Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2021
Exécuté par Aline (administrateur) sur PC-SUDISINE (Packard Bell EasyNote LV44HC) (19-10-2021 10:49:19)
Exécuté depuis C:\Users\Aline\Desktop
Profils chargés: UpdatusUser & Aline
Platform: Microsoft Windows 10 Famille Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aline\AppData\Local\Microsoft\OneDrive\21.129.0627.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aline\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1161_none_7e3076a27c733477\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\updateplatform.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Aline\Downloads\Logiciels installés\Mozilla messagerie\thunderbird.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe
(Qualcomm Atheros -> Atheros) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-29] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [MediaDICO38] => C:\Users\UpdatusUser\Downloads\Logiciels installés\38 dico\LMD38.exe Lancement
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\MountPoints2: {815e3956-9be4-11e2-be6a-806e6f6e6963} - "D:\AUTORUN.EXE"
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [MediaDICO38] => C:\Users\Aline\Downloads\Logiciels installés\38 dico\LMD38.exe [252416 2007-05-23] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [MicrosoftEdgeAutoLaunch_2D211B4BF42A54547E38122863209FD5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [MediaDICO38] => C:\Users\Administrator\Downloads\Logiciels installés\38 dico\LMD38.exe Lancement
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\MountPoints2: {815e3956-9be4-11e2-be6a-806e6f6e6963} - "D:\AUTORUN.EXE"
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\WINDOWS\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-08-14] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [762400 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2015-06-19]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe (PacketVideo Corporation -> PacketVideo)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0581FED6-FE2C-4D74-94E2-D3CADFA98106} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {12C20419-B1DC-4668-8291-E9CDAA1F095D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {16ED065A-4E4A-4A10-AC3E-7BD96F92BA88} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {1A30323B-98D7-4B77-8DD3-E7B014FB252E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {20283E4C-1E04-422B-9F5F-DE3745425573} - \HP AR Program Upload - 4ce7bfae3bec44c0853fa473685fbe3ddf1c3b701c9e437fa5e2d355f9fdf551 -> Pas de fichier <==== ATTENTION
Task: {202866D9-608C-4C17-A68C-D6FC0C8366D2} - System32\Tasks\Mozill_{C32FD092-F9DD-4566-A116-21F81621758C} => "C:\Users\Aline\Downloads\Logiciels installés\Mozill [Argument = https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak12%2F&cc=de&modelName=HP%20Deskjet%202540%20series&serialNo=CN4433F19N&serialNo_Extra=0604&modelID=A9U22B&serviceID=24215&lang=en&usagetype=002]
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F311770-F831-45B2-8159-B2D912DE1129} - System32\Tasks\HP AR Program Upload - 6aea143b05324091963ed3beec49488de4db1eaa9e0040538bf9fa1f7c8c9dbe => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:)
Task: {438A1825-E968-40F7-A77B-53DDA436ED9A} - System32\Tasks\Norton Remove and Reinstall\Norton Remove and Reinstall => C:\Users\Aline\Downloads\NRnR.exe
Task: {4A8E1B4C-E395-4BC7-A9FD-D70528BBF4F4} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {52DB1C00-152D-45A8-AF2D-0A46D08AF36E} - \HP AR Program Upload - 9b5f6e6380244dfdb4839ea7eacf5da56c5c5e50e9174620ad2f691314d3c38c -> Pas de fichier <==== ATTENTION
Task: {542DDE10-64D7-47EA-90B6-E0830C908EEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55DC0F58-E28B-444A-BDC3-5E54E2857573} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {5BB026E0-3724-449F-9BBA-C41545EA0459} - System32\Tasks\HP AR Program Upload - 4ea7f781020f45d09e8846cf91bf8de6cd6064ebc07c446fa41677fd9a08f604 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:)
Task: {6BAE255C-59F9-4EB7-A561-9EF3D29A67AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6EFE76D3-2E11-4A11-805F-EA4C30C02407} - \WPD\SqmUpload_S-1-5-21-2611346374-1473099505-1922980101-1002 -> Pas de fichier <==== ATTENTION
Task: {7041AF54-0A77-4A29-B9B3-88D46DDB7BD7} - System32\Tasks\Toolbox.exe_{550995AD-C84D-4EC8-9658-2D20C9FC255C} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [4927520 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {70525F55-3AFE-4A05-996F-617D811CA894} - System32\Tasks\HPCustPartic.exe_{1DD0AFCE-956D-41BD-96BD-B2C4DAC8886D} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {7B17F73A-3829-4AE4-9E74-DB32F0E6C300} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7DE338D3-50D9-4C56-BBF3-45C413C00C95} - System32\Tasks\CCleanerSkipUAC => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {90CD63B1-432C-46C7-A7CE-8957789242D7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {9407A867-D29D-4CBA-91FE-7522ECBD3B0F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A4144A8C-7435-4976-8484-A28452902EAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF0712DF-0652-4D60-8E8C-D3D56944BC2B} - System32\Tasks\CCleaner Update => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCUpdate.exe [684976 2021-08-27] (Piriform Software Ltd -> Piriform)
