cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Exécuté par Christ (administrateur) sur CHRISTIAN (Hewlett-Packard HP 15 Notebook PC) (10-06-2021 12:16:59)
Exécuté depuis C:\Users\Christ\Desktop
Profils chargés: Christ
Platform: Windows 8.1 (Update) (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(L'Aventure Multimedia) [Fichier non signé] C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDico38.exe
(L'Aventure Multimedia) [Fichier non signé] C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\RAC38.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.19918_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe
(Tuxler Privacy Technologies, Inc.) [Fichier non signé] C:\Program Files (x86)\Tuxler Free Residential VPN\TuxlerFreeResidentialVPN.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7638232 2014-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288672 2021-05-21] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\Run: [MediaDICO38] => C:\Program Files (x86)\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe [252416 2006-05-08] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4005944 2017-06-29] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\Run: [Tuxler] => C:\Program Files (x86)\Tuxler Free Residential VPN\TuxlerFreeResidentialVPN.exe [2062336 2019-02-04] (Tuxler Privacy Technologies, Inc.) [Fichier non signé]
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --disable-quic --flag-switches-end --restore-last-session hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D? (l'élément de données a 152 caractères en plus).
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\MountPoints2: {34a3bf9c-39d7-11e8-8285-142d275652f1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\MountPoints2: {34a3bfda-39d7-11e8-8285-142d275652f1} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\MountPoints2: {cafd5101-7911-11e4-824f-806e6f6e6963} - "E:\setup.exe"
HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\MountPoints2: {dc9d03c2-6d91-11e7-8250-142d275652f1} - "D:\setup.exe" /autorun
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0B6ACB64-8916-45FB-A322-481491437237} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {119815A1-B760-47BE-BE82-CEFD799DA38B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-21] (Google Inc -> Google Inc.)
Task: {13BF52F0-AF99-4621-A376-D7F4E5B4CB65} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [1281024 2017-07-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1C8AD67A-B325-4428-BF1E-871CA2A13BBB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4505368 2014-02-20] (Piriform Ltd -> Piriform Ltd)
Task: {38A020DC-DBD4-4F1C-B47D-073FCFB0AEA8} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {38A9C1B0-4657-4255-81E1-625E2299C95C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {598F9C17-C189-4E25-A416-87D5EA724157} - System32\Tasks\{0E858827-B400-4337-9243-D2B40EEFA3E7} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Christ\Christian\Jeux\Call.Of.Duty.5.World.At.War.FULLRip-KaOs\Install.exe -d C:\Users\Christ\Christian\Jeux\Call.Of.Duty.5.World.At.War.FULLRip-KaOs
Task: {6DD186FB-A2DF-43FB-87F2-CDA1DA8787C5} - System32\Tasks\Microsoft\Windows\Task Manager\Guids => C:\Users\Christ\AppData\Roaming\\freetools\\guids.exe
Task: {839D77E2-808A-49B5-B490-8CAEB4DDE305} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [3661072 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {B981108F-79D0-42A6-82B0-B4E14CD8AD11} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BA07ABC0-3B95-4944-8DC5-688406DA7C47} - System32\Tasks\{7A83B0CE-24B7-4789-A145-FDB7AEE38B7E} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Christ\Christian\Jeux\manou\EBUF.Exe -d C:\Users\Christ\Christian\Jeux\manou
Task: {BC61A7F6-0394-418C-ACE2-2BAF93A7C985} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [3372032 2017-07-20] () [Fichier non signé]
Task: {BC9B9D5E-0C7A-422D-B722-427DEA18ECD5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC2EB6B8-5658-4889-8029-3E2F4F71D6C4} - System32\Tasks\{1C7F7C80-D701-4BED-B849-FB638822B8B9} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Christ\Christian\Jeux\New jeu\Need For Speed Most Wanted\eauninstall.exe" -d "C:\Users\Christ\Christian\Jeux\New jeu\Need For Speed Most Wanted"
Task: {E3461E0A-5E94-48BE-A6B8-081EA232EB20} - System32\Tasks\{E8C0E438-37AD-46BE-B3EF-E4820E1CF138} => C:\ProgramData\5301441445622341429\watchdog.exe <==== ATTENTION
