Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 22-09-2021 02
Exécuté par Francoise (administrateur) sur FRANCOISE-PC (MSI MS-7676) (04-10-2021 13:32:07)
Exécuté depuis D:\Francoise\Bureau\Systeme\Outils-analyse-system
Profils chargés: Francoise
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Unlocker\UnlockerAssistant.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files\Dropbox\Client\132.4.3800\QtWebEngineProcess.exe <2>
(FRANCE TELECOM -> ) [Fichier non signé] C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe
(Fred's Software Company) [Fichier non signé] C:\Users\Francoise\AppData\Roaming\Microsoft\Windows\Start Menu\Printkey.exe
(Generic) [Fichier non signé] C:\Windows\System32\ufdsvc.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\DMC\Aggregation.exe
(LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
(LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
(LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\Update\SmartShareTray.exe
(Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nero AG -> Nero AG) C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
(Nero AG -> Nero AG) C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
(Nero AG -> Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Orange -> ) [Fichier non signé] C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
(Orange-France) [Fichier non signé] C:\Users\Francoise\AppData\Local\Le Cloud Orange\omclient.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG) D:\Samsung Link\Samsung Link Tray Agent.exe
(Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG) D:\Samsung Link\Samsung Link.exe <2>
(Samsung Electronics CO., LTD. -> Samsung) [Fichier non signé] C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Samsung Electronics CO., LTD. -> Samsung) [Fichier non signé] C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [5708432 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2295576 2013-06-27] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () [Fichier non signé]
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [Samsung Link] => D:\Samsung Link\Samsung Link Tray Agent.exe [575328 2015-03-18] (Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [8091424 2021-09-26] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare software CO., LIMITED -> Wondershare)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [160568 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1264312 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM\...\Run: [DLCCCATS] => rundll32 \3\DLCCtime.dll,_RunDLLEntry@16**************************************************************************************************************************************************************** (l'élément de données a 59 caractères en plus).
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3167014449-1434932042-136220369-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3167014449-1434932042-136220369-1000\...\Run: [Skype for Desktop] => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3167014449-1434932042-136220369-1000\...\Run: [Le Cloud d'Orange - Transfert de fichiers Client] => C:\Users\Francoise\AppData\Local\Le Cloud Orange\omclient.exe [1469440 2015-04-10] (Orange-France) [Fichier non signé]
HKU\S-1-5-21-3167014449-1434932042-136220369-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3167014449-1434932042-136220369-1000\...\Run: [CCleaner Smart Cleaning] => D:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows NT x86\Print Processors\Dell Photo AIO Printer 924 Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\dlccPP5C.dll [118272 2007-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International, Inc.)
HKLM\...\Print\Monitors\Dell 924 Port: C:\Windows\system32\dlcclmpm.DLL [585728 2006-12-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Dell Print-2-Fax Port: C:\Windows\system32\DLPRMON.DLL [45056 2006-10-06] () [Fichier non signé]
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [268688 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [580712 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
Startup: C:\Users\Francoise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk [2013-05-20]
ShortcutTarget: firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\Francoise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey.lnk [2013-03-23]
ShortcutTarget: Printkey.lnk -> C:\Users\Francoise\AppData\Roaming\Microsoft\Windows\Start Menu\Printkey.exe (Fred's Software Company) [Fichier non signé]
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04D60705-72A3-4BD9-951A-637735DA13EC} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2020-12-28] () [Fichier non signé]
