Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022
Exécuté par Ce (administrateur) sur HOME (FUJITSU LIFEBOOK A514) (25-07-2022 13:51:03)
Exécuté depuis C:\Users\Ce\Desktop
Profils chargés: Ce
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé] C:\Users\Ce\AppData\Roaming\uTorrent\updates\3.5.5_46200\utorrentie.exe <2>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé] C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(explorer.exe ->) (Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <6>
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (DTS, Inc. -> DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE
(svchost.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(taskeng.exe ->) (LionSea Software co., ltd -> LionSea) C:\Program Files (x86)\DriverTuner\DriverTuner.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [651672 2012-07-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-10-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [ut] => C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe [1946664 2022-02-12] (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé]
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-11-05] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [AvastBrowserAutoLaunch_5FFE9FD157B585E8963000ACD5BF1B5D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-24] (Adobe Inc. -> Adobe)
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1654272 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-25] (Google LLC -> Google LLC) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\103.0.17593.114\Installer\chrmstp.exe [2022-07-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0FA0B7BF-B98E-488E-81FF-FE3B5549CC73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-28] (Google Inc -> Google Inc.)
Task: {1181DE4D-9D28-4637-A741-C3CDC1D472E1} - System32\Tasks\DriverTuner Scan Daily => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [10632504 2014-06-03] (LionSea Software co., ltd -> LionSea)
Task: {37A87DB7-EB8B-4645-AC0A-E1B848BDE9BB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {403E1DA0-9F14-48E0-AD20-3CB6193CA9BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-06-15] (Avast Software s.r.o. -> Avast Software) [Fichier non signé]
Task: {43D24D45-509A-4681-9F0E-3C293DEBC649} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-28] (Google Inc -> Google Inc.)
Task: {515CD69E-F15B-4B96-80A0-312D64784AE7} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [10632504 2014-06-03] (LionSea Software co., ltd -> LionSea)
Task: {7B9A1373-F3C1-4B3A-BBE5-1BCA19CCF452} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-10-22] (Avast Software s.r.o. -> AVAST Software)
Task: {80159924-BD0C-4B23-9A22-B8471A86D447} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-24] (Adobe Inc. -> Adobe)
Task: {9083674D-8AC5-421D-8DC1-A4D55C1E70FA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {93B6F393-0A62-443F-B111-E999CDD563B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {95E13FB3-BBF8-48D9-80A8-C782D5637628} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-10-22] (Avast Software s.r.o. -> AVAST Software)
Task: {9F828E5B-3251-41BA-83DD-C736AF6C8AE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-24] (Adobe Inc. -> Adobe)
Task: {A705A871-A09D-4F18-B396-EB155362F81A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-10-19] (Avast Software s.r.o. -> AVAST Software)
Task: {D01D07F5-4BD6-44D2-9472-DD0B92976F89} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1775752 2013-08-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB1C5996-1D3A-4C7C-B2B9-AA78730AD449}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE85FB55-322F-4D50-8153-B34259C5D9A6}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF DefaultProfile: oh6avtka.default
FF ProfilePath: C:\Users\Ce\AppData\Roaming\Mozilla\Firefox\Profiles\oh6avtka.default [2022-05-19]
FF Homepage: Mozilla\Firefox\Profiles\oh6avtka.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\oh6avtka.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF SearchPlugin: C:\Users\Ce\AppData\Roaming\Mozilla\Firefox\Profiles\oh6avtka.default\searchplugins\Poshukach Engin Search.xml [2022-03-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-24] (Adobe Inc. -> )
FF Plugin-x32: @2-update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-10-22] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @2-update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-10-22] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-24] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default [2022-07-25]
CHR Notifications: Default -> hxxps://uo0p.exttranews.com; hxxps://www.facebook.com
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-25]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-19]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-18]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
OPR Profile: C:\Users\Ce\AppData\Roaming\Opera Software\Opera Stable [2019-03-02]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
Exécuté par Ce (administrateur) sur HOME (FUJITSU LIFEBOOK A514) (25-07-2022 13:51:03)
Exécuté depuis C:\Users\Ce\Desktop
Profils chargés: Ce
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé] C:\Users\Ce\AppData\Roaming\uTorrent\updates\3.5.5_46200\utorrentie.exe <2>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé] C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(explorer.exe ->) (Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <6>
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) [Fichier non signé] C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (DTS, Inc. -> DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(services.exe ->) (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE
(svchost.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(taskeng.exe ->) (LionSea Software co., ltd -> LionSea) C:\Program Files (x86)\DriverTuner\DriverTuner.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [651672 2012-07-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-10-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [ut] => C:\Users\Ce\AppData\Roaming\uTorrent\uTorrent.exe [1946664 2022-02-12] (BitTorrent Inc -> BitTorrent Inc.) [Fichier non signé]
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-11-05] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\Run: [AvastBrowserAutoLaunch_5FFE9FD157B585E8963000ACD5BF1B5D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-295743178-2452536569-1870759416-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-24] (Adobe Inc. -> Adobe)
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\Windows\system32\CNAP3SMD.DLL [1654272 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-25] (Google LLC -> Google LLC) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\103.0.17593.114\Installer\chrmstp.exe [2022-07-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0FA0B7BF-B98E-488E-81FF-FE3B5549CC73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-28] (Google Inc -> Google Inc.)