Task: {E3857706-D2D4-4FF4-A87C-6144CAE6D02F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1A93465-2BE6-4FAB-8AA2-D93B600FF56C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-21] (Google Inc -> Google Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Hosts: Fichier hosts non détecté dans le dossier par défaut
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\Parameters: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{03C98D4B-3657-4936-8EA1-45DE39DF992B}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{03C98D4B-3657-4936-8EA1-45DE39DF992B}: [DhcpNameServer] 82.163.142.9
Tcpip\..\Interfaces\{0D675497-25C8-44D0-843A-C252682D8944}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{0D675497-25C8-44D0-843A-C252682D8944}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8755A0AE-1940-480E-B4FE-6F3A8E400F92}: [NameServer] 82.163.142.9 95.211.158.137
Tcpip\..\Interfaces\{8755A0AE-1940-480E-B4FE-6F3A8E400F92}: [DhcpNameServer] 82.163.142.9

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Christ\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-07]
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoAcnZVIeaC-3VST2-gf7jR2HBVet1GV6cTRvVtfCClAuS5qNgLHpaSEiPQCCzTcGvT9Izvzlv81x9L3f8Lq4UmlcAFv2v5viJq3MfQ_fwnlJXaj9BX5Qka-yI5cz3pD53sonnXkhjc1z5jcpIWVL5RmEPM2W51KfLRTA_Witoc

FireFox:
========
FF DefaultProfile: bdr3bms1.default-1619710971561
FF ProfilePath: C:\Users\Christ\AppData\Roaming\Mozilla\Firefox\Profiles\bdr3bms1.default-1619710971561 [2021-05-13]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-05-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] []
FF HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Christ\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Christ\AppData\Roaming\IDM\idmmzcc5 [2017-07-27] [] [non signé]
FF HKU\S-1-5-21-2178750781-228122678-151732202-1003\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Christ\AppData\Local\Google\Chrome\User Data\Default [2021-06-10]
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Christ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002544 2017-06-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334424 2017-06-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729040 2017-06-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-05-13] (McAfee, LLC -> McAfee, LLC)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-02-20] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Fichier non signé]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-07-21] (Even Balance, Inc. -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-03-24] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [40152 2013-09-09] (Broadcom Corporation -> Broadcom Corporation.)
S3 ew_usbenumfilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys [13952 2012-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319304 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2021-05-23] () [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-08-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Tous(tes)) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-10 12:16 - 2021-06-10 12:18 - 000022757 _____ C:\Users\Christ\Desktop\FRST.txt
2021-06-10 12:14 - 2021-06-10 12:14 - 002300416 _____ (Farbar) C:\Users\Christ\Desktop\FRST64.exe
2021-06-07 06:54 - 2021-06-07 06:54 - 000000662 _____ C:\Users\Christ\Desktop\ApplicationPKP1993.lnk
2021-06-07 06:54 - 2021-06-07 06:54 - 000000000 ____D C:\Users\Christ\AppData\Roaming\Microsoft\Windows\Start Menu\ApplicationPKP1993
2021-06-07 06:54 - 2021-06-07 06:54 - 000000000 ____D C:\Users\Christ\AppData\Local\WDSetup
2021-06-07 06:34 - 2021-06-07 06:48 - 179762742 _____ (PC SOFT) C:\Users\Christ\Downloads\ProphetKacou.exe
2021-06-06 23:08 - 2021-06-06 23:08 - 000287056 _____ C:\WINDOWS\Minidump\060621-44296-01.dmp
2021-06-04 00:57 - 2021-06-04 00:57 - 000000000 ____D C:\Users\Christ\Desktop\Concours Port
2021-06-01 17:53 - 2021-06-01 17:53 - 000001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-05-23 18:27 - 2021-05-23 18:27 - 000000000 ____D C:\Users\Christ\Desktop\CV 2