Task: {0ADB2FBD-8322-4084-878C-C641D459FF76} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {1383464F-DF84-4E79-844E-A96E979DB062} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {1468E600-9B39-46AD-B437-F7A14777E03E} - System32\Tasks\{2EA79284-710A-4A55-BF7E-52A94D45B235} => C:\Windows\system32\pcalua.exe -a D:\Francoise\Téléchargements\usr-gsm-support.exe -d D:\Francoise\Téléchargements
Task: {19CAFF09-BBB6-4FC5-8EF7-0329430B4461} - System32\Tasks\{F10B9AB3-DFBD-4862-A791-2DD3692843FA} => "c:\program files\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.6.0.106/fr/abandoninstall?page=tsMain
Task: {1C479236-FB54-4F19-BE07-AA25ECC99253} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\Francoise\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
Task: {261172F8-17EB-41EF-91A8-B54BE0B23554} - System32\Tasks\MSI_Toast_Server => C:\Program Files\MSI\MSI Toast Server\MSIToastServer.exe [31904 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {28356D47-F48B-4F55-8106-39F45F6A42A1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [627128 2021-09-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {2A17CA34-8CA4-4954-A2C1-A08D4553DB60} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {34428D56-B63D-4164-BFC7-11107167D0BD} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4412216 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {3993E096-B15D-42CA-84E2-831F445B5645} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {406FD5D2-B0D8-4AA1-AD06-DB788A008C7E} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2938984 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {44B426D5-8E05-4145-AE2F-7A0AB6F57966} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1578256 2021-04-30] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {45869A87-8995-4D99-9A95-7256B0432FB2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {4D2DDBEA-05C7-4263-8A99-C8F81F8FE635} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4E3F2C20-7500-4F42-88DE-F9B9315C96DE} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: {4EAD58EA-B75C-47E6-8133-D92241BF74F2} - System32\Tasks\{A84FE9B7-71D9-44CF-9845-EE932059BE08} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe" -d C:\Users\Francoise\Desktop
Task: {4F942DE4-A9F8-4C57-B817-3373D2CC5583} - System32\Tasks\{F4FF8CB5-0AA6-42F1-B754-D0F3F7D639EF} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\AllWinnertech\PhoenixSuit\drvinstaller_X86.exe" -d "D:\Program Files\AllWinnertech\PhoenixSuit"
Task: {5759BCB8-0E30-47B0-8011-1AFF94EE2DFF} - System32\Tasks\SmartShare => C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe [261208 2013-06-27] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {5EB0D097-8622-403D-A725-2AB4F5A0282C} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DB39AE7-3CCD-4FB2-BF2A-4C51ED3DC189} - System32\Tasks\CCleanerSkipUAC - Francoise => D:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7760105C-AD40-4E4A-A1AC-65EFD99E49F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {77EFE6F2-A062-43BB-A1C0-F000E10201AA} - System32\Tasks\Microsoft\Windows\orangeinstaller => C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] (Orange -> ) [Fichier non signé]
Task: {7C603A87-22B3-489C-AB03-D2389151F08D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {7F5D048C-78F8-40EB-99CD-C81F99244BC2} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(1): Net -> stop "Orange Update Core Service"
Task: {7F5D048C-78F8-40EB-99CD-C81F99244BC2} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(2): Net -> start "Orange Update Core Service"
Task: {8BEC195B-9B5F-40CF-BA65-FF2863B625F1} - System32\Tasks\{68FC45C7-5D77-49DB-B748-7681077F9E0A} => C:\Windows\system32\pcalua.exe -a D:\Windows.old\Users\Francoise\Downloads\irfanview_plugins_433_setup.exe -d D:\Windows.old\Users\Francoise\Downloads
Task: {8E7B1159-7A0E-4189-9F5C-5860C5D10EE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-09-01] (Google Inc -> Google Inc.)
Task: {9BEA86C0-B73F-4B05-A7F4-655654CF9813} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Install => C:\Program Files (x86)\Orange Update\install.bat <==== ATTENTION
Task: {A148C337-3467-4D95-BB29-7A3EE890739D} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {A29C169D-DC58-4F55-9F86-C1D814900147} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A3CD5A68-04D4-44B3-B892-173D8A9678E5} - System32\Tasks\{CF2EE65C-E33B-46FD-8015-03944DB6076F} => C:\Windows\system32\pcalua.exe -a C:\Users\Francoise\AppData\Local\Temp\Temp2_realtek_pcielan_8_mb.zip\WIN8\setup.exe <==== ATTENTION
Task: {B07A3EBF-7A8B-4209-8BB7-5D4E18B9973A} - System32\Tasks\CCleaner Update => D:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {C0A7C206-8AB0-4F96-BC05-891D25CE1A27} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {C512FFCB-0349-44E6-B6A1-D61025D6F03D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-09-01] (Google Inc -> Google Inc.)
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\DivXUpdate" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\HPCustParticipation HP Photosmart 5520 series" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\klcp_update" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\MSI_Toast_Server" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\ROC_REG_JAN_DELETE" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\SmartShare" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\{2EA79284-710A-4A55-BF7E-52A94D45B235}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\{68FC45C7-5D77-49DB-B748-7681077F9E0A}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\{A84FE9B7-71D9-44CF-9845-EE932059BE08}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\{CF2EE65C-E33B-46FD-8015-03944DB6076F}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\{F10B9AB3-DFBD-4862-A791-2DD3692843FA}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\{F4FF8CB5-0AA6-42F1-B754-D0F3F7D639EF}" /ENABLE
Task: {E84AA184-F5DD-4AB4-A8EE-5FE64B30C0B7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 82.146.38.202
Tcpip\..\Interfaces\{1C5042A1-211B-473D-A63A-1ABB92FE43F7}: [DhcpNameServer] 192.168.50.244
Tcpip\..\Interfaces\{85D5FB31-BEBD-42FA-A755-27DD06D27487}: [DhcpNameServer] 192.168.0.254 82.146.38.202
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,1]
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Francoise\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-02]
Edge HKLM\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]
FireFox:
========
FF DefaultProfile: pxw21l01.default-1541325703390
FF ProfilePath: C:\Users\Francoise\AppData\Roaming\XDUINO.com\XDUINOide\Profiles\rawkif7q.default [2013-12-22]
FF ProfilePath: C:\Users\Francoise\AppData\Roaming\TomTom\HOME\Profiles\brhfw0hh.default [2013-08-03]
FF Extension: (Pas de nom) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390 [2021-10-04]
FF Homepage: Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390 -> hxxps://orange.fr/portail/
FF Notifications: Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390 -> hxxps://www.facebook.com
FF Extension: (IBM Security Rapport) - C:\Users\Francoise\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2021-09-29] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (HTTPS partout) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-10-01]
FF Extension: (IBM Security Rapport) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\rapportext@trusteer.com.xpi [2021-09-29] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (uBlock Origin) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\uBlock0@raymondhill.net.xpi [2021-08-01]
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2020-12-27]
FF Extension: (La Qualité HD de la Bascule pour YouTube™) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\{1cf918d2-f4ea-4b4f-b34e-455283fef19f}.xpi [2021-03-06]
FF Extension: (YouTube High Definition) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2021-02-02]
FF Extension: (MultiTranslate) - C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\pxw21l01.default-1541325703390\Extensions\{c8f79b34-c3ff-4ce4-bdf4-eefa15c87f98}.xpi [2020-04-29]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-07-20] [] [non signé]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default [2021-10-02]
CHR HomePage: Default -> orange.fr
CHR StartupUrls: Default -> "hxxps://www.orange.fr/portail?utm_source=oi&utm_medium=v3&utm_campaign=sc&utm_content=odc"
CHR Extension: (Docs) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-20]
CHR Extension: (Google Drive) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-23]
CHR Extension: (IBM Security Rapport) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-09-29]
CHR Extension: (YouTube) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-29]
CHR Extension: (Skype) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-02-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-29]
CHR Extension: (Orange page d'accueil) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2020-08-01]
CHR Extension: (Gmail) - C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-23]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
CHR HKU\S-1-5-21-3167014449-1434932042-136220369-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung Electronics CO., LTD. -> Samsung) [Fichier non signé]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [576824 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1500984 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [358200 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7521392 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-04-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276288 2012-07-27] (Intel Corporation -> Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [37160 2021-09-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dedicarz Service; C:\Program Files\Orange\ma Livebox\dedicarz\DedicarzService.exe [1970544 2014-09-15] (FRANCE TELECOM -> ) [Fichier non signé]
S4 dlcc_device; C:\Windows\system32\dlcccoms.exe [538096 2007-01-30] (Dell Inc. -> )
S4 EaseUS Agent; D:\Program Files\Todo Backup\bin\Agent.exe [68168 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-12-25] (Mixbyte Inc -> Freemake)
S4 Guard Agent; D:\Program Files\Todo Backup\bin\GuardAgent.exe [23624 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 InCDSrv; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5969000 2021-07-03] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [2020024 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [2191032 2018-12-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG -> Nero AG)
R2 NeroRegInCDSrv; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)
S4 RepetierServer; D:\Program Files\Repetier-Server\bin\RepetierServer.exe [7800976 2020-06-19] (Hot-World GmbH & Co. KG -> )
R2 Samsung Link Service; D:\Samsung Link\Samsung Link.exe [581984 2015-03-18] (Samsung Electronics CO., LTD. -> Copyright 2013 SAMSUNG)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 UFDSVC; C:\Windows\system32\ufdsvc.exe [77824 2006-08-02] (Generic) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [185928 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [310368 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [206432 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [91744 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [39440 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [154168 2021-09-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [393160 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2020-05-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [92904 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [72064 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [690272 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [458680 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [162008 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [278312 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 CH341SER; C:\Windows\System32\Drivers\CH341SER.SYS [41472 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [90008 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2016-04-10] (DT Soft Ltd -> DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [163800 2021-03-26] (Malwarebytes Inc -> Malwarebytes)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [50248 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41544 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15944 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [186952 2013-01-25] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [77808 2014-01-27] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [74608 2014-01-27] (Future Technology Devices International Ltd -> FTDI Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [21664 2013-03-09] (Martin Malik - REALiX -> REALiX(tm))
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [130200 2009-10-16] (Nero AG -> Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [48280 2009-10-16] (Nero AG -> Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [19096 2009-10-16] (Nero AG -> Nero AG)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech -> Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech -> Logitech, Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech -> Logitech, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [184200 2021-10-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [161512 2021-10-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [58264 2021-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [213936 2021-10-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [122776 2021-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBfilt; C:\Windows\System32\drivers\MBfilt32.sys [24664 2009-11-18] (Creative Labs Inc -> Creative Technology Ltd.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41216 2011-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [63872 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141952 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [266112 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [326656 2020-08-18] (IBM -> IBM Corp.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [184216 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [14936 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott)
S3 vncdrv; C:\Windows\System32\DRIVERS\vncdrv.sys [12104 2007-05-22] (uvnc bvba -> RDV Soft)
S3 cpuz138; \??\D:\Temp\cpuz138\cpuz138_x32.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
S1 RapportAegle; \??\C:\Program Files\Trusteer\Rapport\bin\RapportAegle.sys [X]
S1 RapportCerberus_2004080; \??\c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_2004080.sys [X]
S1 RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [X]
S3 RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [X]
S1 RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [X]