Task: {B51F1A1D-E3FA-4F57-8BD2-A6F39E5A50FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5E80E2F-FC18-4B8E-97E9-84F235DA451E} - \Optimize Start Menu Cache Files-S-1-5-21-2611346374-1473099505-1922980101-1002 -> Pas de fichier <==== ATTENTION
Task: {B998AE27-90D4-4C20-8BDB-267D879174F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB602445-2454-4D6F-935B-FAB890D39908} - System32\Tasks\CCleanerSkipUAC - Aline => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C22039CB-876A-4589-816A-7DA7AE6E0366} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {C2AA78EA-F99B-4D25-BF30-CD75F6CB63D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C60F9A58-B22A-41F6-97C6-493C5B866FF3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {C7E7EEF7-2627-497F-96C3-F45E3435FB3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {C8D6D845-E377-408C-ADAB-722C065741D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {C9B33B0D-CE63-4853-AD99-CEC9736F4E6F} - System32\Tasks\HP AR Program Upload - cd2275c2134a466cac407467082812d91ef3faedb64548478f99b1edaaa8f0a3 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:)
Task: {CB5A786A-88C2-4C08-A170-9055E6488082} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {CBF36A0B-44C9-4A33-AE1C-0D6A8EF26832} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE8F2FFB-1E4D-4E9E-B3AF-47DFC855EF9C} - \HP AR Program Upload - 7fb35d37a88f4e97abaeb4a0e053675b0e4f77fc451641f08866c6db08aa06c3 -> Pas de fichier <==== ATTENTION
Task: {CFD2FE49-9798-4E55-B754-2B94E5242514} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {D09CBB14-86BD-4053-B782-72E91D414C6A} - System32\Tasks\Toolbox.exe_{FF5C03F4-094B-46E0-A4E3-1F603C6FA938} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [4927520 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {DE7847E1-C30F-46AA-AA6E-227F32E4E439} - System32\Tasks\HPCustPartic.exe_{F41C7647-8049-4ED8-95A0-B71FCE9DA748} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {E48E18BB-0969-4337-9691-37FDBC8811B3} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {F9C0741B-318A-4410-89CA-3839A8284D89} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [5314192 2012-10-23] (Acer Incorporated -> Acer Incorporated)
Task: {FC6D5AF0-1427-49B6-9207-8559FE54D3C8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03a2e9c6-b7e1-4b0d-bc6e-da7865e9adfe}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4a5fa4cf-a625-4cbc-b277-2457f8e8dae4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5572cbf5-824c-4c95-9c98-043bc4eac832}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Aline\Downloads
Edge Notifications: HKU\S-1-5-21-2611346374-1473099505-1922980101-1002 -> hxxps//app.napster.com; hxxps//forum.frandroid.com; hxxp//forum.frandroid.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-19]
Edge StartupUrls: Default -> "hxxps//www.google.fr/?gws_rd=ssl"
Edge DefaultSearchURL: Default -> hxxps//www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge Profile: C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-11]
Edge Extension: (Kaspersky Protection) - C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-06]
FireFox:
========
FF ProfilePath: C:\Users\Aline\AppData\Roaming\Mozilla\Firefox\Profiles\zj5db92d.default-1466595809340 [2021-09-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-08-31] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-08-31] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Users\Aline\Downloads\Logiciels installés\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Users\Aline\Downloads\Logiciels installés\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-11]
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-10-08]
CHR Notifications: Profile 1 -> hxxps//forums.commentcamarche.net
CHR DefaultSearchURL: Profile 1 -> hxxps//q.eadblock.com/?vnd=1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> q.eadblock.com
CHR Extension: (Slides) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-08]
CHR Extension: (Docs) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-08]
CHR Extension: (Google Drive) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-14]
CHR Extension: (Kaspersky Protection 20.0) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2021-02-08]
CHR Extension: (Le Coin Raccourcis) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcgbaafeapbpomhdamfedlllpddjlaao [2020-08-19]
CHR Extension: (Sheets) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-05]
CHR Extension: (EAB) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hojhhmecfdlobchoejlbonoabacfnaap [2020-09-27]
CHR Extension: (Skype) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-20]
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-11]
CHR HKLM\...\Chrome\Extension: [eblihieomkjeiobglmnbmidkajdcfkpa] -
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [eblihieomkjeiobglmnbmidkajdcfkpa] -
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated -> Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated -> Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2457232 2012-07-24] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-04-03] (Dritek System Inc. -> Dritek System INC.)