Task: {1181DE4D-9D28-4637-A741-C3CDC1D472E1} - System32\Tasks\DriverTuner Scan Daily => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [10632504 2014-06-03] (LionSea Software co., ltd -> LionSea)
Task: {37A87DB7-EB8B-4645-AC0A-E1B848BDE9BB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {403E1DA0-9F14-48E0-AD20-3CB6193CA9BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-06-15] (Avast Software s.r.o. -> Avast Software) [Fichier non signé]
Task: {43D24D45-509A-4681-9F0E-3C293DEBC649} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-28] (Google Inc -> Google Inc.)
Task: {515CD69E-F15B-4B96-80A0-312D64784AE7} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [10632504 2014-06-03] (LionSea Software co., ltd -> LionSea)
Task: {7B9A1373-F3C1-4B3A-BBE5-1BCA19CCF452} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-10-22] (Avast Software s.r.o. -> AVAST Software)
Task: {80159924-BD0C-4B23-9A22-B8471A86D447} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-24] (Adobe Inc. -> Adobe)
Task: {9083674D-8AC5-421D-8DC1-A4D55C1E70FA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2793640 2022-07-05] (Avast Software s.r.o. -> AVAST Software)
Task: {93B6F393-0A62-443F-B111-E999CDD563B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {95E13FB3-BBF8-48D9-80A8-C782D5637628} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-10-22] (Avast Software s.r.o. -> AVAST Software)
Task: {9F828E5B-3251-41BA-83DD-C736AF6C8AE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-24] (Adobe Inc. -> Adobe)
Task: {A705A871-A09D-4F18-B396-EB155362F81A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-10-19] (Avast Software s.r.o. -> AVAST Software)
Task: {D01D07F5-4BD6-44D2-9472-DD0B92976F89} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1775752 2013-08-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB1C5996-1D3A-4C7C-B2B9-AA78730AD449}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE85FB55-322F-4D50-8153-B34259C5D9A6}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF DefaultProfile: oh6avtka.default
FF ProfilePath: C:\Users\Ce\AppData\Roaming\Mozilla\Firefox\Profiles\oh6avtka.default [2022-05-19]
FF Homepage: Mozilla\Firefox\Profiles\oh6avtka.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\oh6avtka.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF SearchPlugin: C:\Users\Ce\AppData\Roaming\Mozilla\Firefox\Profiles\oh6avtka.default\searchplugins\Poshukach Engin Search.xml [2022-03-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-24] (Adobe Inc. -> )
FF Plugin-x32: @2-update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-10-22] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @2-update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-10-22] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-24] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default [2022-07-25]
CHR Notifications: Default -> hxxps://uo0p.exttranews.com; hxxps://www.facebook.com
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-25]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-19]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-18]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
Opera:
=======
OPR Profile: C:\Users\Ce\AppData\Roaming\Opera Software\Opera Stable [2019-03-02]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}