S3 speccy; \??\D:\Temp\eed2f153-8a6e-49c6-ba13-6bb337303b48 [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-04 12:26 - 2021-10-04 12:26 - 000161512 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-10-04 12:26 - 2021-10-04 12:26 - 000122776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-10-04 12:26 - 2021-10-04 12:26 - 000058264 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-10-01 22:15 - 2021-10-01 22:15 - 000003544 ____N C:\bootsqm.dat
2021-10-01 21:58 - 2021-10-04 12:26 - 000000062 _____ C:\Windows\ufdsvclog.txt
2021-10-01 21:13 - 2021-10-01 21:13 - 000000000 ____D C:\Program Files\Broadcom
2021-10-01 21:13 - 2006-06-26 12:20 - 000564224 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwl5.sys
2021-10-01 12:59 - 2021-10-01 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-10-01 09:28 - 2021-10-01 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-10-01 09:28 - 2021-10-01 09:28 - 000000000 ____D C:\Program Files\VS Revo Group
2021-09-30 15:13 - 2021-10-04 13:32 - 000000000 ____D C:\FRST
2021-09-28 14:00 - 2021-09-28 14:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-09-28 11:48 - 2021-09-28 19:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-26 00:01 - 2021-09-26 00:01 - 000037160 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2021-09-26 00:01 - 2021-09-26 00:01 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2021-09-26 00:01 - 2021-09-26 00:01 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2021-09-26 00:01 - 2021-09-26 00:01 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2021-09-23 11:55 - 2021-09-23 11:55 - 000287544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-09-23 11:55 - 2021-09-23 11:55 - 000162008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-04 13:30 - 2018-04-12 14:44 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-10-04 13:30 - 2017-05-17 15:14 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-10-04 13:27 - 2009-07-14 06:34 - 000020592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-10-04 13:27 - 2009-07-14 06:34 - 000020592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-10-04 13:06 - 2017-08-01 18:53 - 000000000 ____D C:\Program Files\Google
2021-10-04 12:44 - 2015-09-12 17:06 - 000001180 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-10-04 12:26 - 2020-05-13 16:54 - 000000000 ____D C:\Users\Francoise\AppData\LocalLow\IGDump
2021-10-04 12:26 - 2016-11-20 10:23 - 000000000 ____D C:\Users\Francoise\AppData\LocalLow\Mozilla
2021-10-04 12:26 - 2012-11-11 11:56 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-04 12:25 - 2015-10-24 15:46 - 000000000 ____D C:\ProgramData\Avg
2021-10-04 12:25 - 2015-09-12 17:06 - 000001176 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2021-10-04 12:25 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-02 07:17 - 2016-07-30 11:14 - 000000000 ____D C:\Users\Francoise\AppData\Roaming\QtProject
2021-10-01 21:13 - 2012-11-10 15:56 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2021-10-01 21:13 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2021-10-01 21:08 - 2012-11-10 15:51 - 000006634 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-01 21:08 - 2009-08-19 21:48 - 000684030 _____ C:\Windows\system32\perfh01D.dat
2021-10-01 21:08 - 2009-08-19 21:48 - 000165090 _____ C:\Windows\system32\perfc01D.dat
2021-10-01 21:08 - 2009-08-19 20:32 - 000745544 _____ C:\Windows\system32\perfh019.dat
2021-10-01 21:08 - 2009-08-19 20:32 - 000172788 _____ C:\Windows\system32\perfc019.dat
2021-10-01 21:08 - 2009-08-19 20:26 - 000765712 _____ C:\Windows\system32\perfh013.dat
2021-10-01 21:08 - 2009-08-19 20:26 - 000176356 _____ C:\Windows\system32\perfc013.dat
2021-10-01 21:08 - 2009-08-19 20:20 - 000686716 _____ C:\Windows\system32\perfh014.dat
2021-10-01 21:08 - 2009-08-19 20:20 - 000155274 _____ C:\Windows\system32\perfc014.dat
2021-10-01 21:08 - 2009-08-19 20:15 - 000762198 _____ C:\Windows\system32\perfh010.dat
2021-10-01 21:08 - 2009-08-19 20:15 - 000169780 _____ C:\Windows\system32\perfc010.dat
2021-10-01 21:08 - 2009-08-19 20:09 - 000818332 _____ C:\Windows\system32\perfh00C.dat
2021-10-01 21:08 - 2009-08-19 20:09 - 000176212 _____ C:\Windows\system32\perfc00C.dat
2021-10-01 21:08 - 2009-08-19 20:03 - 000675484 _____ C:\Windows\system32\perfh00B.dat
2021-10-01 21:08 - 2009-08-19 20:03 - 000162382 _____ C:\Windows\system32\perfc00B.dat
2021-10-01 21:08 - 2009-08-19 19:58 - 000768150 _____ C:\Windows\system32\perfh00A.dat
2021-10-01 21:08 - 2009-08-19 19:58 - 000182676 _____ C:\Windows\system32\perfc00A.dat
2021-10-01 21:08 - 2009-08-19 19:52 - 000720134 _____ C:\Windows\system32\perfh007.dat
2021-10-01 21:08 - 2009-08-19 19:52 - 000172264 _____ C:\Windows\system32\perfc007.dat
2021-10-01 21:08 - 2009-08-19 19:47 - 000702846 _____ C:\Windows\system32\perfh006.dat
2021-10-01 21:08 - 2009-08-19 19:47 - 000159408 _____ C:\Windows\system32\perfc006.dat
2021-10-01 20:07 - 2016-05-16 10:10 - 000000000 ____D C:\Users\Francoise\AppData\Roaming\ZHP
2021-10-01 13:37 - 2020-12-19 18:48 - 000184200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-10-01 13:34 - 2020-06-20 09:57 - 000000000 ____D C:\Windows\pss
2021-10-01 13:30 - 2013-04-27 09:13 - 000000000 ____D C:\Windows\ERDNT
2021-10-01 12:59 - 2015-09-12 17:06 - 000000000 ____D C:\Program Files\Dropbox
2021-10-01 12:39 - 2020-12-19 18:48 - 000213936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-10-01 12:02 - 2020-06-22 09:29 - 000000000 ____D C:\Device
2021-10-01 12:02 - 2012-11-10 15:50 - 000000000 ____D C:\Users\Francoise
2021-10-01 10:00 - 2016-04-16 18:38 - 174096384 _____ C:\Windows\system32\config\COMPON~1.bak
2021-09-29 17:05 - 2009-07-14 06:53 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-09-28 19:00 - 2012-11-11 11:56 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2021-09-27 11:18 - 2020-10-24 09:56 - 000154168 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2021-09-23 17:35 - 2013-08-15 18:56 - 000000000 ____D C:\Windows\system32\MRT
2021-09-23 17:28 - 2012-11-11 17:07 - 132378816 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-23 11:55 - 2020-05-13 17:06 - 000393160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2021-09-23 11:55 - 2019-01-17 13:16 - 000206432 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2021-09-23 11:55 - 2019-01-17 13:16 - 000091744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2021-09-23 11:55 - 2018-10-22 14:58 - 000039440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2021-09-23 11:55 - 2017-11-28 11:51 - 000185928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2021-09-23 11:55 - 2017-05-17 15:14 - 000690272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2021-09-23 11:55 - 2017-05-17 15:14 - 000458680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2021-09-23 11:55 - 2017-05-17 15:14 - 000278312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2021-09-23 11:55 - 2017-05-17 15:14 - 000092904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2021-09-23 11:55 - 2017-05-17 15:14 - 000072064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2021-09-23 11:54 - 2019-01-17 13:16 - 000310368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
==================== Fichiers à la racine de certains dossiers ========
2013-10-07 17:40 - 2013-10-09 10:04 - 000001702 _____ () C:\Program Files\Mozilla Firefoxnation-secure-search.xml
2014-01-01 12:38 - 2018-08-11 09:21 - 000000127 _____ () C:\Users\Francoise\AppData\Roaming\Camdata.ini
2014-01-01 12:38 - 2018-08-11 09:21 - 000000408 _____ () C:\Users\Francoise\AppData\Roaming\CamLayout.ini
2014-01-01 12:38 - 2018-08-11 09:21 - 000000408 _____ () C:\Users\Francoise\AppData\Roaming\CamShapes.ini
2014-01-01 12:38 - 2018-08-11 09:21 - 000004544 _____ () C:\Users\Francoise\AppData\Roaming\CamStudio.cfg
2012-11-10 17:59 - 2021-10-01 21:29 - 000262123 _____ () C:\Users\Francoise\AppData\Roaming\Error.log
2017-12-03 18:39 - 2017-12-03 18:39 - 000000006 _____ () C:\Users\Francoise\AppData\Roaming\gnuplot_history
2012-11-11 15:34 - 2020-06-22 10:04 - 000024188 _____ () C:\Users\Francoise\AppData\Roaming\Notepad2.ini
2014-01-01 12:34 - 2018-08-11 09:19 - 000000096 _____ () C:\Users\Francoise\AppData\Roaming\version2.xml
2018-08-22 14:30 - 2018-09-01 10:28 - 000000136 _____ () C:\Users\Francoise\AppData\Roaming\WB.CFG
2021-03-31 16:02 - 2021-05-06 14:51 - 000010240 _____ () C:\Users\Francoise\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-20 18:10 - 2013-05-20 18:10 - 000000001 _____ () C:\Users\Francoise\AppData\Local\llftool.4.25.agreement
2019-07-29 09:17 - 2019-07-29 09:17 - 000000982 _____ () C:\Users\Francoise\AppData\Local\recently-used.xbel
2019-03-08 11:56 - 2019-03-08 11:56 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{09A2418B-8CCD-429B-B853-01F8C22B7DB3}
2021-09-30 14:21 - 2021-09-30 14:21 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{0B4DE81D-5786-49BA-B8C6-DFB110879DFA}
2021-09-30 18:57 - 2021-09-30 18:57 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{290BCD93-9530-4F1E-8A34-AC7EBA14B27C}
2021-09-30 09:19 - 2021-09-30 09:19 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{34B5D234-51F6-4410-89EF-FD871420672C}
2021-09-30 15:52 - 2021-09-30 15:52 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{4293BCA6-5073-414A-A7DD-BA7060DC82AB}
2018-10-24 09:05 - 2018-10-24 09:06 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{C05C9356-EFA5-4B2C-A34B-E10F9ED3DBB8}
2021-09-30 16:21 - 2021-09-30 16:21 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{C4D368EB-1CF3-4EB1-AA45-0282120D5AF6}
2021-09-30 16:31 - 2021-09-30 16:31 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{DC229314-2FE7-4791-9062-E3B6B433A7CF}
2018-10-24 09:06 - 2018-10-24 09:07 - 000000000 _____ () C:\Users\Francoise\AppData\Local\{EDFF2818-005F-474B-A8D2-6E5E9D6E0537}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2021-09-29 14:52
==================== Fin de FRST.txt ========================