2021-05-13 16:33 - 2021-04-20 04:48 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2021-05-13 16:33 - 2021-04-20 01:23 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2021-05-13 16:33 - 2021-04-15 06:46 - 000806688 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2021-05-13 16:33 - 2021-04-15 06:21 - 025760768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2021-05-13 16:33 - 2021-04-15 06:01 - 000614064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2021-05-13 16:33 - 2021-04-15 04:40 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2021-05-13 16:33 - 2021-04-15 04:35 - 002916352 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2021-05-13 16:33 - 2021-04-15 04:33 - 020295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2021-05-13 16:33 - 2021-04-15 04:29 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2021-05-13 16:33 - 2021-04-15 04:19 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2021-05-13 16:33 - 2021-04-15 04:06 - 015506944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2021-05-13 16:33 - 2021-04-15 04:00 - 002308608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2021-05-13 16:33 - 2021-04-15 04:00 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2021-05-13 16:33 - 2021-04-15 03:58 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2021-05-13 16:33 - 2021-04-15 03:55 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2021-05-13 16:33 - 2021-04-15 03:55 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2021-05-13 16:33 - 2021-04-15 03:49 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2021-05-13 16:33 - 2021-04-15 03:48 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2021-05-13 16:33 - 2021-04-15 03:38 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2021-05-13 16:33 - 2021-04-15 03:36 - 013881856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2021-05-13 16:33 - 2021-04-15 03:35 - 001569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2021-05-13 16:33 - 2021-04-15 03:34 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2021-05-13 16:33 - 2021-04-15 03:32 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2021-05-13 16:33 - 2021-04-15 03:31 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2021-05-13 16:33 - 2021-04-15 03:26 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2021-05-13 16:33 - 2021-04-15 03:19 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2021-05-13 16:33 - 2021-04-15 03:15 - 004388352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2021-05-13 16:33 - 2021-04-15 03:14 - 007041536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2021-05-13 16:33 - 2021-04-15 03:13 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2021-05-13 16:33 - 2021-04-15 03:06 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2021-05-13 16:33 - 2021-04-15 03:05 - 006221824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2021-05-13 16:33 - 2021-04-06 06:58 - 002174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2021-05-13 16:33 - 2021-04-06 06:58 - 001665120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2021-05-13 16:33 - 2021-04-06 06:58 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2021-05-13 16:33 - 2021-04-06 06:55 - 007363840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2021-05-13 16:33 - 2021-04-06 06:51 - 001738016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2021-05-13 16:33 - 2021-04-06 06:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 16:33 - 2021-04-06 06:51 - 001538072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2021-05-13 16:33 - 2021-04-06 05:20 - 001501408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2021-05-13 16:33 - 2021-04-06 05:19 - 001562328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2021-05-13 16:33 - 2021-04-06 05:19 - 001216264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2021-05-13 16:33 - 2021-04-06 05:19 - 000548448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2021-05-13 16:33 - 2021-04-06 04:26 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys
2021-05-13 16:33 - 2021-04-06 03:31 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2021-05-13 16:33 - 2021-04-06 03:29 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2021-05-13 16:33 - 2021-04-06 03:18 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-10 12:18 - 2016-12-24 11:10 - 000000000 ____D C:\FRST
2021-06-10 11:50 - 2017-07-20 01:20 - 000000000 ____D C:\ProgramData\MFAData
2021-06-10 11:45 - 2013-08-22 15:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-10 11:24 - 2017-07-20 01:16 - 000003934 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{63FF7A0C-E7AC-4C77-92B8-8089321B3C18}
