cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2024
Exécuté par Pierre (administrateur) sur USER-PC (Medion Akoya S6214T) (19-02-2024 14:40:53)
Exécuté depuis F:\PIERROT\FRST64.exe
Profils chargés: Pierre
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Allemand (Allemagne) -> Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe ->) () [Fichier non signé] C:\Program Files (x86)\PHotkey\PHotkey.exe
(C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe ->) (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe ->) (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(C:\Program Files (x86)\PHotkey\PHotkey.exe ->) () [Fichier non signé] C:\Program Files (x86)\PHotkey\GPMTray.exe
(C:\Program Files (x86)\PHotkey\PHotkey.exe ->) () [Fichier non signé] C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(C:\Program Files (x86)\PHotkey\PHotkey.exe ->) () [Fichier non signé] C:\Program Files (x86)\PHotkey\POsd.exe
(C:\Program Files (x86)\PHotkey\PHotkey.exe ->) (PEGATRON CORPORATION -> ) C:\Program Files (x86)\PHotkey\Atouch64.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Users\User\Downloads\Album_OneNight_Stands (1)\[IMG_4281] One_Night_Stands - In_Yeong-Cheol-Rhee_Studio - By_Gyeong-Hui-Gang_Photographer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(explorer.exe ->) (Conners Systems Limited -> johnsadventures.com) C:\Users\User\Downloads\Album_OneNight_Stands (1)\[IMG_4281] One_Night_Stands - In_Yeong-Cheol-Rhee_Studio - By_Gyeong-Hui-Gang_Photographer.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [417176 2023-12-22] (Avast Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [Fichier non signé]
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\Run: [BackgroundSwitcher] => C:\Users\User\Downloads\Album_OneNight_Stands (1)\[IMG_4281] One_Night_Stands - In_Yeong-Cheol-Rhee_Studio - By_Gyeong-Hui-Gang_Photographer.exe [131272 2023-10-28] (Conners Systems Limited -> johnsadventures.com)
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6669856 2024-01-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-872773824-1046825854-2175925014-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Google\Chrome\Application\chrome.exe --app-id=kippjfofjhjlffjecoapiogbkgbpmgej --disable-nacl --origin-trial-disabled-features=WebGPU --profile-directory=Default --source-shortcut="C (l'élément de données a 136 caractères en plus). [2754848 2024-02-13] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {02712C33-8513-4502-A75E-FD4CAC5815C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0F275CE2-5817-4F5A-859E-C565194C1125} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {15FE3436-AE40-4617-B946-6093AD70A9F7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {26AFEB8F-FC9E-48C8-9A05-9DA162D7A83B} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Pas de fichier <==== ATTENTION
Task: {32AB08F8-FEB7-4A8B-8026-ACCE3F2587F3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {439D142C-93E4-4A3B-B06E-6D4F9B5A7479} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {456FA4B9-48B7-4C21-B363-A2C3F6953659} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Pas de fichier <==== ATTENTION
Task: {4684B7CA-DE8E-4186-8F88-32244B31312E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {5DAE32AC-038F-4E45-AE86-B983A6CF4FEA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {5FE849B3-8AAF-4FFA-B44C-3C182249EC4C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {62D5BE22-8659-4D31-9ADA-D7228D53AD3E} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {8D566834-CA1E-43D0-9823-454E281EE771} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {908B1ED9-0230-4CE7-B465-63FBF1006C5B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {9ED4BAE5-8C3A-4BDC-B6EE-C71F300B26C4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {AFAFD7B2-FEDE-489A-85B9-45D97ED57A21} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {C222B1D9-1426-4E24-A248-01F451DC86C1} - \WPD\SqmUpload_S-1-5-21-872773824-1046825854-2175925014-1001 -> Pas de fichier <==== ATTENTION
Task: {E71657D3-D93D-46ED-B037-D1C9D074907B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {F07B9E0D-574F-492E-9468-9CDC6FC9068B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {FCC0CF9B-73E3-4DA4-AC86-99B7CA768A9A} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Pas de fichier <==== ATTENTION
Task: {D2A27326-49E4-4043-8BD4-66671522B267} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5154200 2024-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {35425CC0-5FDC-4696-BDCC-6019D79F16EC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {801DFFBD-EA58-4716-8A10-B30E95E0C698} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {2218B447-ED02-4B13-81F1-3291F674E370} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3044313C-7192-48A8-A5A1-616EB16DA890} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "87117e01-ba75-4bbb-be8c-938efe088fe4" --version "6.21.10918" --silent
Task: {1D0ED88D-7DB4-4017-9F89-A410CFF8B6AF} - System32\Tasks\CCleanerSkipUAC - Pierre => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {57E69D00-4563-4990-B292-B4B27F9CF994} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {CD243609-72BF-46D3-888C-E1040C510F3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-20] (Google Inc -> Google Inc.)
Task: {4B794819-275E-4867-9CBB-09218093E214} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-05-20] (Google Inc -> Google Inc.)
Task: {4954CC36-222B-41F7-9183-479B0DD893E7} - System32\Tasks\Lenovo\sysrun-14492 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-14492.cmd -> <==== ATTENTION
Task: {6EFE1CBC-D85A-45AA-B3B9-D54C8390AC44} - System32\Tasks\Lenovo\sysrun-15256 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-15256.cmd -> <==== ATTENTION
Task: {7DE691AD-7C7C-46C5-9E1D-A6164ECA5C5D} - System32\Tasks\Lenovo\sysrun-24769 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-24769.cmd -> <==== ATTENTION
Task: {01D9FC2B-65FA-47A9-9151-BB3A4CDF1ED2} - System32\Tasks\Lenovo\sysrun-29800 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-29800.cmd -> <==== ATTENTION
Task: {3D7B835B-4EC1-4DF3-A03A-19D80748F5BB} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-872773824-1046825854-2175925014-1001 => MessengerHelper.exe --lassie (Pas de fichier)
Task: {E683522C-9CE9-4C48-99D0-0CDE74A1569C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {9841BD49-BB54-46EF-88E2-07EB9A22B349} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2fa84b47-efbd-4c46-a8f0-9db74e906e36}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2fa84b47-efbd-4c46-a8f0-9db74e906e36}: [DhcpDomain] home
Tcpip\..\Interfaces\{37a4ea07-0eba-4318-9021-0533fd1ade75}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37a4ea07-0eba-4318-9021-0533fd1ade75}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-14]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge HomePage: Default -> hxxps://www.facebook.com/
Edge StartupUrls: Default -> "hxxp://www.q-oole.com/"
Edge Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-28]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\58pitlre.default [2024-02-19]
FF Homepage: Mozilla\Firefox\Profiles\58pitlre.default -> hxxp://www.q-oole.com/
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2024-02-19]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.q-oole.com/
CHR StartupUrls: Default -> "hxxp://www.q-oole.com/"
CHR DefaultSearchURL: Default -> hxxp://www.q-oole.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> recherche
CHR Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-22]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-14]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKU\S-1-5-21-872773824-1046825854-2175925014-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9065880 2023-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [753048 2023-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2335128 2024-02-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1157528 2023-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-11-28] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2014-03-04] () [Fichier non signé]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20536 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230456 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [380360 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292816 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84424 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28616 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [263632 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548296 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [934968 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [692280 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213296 2023-12-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306232 2024-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455968 2022-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-19 14:37 - 2024-02-19 14:41 - 000000000 ____D C:\FRST
2024-02-17 14:19 - 2024-02-17 14:18 - 000313752 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2024-02-14 15:44 - 2024-02-14 15:44 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 15:42 - 2024-02-14 15:42 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 14:40 - 2024-02-14 14:40 - 000000000 ___HD C:\$WinREAgent