S2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo Corporation -> PacketVideo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Qualcomm Atheros -> Atheros) [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation -> Symantec Corporation)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-04-03] (Dritek System Inc. -> Dritek System Inc.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-19] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbd1a11db; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BB792B2-F391-4A51-851D-2B6ED160F8A5}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-19 10:49 - 2021-10-19 11:05 - 000039637 _____ C:\Users\Aline\Desktop\FRST.txt
2021-10-19 10:48 - 2021-10-19 10:48 - 000000000 ___HD C:\$WinREAgent
2021-10-19 10:48 - 2021-10-19 10:48 - 000000000 ____D C:\Users\Aline\Desktop\FRST-OlderVersion
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-19 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-19 10:59 - 2017-08-29 16:14 - 000000000 ____D C:\FRST
2021-10-19 10:59 - 2015-08-26 03:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-19 10:58 - 2018-06-09 07:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-19 10:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-19 10:48 - 2021-09-16 10:26 - 002310656 _____ (Farbar) C:\Users\Aline\Desktop\FRST64.exe
2021-10-19 10:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-19 10:42 - 2017-06-09 13:52 - 000000000 ____D C:\Users\Aline\AppData\LocalLow\Mozilla
2021-10-19 10:33 - 2020-12-27 15:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-19 10:33 - 2016-09-14 16:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-19 10:32 - 2020-12-27 13:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-19 09:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-19 09:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-19 09:40 - 2020-12-27 13:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-19 09:25 - 2021-01-13 10:58 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dc49ff7a2789
2021-10-19 09:25 - 2020-12-27 15:35 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-19 09:16 - 2020-12-27 14:00 - 000000000 ____D C:\Users\UpdatusUser
2021-10-19 09:14 - 2015-06-19 14:11 - 000000000 ____D C:\ProgramData\Serveur Média
2021-10-19 08:53 - 2015-06-19 14:11 - 000000000 ____D C:\Program Files (x86)\Serveur Media
2021-10-19 07:54 - 2020-12-27 15:35 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-19 07:53 - 2020-12-27 15:35 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-08 18:27 - 2015-08-09 14:24 - 000000000 ____D C:\Users\Aline\Documents\Administratifs
2021-10-08 18:10 - 2013-08-17 07:23 - 000000000 ____D C:\Users\Aline\Downloads\Logiciels installés
==================== Fichiers à la racine de certains dossiers ========
2016-12-09 10:39 - 2016-12-09 10:39 - 000000294 _____ () C:\ProgramData\SMRResults501.dat
2017-10-15 12:41 - 2017-10-15 12:41 - 000000706 _____ () C:\Program Files (x86)\LMIR0002.tmp.bat
2017-10-15 12:41 - 2017-10-15 12:41 - 000000514 _____ () C:\Program Files (x86)\LMIR0002.tmp_r.bat
2021-09-08 17:57 - 2021-09-16 17:50 - 000010240 _____ () C:\Users\Aline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-28 11:58 - 2018-08-14 17:00 - 000007597 _____ () C:\Users\Aline\AppData\Local\Resmon.ResmonCfg
2017-06-21 02:47 - 2017-06-21 02:48 - 000000000 _____ () C:\Users\Aline\AppData\Local\{1A13859F-2EAF-4ED2-BAD7-5CF7392DDA4D}
2017-06-21 02:45 - 2017-06-21 02:48 - 000000000 _____ () C:\Users\Aline\AppData\Local\{1DA31DA8-E1FF-4EEA-B3D6-91663D41601A}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Aline (administrateur) sur PC-SUDISINE (Packard Bell EasyNote LV44HC) (19-10-2021 10:49:19)
Exécuté depuis C:\Users\Aline\Desktop
Profils chargés: UpdatusUser & Aline
Platform: Microsoft Windows 10 Famille Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aline\AppData\Local\Microsoft\OneDrive\21.129.0627.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aline\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1161_none_7e3076a27c733477\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\updateplatform.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\Aline\Downloads\Logiciels installés\Mozilla messagerie\thunderbird.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe
(Qualcomm Atheros -> Atheros) [Fichier non signé] C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-29] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [MediaDICO38] => C:\Users\UpdatusUser\Downloads\Logiciels installés\38 dico\LMD38.exe Lancement
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1001\...\MountPoints2: {815e3956-9be4-11e2-be6a-806e6f6e6963} - "D:\AUTORUN.EXE"
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [MediaDICO38] => C:\Users\Aline\Downloads\Logiciels installés\38 dico\LMD38.exe [252416 2007-05-23] (L'Aventure Multimedia) [Fichier non signé]
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-1002\...\Run: [MicrosoftEdgeAutoLaunch_2D211B4BF42A54547E38122863209FD5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [MediaDICO38] => C:\Users\Administrator\Downloads\Logiciels installés\38 dico\LMD38.exe Lancement
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [CCleaner Smart Cleaning] => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2611346374-1473099505-1922980101-500\...\MountPoints2: {815e3956-9be4-11e2-be6a-806e6f6e6963} - "D:\AUTORUN.EXE"
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\WINDOWS\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-08-14] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [762400 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2015-06-19]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe (PacketVideo Corporation -> PacketVideo)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0581FED6-FE2C-4D74-94E2-D3CADFA98106} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {12C20419-B1DC-4668-8291-E9CDAA1F095D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {16ED065A-4E4A-4A10-AC3E-7BD96F92BA88} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {1A30323B-98D7-4B77-8DD3-E7B014FB252E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {20283E4C-1E04-422B-9F5F-DE3745425573} - \HP AR Program Upload - 4ce7bfae3bec44c0853fa473685fbe3ddf1c3b701c9e437fa5e2d355f9fdf551 -> Pas de fichier <==== ATTENTION
Task: {202866D9-608C-4C17-A68C-D6FC0C8366D2} - System32\Tasks\Mozill_{C32FD092-F9DD-4566-A116-21F81621758C} => "C:\Users\Aline\Downloads\Logiciels installés\Mozill [Argument = https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak12%2F&cc=de&modelName=HP%20Deskjet%202540%20series&serialNo=CN4433F19N&serialNo_Extra=0604&modelID=A9U22B&serviceID=24215&lang=en&usagetype=002]
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F311770-F831-45B2-8159-B2D912DE1129} - System32\Tasks\HP AR Program Upload - 6aea143b05324091963ed3beec49488de4db1eaa9e0040538bf9fa1f7c8c9dbe => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:
Task: {438A1825-E968-40F7-A77B-53DDA436ED9A} - System32\Tasks\Norton Remove and Reinstall\Norton Remove and Reinstall => C:\Users\Aline\Downloads\NRnR.exe
Task: {4A8E1B4C-E395-4BC7-A9FD-D70528BBF4F4} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {52DB1C00-152D-45A8-AF2D-0A46D08AF36E} - \HP AR Program Upload - 9b5f6e6380244dfdb4839ea7eacf5da56c5c5e50e9174620ad2f691314d3c38c -> Pas de fichier <==== ATTENTION
Task: {542DDE10-64D7-47EA-90B6-E0830C908EEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55DC0F58-E28B-444A-BDC3-5E54E2857573} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {5BB026E0-3724-449F-9BBA-C41545EA0459} - System32\Tasks\HP AR Program Upload - 4ea7f781020f45d09e8846cf91bf8de6cd6064ebc07c446fa41677fd9a08f604 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:
Task: {6BAE255C-59F9-4EB7-A561-9EF3D29A67AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6EFE76D3-2E11-4A11-805F-EA4C30C02407} - \WPD\SqmUpload_S-1-5-21-2611346374-1473099505-1922980101-1002 -> Pas de fichier <==== ATTENTION
Task: {7041AF54-0A77-4A29-B9B3-88D46DDB7BD7} - System32\Tasks\Toolbox.exe_{550995AD-C84D-4EC8-9658-2D20C9FC255C} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [4927520 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {70525F55-3AFE-4A05-996F-617D811CA894} - System32\Tasks\HPCustPartic.exe_{1DD0AFCE-956D-41BD-96BD-B2C4DAC8886D} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {7B17F73A-3829-4AE4-9E74-DB32F0E6C300} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7DE338D3-50D9-4C56-BBF3-45C413C00C95} - System32\Tasks\CCleanerSkipUAC => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {90CD63B1-432C-46C7-A7CE-8957789242D7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {9407A867-D29D-4CBA-91FE-7522ECBD3B0F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A4144A8C-7435-4976-8484-A28452902EAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF0712DF-0652-4D60-8E8C-D3D56944BC2B} - System32\Tasks\CCleaner Update => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCUpdate.exe [684976 2021-08-27] (Piriform Software Ltd -> Piriform)
Task: {B51F1A1D-E3FA-4F57-8BD2-A6F39E5A50FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5E80E2F-FC18-4B8E-97E9-84F235DA451E} - \Optimize Start Menu Cache Files-S-1-5-21-2611346374-1473099505-1922980101-1002 -> Pas de fichier <==== ATTENTION
Task: {B998AE27-90D4-4C20-8BDB-267D879174F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB602445-2454-4D6F-935B-FAB890D39908} - System32\Tasks\CCleanerSkipUAC - Aline => C:\Users\Aline\Downloads\Logiciels installés\Ccleaner\CCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C22039CB-876A-4589-816A-7DA7AE6E0366} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {C2AA78EA-F99B-4D25-BF30-CD75F6CB63D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C60F9A58-B22A-41F6-97C6-493C5B866FF3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {C7E7EEF7-2627-497F-96C3-F45E3435FB3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {C8D6D845-E377-408C-ADAB-722C065741D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {C9B33B0D-CE63-4853-AD99-CEC9736F4E6F} - System32\Tasks\HP AR Program Upload - cd2275c2134a466cac407467082812d91ef3faedb64548478f99b1edaaa8f0a3 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3492896 2013-08-13] (Hewlett Packard -> TODO:
Task: {CB5A786A-88C2-4C08-A170-9055E6488082} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {CBF36A0B-44C9-4A33-AE1C-0D6A8EF26832} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE8F2FFB-1E4D-4E9E-B3AF-47DFC855EF9C} - \HP AR Program Upload - 7fb35d37a88f4e97abaeb4a0e053675b0e4f77fc451641f08866c6db08aa06c3 -> Pas de fichier <==== ATTENTION
Task: {CFD2FE49-9798-4E55-B754-2B94E5242514} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {D09CBB14-86BD-4053-B782-72E91D414C6A} - System32\Tasks\Toolbox.exe_{FF5C03F4-094B-46E0-A4E3-1F603C6FA938} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\Toolbox.exe [4927520 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {DE7847E1-C30F-46AA-AA6E-227F32E4E439} - System32\Tasks\HPCustPartic.exe_{F41C7647-8049-4ED8-95A0-B71FCE9DA748} => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {E48E18BB-0969-4337-9691-37FDBC8811B3} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\SymErr.exe
Task: {F9C0741B-318A-4410-89CA-3839A8284D89} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [5314192 2012-10-23] (Acer Incorporated -> Acer Incorporated)
Task: {FC6D5AF0-1427-49B6-9207-8559FE54D3C8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03a2e9c6-b7e1-4b0d-bc6e-da7865e9adfe}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4a5fa4cf-a625-4cbc-b277-2457f8e8dae4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5572cbf5-824c-4c95-9c98-043bc4eac832}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Aline\Downloads
Edge Notifications: HKU\S-1-5-21-2611346374-1473099505-1922980101-1002 -> hxxps//app.napster.com; hxxps//forum.frandroid.com; hxxp//forum.frandroid.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-19]
Edge StartupUrls: Default -> "hxxps//www.google.fr/?gws_rd=ssl"
Edge DefaultSearchURL: Default -> hxxps//www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge Profile: C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-11]
Edge Extension: (Kaspersky Protection) - C:\Users\Aline\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-07-06]
FireFox:
========
FF ProfilePath: C:\Users\Aline\AppData\Roaming\Mozilla\Firefox\Profiles\zj5db92d.default-1466595809340 [2021-09-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-08-31] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-08-31] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Users\Aline\Downloads\Logiciels installés\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Users\Aline\Downloads\Logiciels installés\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Users\Aline\Downloads\Logiciels installés\VLC Media player\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-11]
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-10-08]
CHR Notifications: Profile 1 -> hxxps//forums.commentcamarche.net
CHR DefaultSearchURL: Profile 1 -> hxxps//q.eadblock.com/?vnd=1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> q.eadblock.com
CHR Extension: (Slides) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-08]
CHR Extension: (Docs) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-08]
CHR Extension: (Google Drive) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-14]
CHR Extension: (Kaspersky Protection 20.0) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2021-02-08]
CHR Extension: (Le Coin Raccourcis) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcgbaafeapbpomhdamfedlllpddjlaao [2020-08-19]
CHR Extension: (Sheets) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-05]
CHR Extension: (EAB) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hojhhmecfdlobchoejlbonoabacfnaap [2020-09-27]
CHR Extension: (Skype) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Aline\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-20]
CHR Profile: C:\Users\Aline\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-11]
CHR HKLM\...\Chrome\Extension: [eblihieomkjeiobglmnbmidkajdcfkpa] -
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [eblihieomkjeiobglmnbmidkajdcfkpa] -
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] -
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated -> Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated -> Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2457232 2012-07-24] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-04-03] (Dritek System Inc. -> Dritek System INC.)