2021-06-07 07:16 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2021-06-07 06:59 - 2016-07-18 17:42 - 000000512 _____ C:\Users\Christ\Desktop\Doc.vhd
2021-06-07 06:25 - 2017-07-19 07:30 - 000000000 ____D C:\Users\Christ\AppData\Local\Packages
2021-06-07 01:24 - 2017-07-19 07:36 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2178750781-228122678-151732202-1003
2021-06-07 01:07 - 2015-08-30 06:20 - 000000000 __SHD C:\Users\Christ\IntelGraphicsProfiles
2021-06-06 23:10 - 2017-07-19 07:16 - 000000000 ____D C:\Users\Christ
2021-06-06 23:09 - 2021-05-10 17:41 - 000003490 _____ C:\WINDOWS\system32\Tasks\AutoKMS
2021-06-06 23:08 - 2017-07-23 16:21 - 000000000 ____D C:\WINDOWS\Minidump
2021-06-06 23:08 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-06 15:52 - 2021-04-28 17:18 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-06 15:52 - 2021-04-28 17:18 - 000002209 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-06 15:52 - 2021-04-28 17:18 - 000002209 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-05 23:18 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-04 01:46 - 2021-03-30 15:53 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-04 01:46 - 2021-03-30 15:53 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-04 01:46 - 2021-03-30 15:53 - 000002208 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-06-04 01:09 - 2021-04-21 18:25 - 000000000 ____D C:\Users\Christ\AppData\Local\ElevatedDiagnostics
2021-06-04 00:57 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-01 19:50 - 2014-12-03 18:32 - 000000000 ____D C:\Users\Christ\Documents\Euro Truck Simulator 2
2021-06-01 17:53 - 2021-05-10 16:52 - 000000000 ____D C:\Program Files (x86)\Intel
2021-06-01 17:53 - 2021-05-09 12:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-30 16:11 - 2013-08-22 13:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-05-24 22:03 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\rescache
2021-05-23 13:56 - 2021-03-31 21:08 - 000011376 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2021-05-23 13:55 - 2017-07-25 20:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2021-05-23 13:44 - 2013-08-22 14:44 - 000481832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-22 22:51 - 2016-07-18 23:13 - 000000512 _____ C:\Users\Christ\Desktop\Ecoute.vhd
2021-05-22 22:47 - 2017-07-27 22:43 - 000000000 ____D C:\Users\Christ\AppData\Roaming\DMCache
2021-05-22 19:19 - 2017-07-20 00:35 - 000000000 ____D C:\Users\Christ\AppData\Roaming\vlc
2021-05-22 18:33 - 2017-07-21 15:03 - 000811466 _____ C:\WINDOWS\system32\perfh00C.dat
2021-05-22 18:33 - 2017-07-21 15:03 - 000159318 _____ C:\WINDOWS\system32\perfc00C.dat
2021-05-22 18:33 - 2017-07-19 07:22 - 001826754 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-22 13:20 - 2017-07-20 05:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-05-22 13:18 - 2017-07-27 22:43 - 000000000 ____D C:\Users\Christ\AppData\Roaming\IDM
2021-05-13 21:49 - 2021-05-05 00:32 - 000000000 ____D C:\Users\Christ\Desktop\PKP Predications
2021-05-13 20:01 - 2021-03-18 13:30 - 000000000 ____D C:\Users\Christ\Desktop\Aqua

==================== Fichiers à la racine de certains dossiers ========

2018-09-09 02:39 - 2018-09-09 02:39 - 007781888 _____ () C:\Users\Christ\AppData\Local\agent.dat
2018-09-09 02:35 - 2018-09-09 02:35 - 002297856 _____ (TODO: ) C:\Users\Christ\AppData\Local\Cantam.exe
2018-09-09 02:36 - 2018-09-09 02:36 - 000278512 _____ () C:\Users\Christ\AppData\Local\Cantam.tst
2018-09-09 02:39 - 2018-09-09 02:39 - 000070896 _____ () C:\Users\Christ\AppData\Local\Config.xml
2018-09-09 02:36 - 2018-09-09 02:35 - 002297856 _____ (TODO: ) C:\Users\Christ\AppData\Local\Grooveis.exe
2018-09-09 02:38 - 2018-09-09 02:38 - 002019258 _____ () C:\Users\Christ\AppData\Local\Grooveis.tst
2018-09-09 01:51 - 2018-09-09 01:51 - 000140800 _____ () C:\Users\Christ\AppData\Local\installer.dat
2018-09-09 02:39 - 2018-09-09 02:39 - 000005568 _____ () C:\Users\Christ\AppData\Local\md.xml
2018-09-09 02:39 - 2018-09-09 02:39 - 000126464 _____ () C:\Users\Christ\AppData\Local\noah.dat
2018-09-09 01:51 - 2018-09-09 03:41 - 001413120 _____ () C:\Users\Christ\AppData\Local\sham.db

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2021-06-06 16:37
==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité