Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01 Exécuté par Michèle Duran (administrateur) sur LAPTOP-2GVKR0UR (Acer Swift SF314-56) (13-05-2024 20:48:12) Exécuté depuis C:\Users\Michèle Duran\Downloads\FRST64.exe Profils chargés: Michèle Duran Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3447 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxEM.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <38> (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe (svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe (svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxext.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17425.20176.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-06-15] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076000 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [MicrosoftEdgeAutoLaunch_0523109F2166676850C36E401184126D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [AvastBrowserAutoLaunch_955A965C4AB03376433E50ADB290E8B3] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.) HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michèle Duran\AppData\Local\Microsoft\Teams\Update.exe [2591552 2024-01-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.201\Installer\chrmstp.exe [2024-05-10] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\Installer\chrmstp.exe [2024-04-29] (Avast Software s.r.o. -> Gen Digital Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {AEF608EC-095D-4BD9-AC81-1B477BADC8A8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920240 2018-08-13] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto Task: {8D17039A-D5AE-4CC4-9A53-33DEA53E33E2} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2018-08-13] (Acer Incorporated -> ) Task: {52D15F36-F4E0-4CDB-894A-3F5F00B81E16} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4761392 2018-08-13] (Acer Incorporated -> ) Task: {948FD4B5-6D6E-4755-89F5-309C915E1E52} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> ) Task: {8230154B-BE95-44D5-B6DA-19591F99B23F} - System32\Tasks\App Explorer => C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION Task: {C9F6A4B1-7499-4CA8-B0F2-71B89EAC8D9E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {7F1013AE-C67A-4A76-8EB7-FCE3BEFC6DBF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {141C656A-E3F9-4476-91D1-AC9262276189} - System32\Tasks\AvastBrowserProtectS-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-04-23] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {3D3A4C13-DE97-4C4E-A8EA-BC216FA71D36} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software) Task: {CBFC7D8F-35FB-41D7-821C-6BBEB2ABCEF3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software) Task: {69B19CAD-95C4-44A2-91AA-80285310F791} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {1B7740D2-5181-44D5-AD97-4EEDF69CA1F4} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH) Task: {1559D921-D4E8-4F6F-AABB-1469800078B2} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775072 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH) Task: {EE71B5F9-2A8D-4F1E-ADBB-41E0103D5BE4} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {5142FFA2-B8FF-44E2-AE5E-5BBC4641F6F5} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36867824 2024-05-11] (Avira Operations GmbH -> Avira Operations GmbH) Task: {22BE8CF2-9B1A-43AE-91D1-7D32DD0864C0} - System32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {3C4C3AC7-3128-43D4-A50C-95DBE9889FE5} - System32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {A098069D-7A79-417F-AAB4-5D88F06B2905} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{898160B6-4085-4ABA-84B4-158E46963B70} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier) Task: {2FBEA9FE-ECA5-44D8-A42D-9F7BF8AABF32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Pas de fichier) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (Pas de fichier) Task: {B250736F-C234-465C-BA70-1FE1EDCC204F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Pas de fichier) Task: {E02490AF-670D-48FA-8C48-1F7BF4D78132} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Pas de fichier) Task: {DAFBD147-7FE6-44EC-BD53-89354032A7FE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Pas de fichier) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {AE2DEB99-4725-4D47-B9AB-7D6B87B5817C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677792 2024-05-11] (Mozilla Corporation -> Mozilla Foundation) Task: {A65BBF0E-37CB-4D0D-B380-5B2886DE9A47} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> ) Task: {AF9034D3-D1F3-4511-AA4C-0E3D229D4420} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {924530AD-B4F4-41F1-AC6C-93815E72B0C1} - System32\Tasks\Quick Access Wi-Fi Power Switch => C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe [211616 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {726669D3-261B-4163-88F1-CFFC7D33E0EA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {BB2FDFB0-CE48-4683-80AB-7339450F0783} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268080 2018-06-28] (Acer Incorporated -> Acer Incorporated) Task: {E01ED4EF-063B-4379-AE92-D7804D7020AE} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211120 2018-06-28] (Acer Incorporated -> Acer Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 194.230.55.105 212.98.37.137 Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpNameServer] 194.230.55.105 212.98.37.137 Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpDomain] v.cablecom.net Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpDomain] home Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\960586F6E65602465602D496368656C656: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{6557a295-a043-4511-a899-1adcfbbaa4c7}: [DhcpNameServer] 172.19.128.24 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13] Edge Notifications: Default -> hxxps://mail.proton.me Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats} Edge Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-04] Edge Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29] Edge Extension: (Edge relevant text changes) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31] Edge Extension: (Urban VPN Proxy) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nimlmejbmnecnaghgmbahmbaddhjbecg [2024-04-22] Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] FireFox: ======== FF DefaultProfile: 3u0be3e5.default FF ProfilePath: C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default [2024-05-11] FF Homepage: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.google.ch/?hl=fr FF Notifications: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.facebook.com; hxxps://www.instagram.com FF Extension: (Amazon Assistant) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\abb-acer@amazon.com.xpi [2021-10-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Language: Français (French)) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-10-19] FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software) Chrome: ======= CHR Profile: C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default [2024-04-08] CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=B441" CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=P244DF&PC=P244&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms} CHR Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-12-16] CHR Extension: (Avira Safe Shopping) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-12-16] CHR Extension: (Protection Web Avira) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-12-16] CHR Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-10] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [301872 2018-08-13] (Acer Incorporated -> Acer Incorporated) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\elevation_service.exe [1746984 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265544 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295752 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-08] (HP Inc. -> HP Inc.) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [304944 2018-06-28] (Acer Incorporated -> Acer Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1685312 2023-02-09] (WildTangent, Inc. -> ) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-08-25] (Avira Operations GmbH -> Avira Operations GmbH) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-02-23] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-02-23] (Microsoft Corporation) [Fichier non signé] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé] R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [114992 2023-08-18] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-23] (Microsoft Windows -> Microsoft Corporation) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-05-13 20:48 - 2024-05-13 20:49 - 000027490 _____ C:\Users\Michèle Duran\Downloads\FRST.txt 2024-05-13 20:47 - 2024-05-13 20:48 - 000000000 ____D C:\FRST 2024-05-13 20:45 - 2024-05-13 20:45 - 002394112 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST64.exe 2024-05-11 19:09 - 2024-05-11 19:09 - 002092544 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST.exe 2024-05-11 17:01 - 2024-05-11 17:01 - 000448512 _____ (OldTimer Tools) C:\Users\Michèle Duran\Downloads\TFC.exe 2024-05-11 16:37 - 2024-05-11 16:37 - 002589624 _____ (Malwarebytes) C:\Users\Michèle Duran\Downloads\MBSetup.exe 2024-05-11 16:36 - 2024-05-11 16:36 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat 2024-05-11 16:36 - 2024-05-11 16:36 - 000749084 _____ C:\WINDOWS\system32\perfh007.dat 2024-05-11 16:36 - 2024-05-11 16:36 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat 2024-05-11 16:36 - 2024-05-11 16:36 - 000157266 _____ C:\WINDOWS\system32\perfc007.dat 2024-05-11 16:18 - 2024-05-11 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2024-05-11 16:16 - 2024-05-11 16:16 - 000003792 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify 2024-05-08 19:59 - 2024-05-08 19:59 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2024-05-08 19:59 - 2024-05-08 19:59 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2024-05-08 19:59 - 2024-05-08 19:59 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2024-05-05 09:30 - 2024-05-05 09:30 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (43).pdf 2024-05-03 17:06 - 2024-05-03 17:06 - 000021459 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel (1).pdf 2024-05-03 17:00 - 2024-05-03 17:00 - 000022189 _____ C:\Users\Michèle Duran\Downloads\2024-05-02_00-00-00-100006836507-83100093280029-Avis detaille.pdf 2024-05-03 16:45 - 2024-05-03 16:45 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\INetHistory 2024-05-01 10:34 - 2024-05-01 10:34 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (42).pdf 2024-05-01 09:48 - 2024-05-01 09:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-04-29 14:57 - 2024-04-29 14:57 - 000117079 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 29.04.2024.pdf 2024-04-25 14:21 - 2024-04-25 14:21 - 000021454 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel.pdf 2024-04-23 19:08 - 2024-04-23 19:08 - 000116926 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 23.04.2024.pdf 2024-04-19 18:53 - 2024-04-19 18:53 - 000051271 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (41).pdf 2024-04-18 11:16 - 2024-04-18 11:16 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (3).pdf 2024-04-18 11:09 - 2024-04-18 11:09 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (2).pdf 2024-04-18 10:49 - 2024-04-18 10:49 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (1).pdf 2024-04-14 09:45 - 2024-04-14 09:45 - 000021577 _____ C:\Users\Michèle Duran\Downloads\2024-04-12_00-00-00-100006836507-82927126793863-Avis individuel.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-05-13 20:47 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-05-13 20:47 - 2019-10-30 05:38 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Host App Service 2024-05-13 20:45 - 2020-08-02 10:12 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-05-13 20:44 - 2019-10-30 05:39 - 000000000 __SHD C:\Users\Michèle Duran\IntelGraphicsProfiles 2024-05-11 23:17 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-11 19:22 - 2023-02-23 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-05-11 16:57 - 2023-08-04 14:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2024-05-11 16:57 - 2023-05-02 19:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-05-11 16:57 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-05-11 16:57 - 2019-02-20 16:28 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-05-11 16:57 - 2019-02-20 16:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-05-11 16:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-05-11 16:36 - 2023-02-23 07:48 - 002709388 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-05-11 16:35 - 2021-09-05 13:10 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\D3DSCache 2024-05-11 16:31 - 2023-08-31 14:56 - 004142016 _____ C:\WINDOWS\system32\rtp.db 2024-05-11 16:31 - 2023-02-23 00:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-05-11 16:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-05-11 16:31 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-05-11 16:31 - 2020-10-03 22:25 - 000012288 ___SH C:\DumpStack.log.tmp 2024-05-11 16:31 - 2019-02-20 16:29 - 000000000 ____D C:\ProgramData\Norton 2024-05-11 16:26 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-05-11 16:26 - 2019-10-30 05:39 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Packages 2024-05-11 16:26 - 2019-10-29 13:49 - 000000000 ____D C:\ProgramData\Packages 2024-05-11 16:21 - 2023-10-19 09:55 - 000000714 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job 2024-05-11 16:21 - 2023-10-19 09:55 - 000000618 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job 2024-05-11 16:21 - 2022-06-23 11:44 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Avast Software 2024-05-11 16:21 - 2022-06-23 11:42 - 000000000 ____D C:\ProgramData\Avast Software 2024-05-11 16:18 - 2022-01-16 13:27 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Norton 2024-05-11 16:16 - 2023-08-31 14:55 - 000000000 ____D C:\Users\Public\Speedup Sessions 2024-05-10 16:09 - 2023-08-31 14:57 - 000000000 ____D C:\Users\Public\Security Sessions 2024-05-08 20:10 - 2023-02-23 00:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2024-05-08 20:10 - 2022-11-26 15:30 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-05-08 19:59 - 2023-08-31 14:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2024-05-08 19:59 - 2023-08-31 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2024-05-08 17:10 - 2023-10-19 09:55 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\GoToMeeting 2024-05-08 07:32 - 2023-02-23 00:35 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-08 07:32 - 2023-02-23 00:35 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-01 09:50 - 2023-05-10 12:47 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-29 14:17 - 2023-02-19 21:20 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2024-04-27 09:10 - 2023-02-23 00:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1856590176-1829221832-1514329112-1001 2024-04-27 09:10 - 2023-02-23 00:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1856590176-1829221832-1514329112-1001 2024-04-27 09:10 - 2020-10-03 21:17 - 000002449 _____ C:\Users\Michèle Duran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-26 12:51 - 2023-08-31 14:55 - 000003704 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater 2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys 2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys 2024-04-26 12:43 - 2023-08-31 14:56 - 000028768 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys 2024-04-14 09:46 - 2023-10-19 09:55 - 000003900 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001 2024-04-14 09:46 - 2023-10-19 09:55 - 000003804 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001 2024-04-13 09:48 - 2019-10-29 14:27 - 000000000 ____D C:\Program Files\Common Files\AV ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================