S2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo Corporation -> PacketVideo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Qualcomm Atheros -> Atheros) [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation -> Symantec Corporation)
R3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBthAudioHF; C:\WINDOWS\System32\drivers\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-04-03] (Dritek System Inc. -> Dritek System Inc.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-19] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbd1a11db; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BB792B2-F391-4A51-851D-2B6ED160F8A5}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-19 10:49 - 2021-10-19 11:05 - 000039637 _____ C:\Users\Aline\Desktop\FRST.txt
2021-10-19 10:48 - 2021-10-19 10:48 - 000000000 ___HD C:\$WinREAgent
2021-10-19 10:48 - 2021-10-19 10:48 - 000000000 ____D C:\Users\Aline\Desktop\FRST-OlderVersion
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-19 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-19 10:59 - 2017-08-29 16:14 - 000000000 ____D C:\FRST
2021-10-19 10:59 - 2015-08-26 03:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-19 10:58 - 2018-06-09 07:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-19 10:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-19 10:48 - 2021-09-16 10:26 - 002310656 _____ (Farbar) C:\Users\Aline\Desktop\FRST64.exe
2021-10-19 10:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-19 10:42 - 2017-06-09 13:52 - 000000000 ____D C:\Users\Aline\AppData\LocalLow\Mozilla
2021-10-19 10:33 - 2020-12-27 15:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-19 10:33 - 2016-09-14 16:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-19 10:32 - 2020-12-27 13:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-19 09:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-19 09:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-19 09:40 - 2020-12-27 13:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-19 09:25 - 2021-01-13 10:58 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dc49ff7a2789
2021-10-19 09:25 - 2020-12-27 15:35 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-19 09:16 - 2020-12-27 14:00 - 000000000 ____D C:\Users\UpdatusUser
2021-10-19 09:14 - 2015-06-19 14:11 - 000000000 ____D C:\ProgramData\Serveur Média
2021-10-19 08:53 - 2015-06-19 14:11 - 000000000 ____D C:\Program Files (x86)\Serveur Media
2021-10-19 07:54 - 2020-12-27 15:35 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-19 07:53 - 2020-12-27 15:35 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-08 18:27 - 2015-08-09 14:24 - 000000000 ____D C:\Users\Aline\Documents\Administratifs
2021-10-08 18:10 - 2013-08-17 07:23 - 000000000 ____D C:\Users\Aline\Downloads\Logiciels installés
==================== Fichiers à la racine de certains dossiers ========
2016-12-09 10:39 - 2016-12-09 10:39 - 000000294 _____ () C:\ProgramData\SMRResults501.dat
2017-10-15 12:41 - 2017-10-15 12:41 - 000000706 _____ () C:\Program Files (x86)\LMIR0002.tmp.bat
2017-10-15 12:41 - 2017-10-15 12:41 - 000000514 _____ () C:\Program Files (x86)\LMIR0002.tmp_r.bat
2021-09-08 17:57 - 2021-09-16 17:50 - 000010240 _____ () C:\Users\Aline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-28 11:58 - 2018-08-14 17:00 - 000007597 _____ () C:\Users\Aline\AppData\Local\Resmon.ResmonCfg
2017-06-21 02:47 - 2017-06-21 02:48 - 000000000 _____ () C:\Users\Aline\AppData\Local\{1A13859F-2EAF-4ED2-BAD7-5CF7392DDA4D}
2017-06-21 02:45 - 2017-06-21 02:48 - 000000000 _____ () C:\Users\Aline\AppData\Local\{1DA31DA8-E1FF-4EEA-B3D6-91663D41601A}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================