProfile: dtpe6hma.default FF ProfilePath: C:\Users\UNiK\AppData\Roaming\Mozilla\Firefox\Profiles\dtpe6hma.default [2020-09-15] FF ProfilePath: C:\Users\UNiK\AppData\Roaming\Mozilla\Firefox\Profiles\8y3s5rwj.default-release [2023-05-21] FF Extension: (Cheers – Soft) - C:\Users\UNiK\AppData\Roaming\Mozilla\Firefox\Profiles\8y3s5rwj.default-release\Extensions\cheers-soft-colorway@mozilla.org.xpi [2023-03-18] FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\UNiK\AppData\Roaming\Mozilla\Firefox\Profiles\8y3s5rwj.default-release\Extensions\firefox@ghostery.com.xpi [2023-04-11] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2020-08-07] (Adobe Systems Incorporated -> ) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2020-08-07] (Adobe Systems Incorporated -> ) Chrome: ======= CHR Profile: C:\Users\UNiK\AppData\Local\Google\Chrome\User Data\Default [2022-07-30] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\UNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-09] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] Opera: ======= OPR Profile: C:\Users\UNiK\AppData\Roaming\Opera Software\Opera Stable [2022-07-30] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Avira Safe Shopping) - C:\Users\UNiK\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2020-09-15] OPR Extension: (Avira Password Manager) - C:\Users\UNiK\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2020-09-15] OPR Extension: (Avira Phantom VPN gratuit – débloquez des sites) - C:\Users\UNiK\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-09-20] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2020-08-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [115752 2017-05-23] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6573192 2023-05-11] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265936 2023-04-24] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296912 2023-04-24] (Avira Operations GmbH -> Avira Operations GmbH) R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R2 ElevationService; C:\Program Files (x86)\Wondershare\New TunesGo\ElevationService.exe [913408 2021-08-30] () [Fichier non signé] R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [9028984 2023-05-16] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [9028984 2023-05-16] (Avira Operations GmbH -> Avira Operations GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336256 2023-05-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [85608 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-25] (Avira Operations GmbH -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [263000 2023-01-31] (Avira Operations GmbH -> Avira Operations GmbH) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 guardian2; C:\WINDOWS\System32\Drivers\oz776x64.sys [100560 2019-08-05] (BayHub Technology Inc. -> O2Micro) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28672 2023-04-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [208704 2023-04-29] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [194928 2023-04-29] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41840 2023-04-29] (Avira Operations GmbH -> Avira Operations GmbH) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.) R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.) R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-09] (Microsoft Windows -> Microsoft Corporation) U3 WsDrvInst; C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe [124192 2021-09-09] (Wondershare Technology Co.,Ltd -> Wondershare) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-05-21 07:57 - 2023-05-21 07:58 - 000023057 _____ C:\Users\UNiK\Desktop\FRST.txt 2023-05-21 07:57 - 2023-05-21 07:58 - 000000000 ____D C:\FRST 2023-05-21 07:51 - 2023-05-21 07:51 - 002382336 _____ (Farbar) C:\Users\UNiK\Desktop\FRST64.exe 2023-05-18 00:18 - 2023-05-18 00:18 - 000000000 _____ C:\Users\UNiK\AppData\Local\{9A5A4452-00D0-4DC0-BB64-7ACBC016237D} 2023-05-16 22:36 - 2023-05-16 22:36 - 000122733 _____ C:\Users\UNiK\Downloads\Les plats à emporter_La cuisin e de mon père.pdf 2023-05-13 20:45 - 2023-05-18 00:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-05-10 09:54 - 2023-05-10 09:54 - 000000000 ___HD C:\$WinREAgent 2023-05-10 07:51 - 2023-05-10 07:51 - 001571787 _____ C:\Users\UNiK\Downloads\releves.pdf 2023-05-10 07:51 - 2023-05-10 07:51 - 001310905 _____ C:\Users\UNiK\Downloads\Relevés.pdf 2023-05-10 07:51 - 2023-05-10 07:51 - 000328263 _____ C:\Users\UNiK\Downloads\Relevés 2.pdf 2023-04-30 00:11 - 2023-04-30 00:11 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2023-04-30 00:11 - 2023-04-30 00:11 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2023-04-30 00:11 - 2023-04-30 00:11 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2023-04-24 22:23 - 2023-04-29 00:08 - 000345408 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filter.sys ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-05-21 07:52 - 2020-09-20 07:45 - 000000000 ____D C:\Program Files\CCleaner 2023-05-21 07:40 - 2022-02-11 16:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-05-21 07:39 - 2020-08-07 14:23 - 000000000 ____D C:\Program Files (x86)\Google 2023-05-21 07:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-21 07:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-05-21 07:24 - 2022-09-20 21:00 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-05-21 07:24 - 2022-09-20 21:00 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-05-21 07:24 - 2021-09-18 09:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-05-21 07:21 - 2020-09-15 18:14 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-21 07:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-19 22:43 - 2021-09-18 09:18 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-05-19 22:43 - 2019-12-07 16:50 - 000792972 _____ C:\WINDOWS\system32\perfh00C.dat 2023-05-19 22:43 - 2019-12-07 16:50 - 000150102 _____ C:\WINDOWS\system32\perfc00C.dat 2023-05-19 22:43 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-05-19 22:39 - 2023-02-22 08:16 - 002911976 _____ C:\WINDOWS\system32\rtp.db 2023-05-19 22:39 - 2021-09-18 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-05-19 22:39 - 2020-08-07 14:24 - 000000000 ____D C:\ProgramData\Synaptics 2023-05-19 22:39 - 2020-08-07 14:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-05-19 22:39 - 2020-08-07 14:23 - 000000000 __SHD C:\Users\UNiK\IntelGraphicsProfiles 2023-05-19 22:39 - 2020-08-07 12:23 - 000008192 ___SH C:\DumpStack.log.tmp 2023-05-19 22:39 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-05-19 22:38 - 2021-09-18 09:16 - 000000000 ____D C:\Users\UNiK 2023-05-19 22:34 - 2021-09-18 09:22 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-05-19 22:34 - 2021-09-18 09:22 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-05-18 00:23 - 2021-12-11 23:04 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3327866645-3855245838-3251330687-1001 2023-05-18 00:23 - 2021-09-18 09:22 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3327866645-3855245838-3251330687-1001 2023-05-18 00:23 - 2021-09-18 09:16 - 000002425 _____ C:\Users\UNiK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-18 00:19 - 2021-09-18 09:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-05-18 00:19 - 2020-08-07 14:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-05-14 20:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-05-14 19:04 - 2020-08-07 14:24 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-05-14 19:02 - 2021-09-18 09:15 - 000636104 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-05-14 19:01 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-05-14 19:01 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-05-14 19:01 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\system32\fr 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-05-14 19:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-05-14 18:44 - 2021-01-25 23:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-13 08:13 - 2021-09-18 09:22 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-05-13 08:13 - 2021-09-18 09:22 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-05-11 21:45 - 2022-12-14 21:12 - 000003704 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater 2023-05-10 10:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-05-10 10:01 - 2020-08-07 22:22 - 000416102 __RSH C:\bootmgr 2023-05-10 10:00 - 2021-09-18 09:16 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-05-10 09:42 - 2020-08-07 15:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-05-10 09:40 - 2020-08-07 15:26 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-05-10 07:48 - 2021-09-18 14:26 - 000001154 _____ C:\Users\UNiK\Desktop\Anniv.txt 2023-05-10 07:46 - 2022-10-17 08:23 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-05-10 07:46 - 2021-09-18 09:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-05-10 07:21 - 2021-05-02 15:14 - 000000000 ____D C:\Users\UNiK\Documents\Enfants 2023-05-02 23:21 - 2022-04-25 07:52 - 000000000 ____D C:\Users\UNiK\Desktop\2022_Dictaphone 2023-05-01 16:59 - 2020-11-07 22:17 - 000000000 ____D C:\Users\UNiK\AppData\Roaming\vlc 2023-04-30 18:35 - 2020-11-07 21:35 - 000000000 ____D C:\Users\UNiK\AppData\Roaming\dvdcss 2023-04-30 00:11 - 2021-09-18 09:22 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2023-04-30 00:11 - 2021-04-17 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2023-04-29 00:08 - 2022-07-01 08:23 - 000208704 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys 2023-04-29 00:08 - 2022-07-01 08:23 - 000194928 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys 2023-04-29 00:08 - 2022-07-01 08:23 - 000041840 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys 2023-04-29 00:08 - 2022-07-01 08:23 - 000028672 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys 2023-04-26 22:45 - 2020-11-03 07:58 - 000000000 ____D C:\Users\UNiK\AppData\Roaming\Microsoft\Excel ==================== Fichiers à la racine de certains dossiers ======== 2022-06-10 00:30 - 2022-06-10 00:30 - 000001838 _____ () C:\Users\UNiK\AppData\Local\recently-used.xbel 2023-05-18 00:18 - 2023-05-18 00:18 - 000000000 _____ () C:\Users\UNiK\AppData\Local\{9A5A4452-00D0-4DC0-BB64-7ACBC016237D} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================