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-19 14:39 - 2021-12-16 19:15 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-19 14:39 - 2016-05-20 14:45 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-19 14:32 - 2021-02-22 17:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-19 14:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-19 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-19 06:58 - 2022-11-28 11:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2024-02-17 19:15 - 2020-06-11 18:00 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 19:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-17 14:19 - 2022-11-28 11:21 - 000306232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-02-17 14:19 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-02-17 14:18 - 2022-11-28 11:21 - 000934968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000692280 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000548296 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000380360 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000292816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000263632 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000230456 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000084424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000028616 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000027760 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswElam.sys
2024-02-17 14:18 - 2022-11-28 11:21 - 000020536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-02-17 14:16 - 2022-10-29 08:39 - 000000000 ____D C:\Program Files\CCleaner
2024-02-17 14:14 - 2016-12-24 15:51 - 000000000 ____D C:\ProgramData\AVAST Software
2024-02-17 14:13 - 2022-10-29 08:40 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-17 14:13 - 2021-02-22 17:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-17 14:13 - 2021-02-22 17:10 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-17 14:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-17 14:12 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-02-17 14:09 - 2022-10-29 08:40 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-17 14:09 - 2022-10-29 08:40 - 000002952 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-17 14:09 - 2022-10-29 08:40 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Pierre
2024-02-17 14:09 - 2021-02-22 17:54 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-17 14:09 - 2021-02-22 17:54 - 000003526 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-02-17 14:09 - 2021-02-22 17:54 - 000003394 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-17 14:09 - 2021-02-22 17:54 - 000003302 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-02-17 14:09 - 2021-02-22 17:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-02-16 10:50 - 2021-02-22 17:30 - 002653100 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-16 10:50 - 2021-02-22 15:54 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-16 10:50 - 2021-02-22 15:54 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-16 10:50 - 2019-12-07 15:50 - 000732488 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-16 10:50 - 2019-12-07 15:50 - 000149888 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-16 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-16 10:46 - 2021-02-22 17:11 - 000277176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-16 10:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-16 10:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 15:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 15:42 - 2021-02-22 17:15 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 14:32 - 2018-05-15 06:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 14:20 - 2018-05-15 06:42 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-28 16:00 - 2023-10-28 12:56 - 000000000 ____D C:\Users\User\AppData\Local\LathimPunda

==================== Fichiers à la racine de certains dossiers ========

2019-09-11 17:53 - 2019-09-11 17:53 - 000003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité