Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Exécuté par Michèle Duran (administrateur) sur LAPTOP-2GVKR0UR (Acer Swift SF314-56) (13-05-2024 20:48:12)
Exécuté depuis C:\Users\Michèle Duran\Downloads\FRST64.exe
Profils chargés: Michèle Duran
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3447 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <38>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17425.20176.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-06-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076000 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [MicrosoftEdgeAutoLaunch_0523109F2166676850C36E401184126D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [AvastBrowserAutoLaunch_955A965C4AB03376433E50ADB290E8B3] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michèle Duran\AppData\Local\Microsoft\Teams\Update.exe [2591552 2024-01-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.201\Installer\chrmstp.exe [2024-05-10] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\Installer\chrmstp.exe [2024-04-29] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {AEF608EC-095D-4BD9-AC81-1B477BADC8A8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920240 2018-08-13] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {8D17039A-D5AE-4CC4-9A53-33DEA53E33E2} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2018-08-13] (Acer Incorporated -> )
Task: {52D15F36-F4E0-4CDB-894A-3F5F00B81E16} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4761392 2018-08-13] (Acer Incorporated -> )
Task: {948FD4B5-6D6E-4755-89F5-309C915E1E52} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {8230154B-BE95-44D5-B6DA-19591F99B23F} - System32\Tasks\App Explorer => C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {C9F6A4B1-7499-4CA8-B0F2-71B89EAC8D9E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F1013AE-C67A-4A76-8EB7-FCE3BEFC6DBF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {141C656A-E3F9-4476-91D1-AC9262276189} - System32\Tasks\AvastBrowserProtectS-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-04-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3D3A4C13-DE97-4C4E-A8EA-BC216FA71D36} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {CBFC7D8F-35FB-41D7-821C-6BBEB2ABCEF3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {69B19CAD-95C4-44A2-91AA-80285310F791} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {1B7740D2-5181-44D5-AD97-4EEDF69CA1F4} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {1559D921-D4E8-4F6F-AABB-1469800078B2} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775072 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {EE71B5F9-2A8D-4F1E-ADBB-41E0103D5BE4} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5142FFA2-B8FF-44E2-AE5E-5BBC4641F6F5} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36867824 2024-05-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {22BE8CF2-9B1A-43AE-91D1-7D32DD0864C0} - System32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3C4C3AC7-3128-43D4-A50C-95DBE9889FE5} - System32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A098069D-7A79-417F-AAB4-5D88F06B2905} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{898160B6-4085-4ABA-84B4-158E46963B70} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {2FBEA9FE-ECA5-44D8-A42D-9F7BF8AABF32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Pas de fichier)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (Pas de fichier)
Task: {B250736F-C234-465C-BA70-1FE1EDCC204F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Pas de fichier)
Task: {E02490AF-670D-48FA-8C48-1F7BF4D78132} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Pas de fichier)
Task: {DAFBD147-7FE6-44EC-BD53-89354032A7FE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {AE2DEB99-4725-4D47-B9AB-7D6B87B5817C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677792 2024-05-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {A65BBF0E-37CB-4D0D-B380-5B2886DE9A47} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {AF9034D3-D1F3-4511-AA4C-0E3D229D4420} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {924530AD-B4F4-41F1-AC6C-93815E72B0C1} - System32\Tasks\Quick Access Wi-Fi Power Switch => C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe [211616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {726669D3-261B-4163-88F1-CFFC7D33E0EA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {BB2FDFB0-CE48-4683-80AB-7339450F0783} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268080 2018-06-28] (Acer Incorporated -> Acer Incorporated)
Task: {E01ED4EF-063B-4379-AE92-D7804D7020AE} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211120 2018-06-28] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 194.230.55.105 212.98.37.137
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpNameServer] 194.230.55.105 212.98.37.137
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpDomain] v.cablecom.net
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpDomain] home
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\960586F6E65602465602D496368656C656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{6557a295-a043-4511-a899-1adcfbbaa4c7}: [DhcpNameServer] 172.19.128.24
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13]
Edge Notifications: Default -> hxxps://mail.proton.me
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-04]
Edge Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge Extension: (Urban VPN Proxy) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nimlmejbmnecnaghgmbahmbaddhjbecg [2024-04-22]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 3u0be3e5.default
FF ProfilePath: C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default [2024-05-11]
FF Homepage: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.google.ch/?hl=fr
FF Notifications: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF Extension: (Amazon Assistant) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\abb-acer@amazon.com.xpi [2021-10-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Language: Français (French)) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-10-19]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default [2024-04-08]
CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=B441"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=P244DF&PC=P244&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-12-16]
CHR Extension: (Avira Safe Shopping) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-12-16]
CHR Extension: (Protection Web Avira) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-12-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [301872 2018-08-13] (Acer Incorporated -> Acer Incorporated)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\elevation_service.exe [1746984 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265544 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295752 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-08] (HP Inc. -> HP Inc.)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [304944 2018-06-28] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1685312 2023-02-09] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-08-25] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-02-23] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-02-23] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [114992 2023-08-18] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-13 20:48 - 2024-05-13 20:49 - 000027490 _____ C:\Users\Michèle Duran\Downloads\FRST.txt
2024-05-13 20:47 - 2024-05-13 20:48 - 000000000 ____D C:\FRST
2024-05-13 20:45 - 2024-05-13 20:45 - 002394112 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST64.exe
2024-05-11 19:09 - 2024-05-11 19:09 - 002092544 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST.exe
2024-05-11 17:01 - 2024-05-11 17:01 - 000448512 _____ (OldTimer Tools) C:\Users\Michèle Duran\Downloads\TFC.exe
2024-05-11 16:37 - 2024-05-11 16:37 - 002589624 _____ (Malwarebytes) C:\Users\Michèle Duran\Downloads\MBSetup.exe
2024-05-11 16:36 - 2024-05-11 16:36 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000749084 _____ C:\WINDOWS\system32\perfh007.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000157266 _____ C:\WINDOWS\system32\perfc007.dat
2024-05-11 16:18 - 2024-05-11 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-05-11 16:16 - 2024-05-11 16:16 - 000003792 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2024-05-08 19:59 - 2024-05-08 19:59 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-05-08 19:59 - 2024-05-08 19:59 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-05-08 19:59 - 2024-05-08 19:59 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-05-05 09:30 - 2024-05-05 09:30 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (43).pdf
2024-05-03 17:06 - 2024-05-03 17:06 - 000021459 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel (1).pdf
2024-05-03 17:00 - 2024-05-03 17:00 - 000022189 _____ C:\Users\Michèle Duran\Downloads\2024-05-02_00-00-00-100006836507-83100093280029-Avis detaille.pdf
2024-05-03 16:45 - 2024-05-03 16:45 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\INetHistory
2024-05-01 10:34 - 2024-05-01 10:34 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (42).pdf
2024-05-01 09:48 - 2024-05-01 09:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 14:57 - 2024-04-29 14:57 - 000117079 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 29.04.2024.pdf
2024-04-25 14:21 - 2024-04-25 14:21 - 000021454 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel.pdf
2024-04-23 19:08 - 2024-04-23 19:08 - 000116926 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 23.04.2024.pdf
2024-04-19 18:53 - 2024-04-19 18:53 - 000051271 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (41).pdf
2024-04-18 11:16 - 2024-04-18 11:16 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (3).pdf
2024-04-18 11:09 - 2024-04-18 11:09 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (2).pdf
2024-04-18 10:49 - 2024-04-18 10:49 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (1).pdf
2024-04-14 09:45 - 2024-04-14 09:45 - 000021577 _____ C:\Users\Michèle Duran\Downloads\2024-04-12_00-00-00-100006836507-82927126793863-Avis individuel.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-13 20:47 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-05-13 20:47 - 2019-10-30 05:38 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Host App Service
2024-05-13 20:45 - 2020-08-02 10:12 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-13 20:44 - 2019-10-30 05:39 - 000000000 __SHD C:\Users\Michèle Duran\IntelGraphicsProfiles
2024-05-11 23:17 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-11 19:22 - 2023-02-23 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-11 16:57 - 2023-08-04 14:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-05-11 16:57 - 2023-05-02 19:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-11 16:57 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-11 16:57 - 2019-02-20 16:28 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-11 16:57 - 2019-02-20 16:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-11 16:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-11 16:36 - 2023-02-23 07:48 - 002709388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-11 16:35 - 2021-09-05 13:10 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\D3DSCache
2024-05-11 16:31 - 2023-08-31 14:56 - 004142016 _____ C:\WINDOWS\system32\rtp.db
2024-05-11 16:31 - 2023-02-23 00:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-11 16:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-11 16:31 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-05-11 16:31 - 2020-10-03 22:25 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-11 16:31 - 2019-02-20 16:29 - 000000000 ____D C:\ProgramData\Norton
2024-05-11 16:26 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-05-11 16:26 - 2019-10-30 05:39 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Packages
2024-05-11 16:26 - 2019-10-29 13:49 - 000000000 ____D C:\ProgramData\Packages
2024-05-11 16:21 - 2023-10-19 09:55 - 000000714 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job
2024-05-11 16:21 - 2023-10-19 09:55 - 000000618 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job
2024-05-11 16:21 - 2022-06-23 11:44 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Avast Software
2024-05-11 16:21 - 2022-06-23 11:42 - 000000000 ____D C:\ProgramData\Avast Software
2024-05-11 16:18 - 2022-01-16 13:27 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Norton
2024-05-11 16:16 - 2023-08-31 14:55 - 000000000 ____D C:\Users\Public\Speedup Sessions
2024-05-10 16:09 - 2023-08-31 14:57 - 000000000 ____D C:\Users\Public\Security Sessions
2024-05-08 20:10 - 2023-02-23 00:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-05-08 20:10 - 2022-11-26 15:30 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-08 19:59 - 2023-08-31 14:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-05-08 19:59 - 2023-08-31 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-05-08 17:10 - 2023-10-19 09:55 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\GoToMeeting
2024-05-08 07:32 - 2023-02-23 00:35 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-08 07:32 - 2023-02-23 00:35 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-01 09:50 - 2023-05-10 12:47 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-29 14:17 - 2023-02-19 21:20 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-04-27 09:10 - 2023-02-23 00:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-27 09:10 - 2023-02-23 00:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-27 09:10 - 2020-10-03 21:17 - 000002449 _____ C:\Users\Michèle Duran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-26 12:51 - 2023-08-31 14:55 - 000003704 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys
2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys
2024-04-26 12:43 - 2023-08-31 14:56 - 000028768 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys
2024-04-14 09:46 - 2023-10-19 09:55 - 000003900 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-14 09:46 - 2023-10-19 09:55 - 000003804 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-13 09:48 - 2019-10-29 14:27 - 000000000 ____D C:\Program Files\Common Files\AV
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Michèle Duran (administrateur) sur LAPTOP-2GVKR0UR (Acer Swift SF314-56) (13-05-2024 20:48:12)
Exécuté depuis C:\Users\Michèle Duran\Downloads\FRST64.exe
Profils chargés: Michèle Duran
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3447 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <38>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.17425.20176.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-06-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076000 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [MicrosoftEdgeAutoLaunch_0523109F2166676850C36E401184126D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [AvastBrowserAutoLaunch_955A965C4AB03376433E50ADB290E8B3] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Michèle Duran\AppData\Local\Microsoft\Teams\Update.exe [2591552 2024-01-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1856590176-1829221832-1514329112-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.201\Installer\chrmstp.exe [2024-05-10] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\Installer\chrmstp.exe [2024-04-29] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {AEF608EC-095D-4BD9-AC81-1B477BADC8A8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920240 2018-08-13] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {8D17039A-D5AE-4CC4-9A53-33DEA53E33E2} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2018-08-13] (Acer Incorporated -> )
Task: {52D15F36-F4E0-4CDB-894A-3F5F00B81E16} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4761392 2018-08-13] (Acer Incorporated -> )
Task: {948FD4B5-6D6E-4755-89F5-309C915E1E52} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {8230154B-BE95-44D5-B6DA-19591F99B23F} - System32\Tasks\App Explorer => C:\Users\Michèle Duran\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {C9F6A4B1-7499-4CA8-B0F2-71B89EAC8D9E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7F1013AE-C67A-4A76-8EB7-FCE3BEFC6DBF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3142616 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {141C656A-E3F9-4476-91D1-AC9262276189} - System32\Tasks\AvastBrowserProtectS-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1690008 2024-04-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {3D3A4C13-DE97-4C4E-A8EA-BC216FA71D36} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {CBFC7D8F-35FB-41D7-821C-6BBEB2ABCEF3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {69B19CAD-95C4-44A2-91AA-80285310F791} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {688F3CE7-7785-43C3-A452-0A010EFC7202} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {1B7740D2-5181-44D5-AD97-4EEDF69CA1F4} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259040 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {1559D921-D4E8-4F6F-AABB-1469800078B2} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775072 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {EE71B5F9-2A8D-4F1E-ADBB-41E0103D5BE4} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5142FFA2-B8FF-44E2-AE5E-5BBC4641F6F5} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36867824 2024-05-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {22BE8CF2-9B1A-43AE-91D1-7D32DD0864C0} - System32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3C4C3AC7-3128-43D4-A50C-95DBE9889FE5} - System32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001 => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-04-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A098069D-7A79-417F-AAB4-5D88F06B2905} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{898160B6-4085-4ABA-84B4-158E46963B70} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {2FBEA9FE-ECA5-44D8-A42D-9F7BF8AABF32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Pas de fichier)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (Pas de fichier)
Task: {B250736F-C234-465C-BA70-1FE1EDCC204F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Pas de fichier)
Task: {E02490AF-670D-48FA-8C48-1F7BF4D78132} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Pas de fichier)
Task: {DAFBD147-7FE6-44EC-BD53-89354032A7FE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {AE2DEB99-4725-4D47-B9AB-7D6B87B5817C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677792 2024-05-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {A65BBF0E-37CB-4D0D-B380-5B2886DE9A47} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {AF9034D3-D1F3-4511-AA4C-0E3D229D4420} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {924530AD-B4F4-41F1-AC6C-93815E72B0C1} - System32\Tasks\Quick Access Wi-Fi Power Switch => C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe [211616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {726669D3-261B-4163-88F1-CFFC7D33E0EA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {BB2FDFB0-CE48-4683-80AB-7339450F0783} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268080 2018-06-28] (Acer Incorporated -> Acer Incorporated)
Task: {E01ED4EF-063B-4379-AE92-D7804D7020AE} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211120 2018-06-28] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job => C:\Users\Michèle Duran\AppData\Local\GoToMeeting\19992\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 194.230.55.105 212.98.37.137
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpNameServer] 194.230.55.105 212.98.37.137
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}: [DhcpDomain] v.cablecom.net
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\568736D24383439303: [DhcpDomain] home
Tcpip\..\Interfaces\{224da9a2-70ff-4eb6-a975-86ea1699567a}\960586F6E65602465602D496368656C656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{6557a295-a043-4511-a899-1adcfbbaa4c7}: [DhcpNameServer] 172.19.128.24
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-13]
Edge Notifications: Default -> hxxps://mail.proton.me
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-04]
Edge Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge Extension: (Urban VPN Proxy) - C:\Users\Michèle Duran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nimlmejbmnecnaghgmbahmbaddhjbecg [2024-04-22]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: 3u0be3e5.default
FF ProfilePath: C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default [2024-05-11]
FF Homepage: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.google.ch/?hl=fr
FF Notifications: Mozilla\Firefox\Profiles\3u0be3e5.default -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF Extension: (Amazon Assistant) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\abb-acer@amazon.com.xpi [2021-10-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Language: Français (French)) - C:\Users\Michèle Duran\AppData\Roaming\Mozilla\Firefox\Profiles\3u0be3e5.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-10-19]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-19] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default [2024-04-08]
CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=B441"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=P244DF&PC=P244&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-12-16]
CHR Extension: (Avira Safe Shopping) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-12-16]
CHR Extension: (Protection Web Avira) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-12-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michèle Duran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [301872 2018-08-13] (Acer Incorporated -> Acer Incorporated)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\123.0.24828.123\elevation_service.exe [1746984 2024-04-24] (Avast Software s.r.o. -> Gen Digital Inc.)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3003584 2024-01-22] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265544 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [295752 2024-05-02] (Avira Operations GmbH -> Avira Operations GmbH)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11427672 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-08] (HP Inc. -> HP Inc.)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [304944 2018-06-28] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1685312 2023-02-09] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-08-25] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-02-23] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-02-23] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [114992 2023-08-18] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411064 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-23] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-13 20:48 - 2024-05-13 20:49 - 000027490 _____ C:\Users\Michèle Duran\Downloads\FRST.txt
2024-05-13 20:47 - 2024-05-13 20:48 - 000000000 ____D C:\FRST
2024-05-13 20:45 - 2024-05-13 20:45 - 002394112 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST64.exe
2024-05-11 19:09 - 2024-05-11 19:09 - 002092544 _____ (Farbar) C:\Users\Michèle Duran\Downloads\FRST.exe
2024-05-11 17:01 - 2024-05-11 17:01 - 000448512 _____ (OldTimer Tools) C:\Users\Michèle Duran\Downloads\TFC.exe
2024-05-11 16:37 - 2024-05-11 16:37 - 002589624 _____ (Malwarebytes) C:\Users\Michèle Duran\Downloads\MBSetup.exe
2024-05-11 16:36 - 2024-05-11 16:36 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000749084 _____ C:\WINDOWS\system32\perfh007.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-11 16:36 - 2024-05-11 16:36 - 000157266 _____ C:\WINDOWS\system32\perfc007.dat
2024-05-11 16:18 - 2024-05-11 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-05-11 16:16 - 2024-05-11 16:16 - 000003792 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2024-05-08 19:59 - 2024-05-08 19:59 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2024-05-08 19:59 - 2024-05-08 19:59 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2024-05-08 19:59 - 2024-05-08 19:59 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2024-05-05 09:30 - 2024-05-05 09:30 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (43).pdf
2024-05-03 17:06 - 2024-05-03 17:06 - 000021459 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel (1).pdf
2024-05-03 17:00 - 2024-05-03 17:00 - 000022189 _____ C:\Users\Michèle Duran\Downloads\2024-05-02_00-00-00-100006836507-83100093280029-Avis detaille.pdf
2024-05-03 16:45 - 2024-05-03 16:45 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\INetHistory
2024-05-01 10:34 - 2024-05-01 10:34 - 000053393 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (42).pdf
2024-05-01 09:48 - 2024-05-01 09:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 14:57 - 2024-04-29 14:57 - 000117079 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 29.04.2024.pdf
2024-04-25 14:21 - 2024-04-25 14:21 - 000021454 _____ C:\Users\Michèle Duran\Downloads\2024-04-25_00-00-00-100006836507-83040179667137-Avis individuel.pdf
2024-04-23 19:08 - 2024-04-23 19:08 - 000116926 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 23.04.2024.pdf
2024-04-19 18:53 - 2024-04-19 18:53 - 000051271 _____ C:\Users\Michèle Duran\Downloads\releve_48895 (41).pdf
2024-04-18 11:16 - 2024-04-18 11:16 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (3).pdf
2024-04-18 11:09 - 2024-04-18 11:09 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (2).pdf
2024-04-18 10:49 - 2024-04-18 10:49 - 000116679 _____ C:\Users\Michèle Duran\Downloads\Prescription OPAS 27.03.2024 (1).pdf
2024-04-14 09:45 - 2024-04-14 09:45 - 000021577 _____ C:\Users\Michèle Duran\Downloads\2024-04-12_00-00-00-100006836507-82927126793863-Avis individuel.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-13 20:47 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-05-13 20:47 - 2019-10-30 05:38 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Host App Service
2024-05-13 20:45 - 2020-08-02 10:12 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-13 20:44 - 2019-10-30 05:39 - 000000000 __SHD C:\Users\Michèle Duran\IntelGraphicsProfiles
2024-05-11 23:17 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-11 19:22 - 2023-02-23 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-11 16:57 - 2023-08-04 14:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-05-11 16:57 - 2023-05-02 19:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-11 16:57 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-11 16:57 - 2019-02-20 16:28 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-11 16:57 - 2019-02-20 16:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-11 16:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-11 16:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-11 16:36 - 2023-02-23 07:48 - 002709388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-11 16:35 - 2021-09-05 13:10 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\D3DSCache
2024-05-11 16:31 - 2023-08-31 14:56 - 004142016 _____ C:\WINDOWS\system32\rtp.db
2024-05-11 16:31 - 2023-02-23 00:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-11 16:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-11 16:31 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-05-11 16:31 - 2020-10-03 22:25 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-11 16:31 - 2019-02-20 16:29 - 000000000 ____D C:\ProgramData\Norton
2024-05-11 16:26 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-05-11 16:26 - 2019-10-30 05:39 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Packages
2024-05-11 16:26 - 2019-10-29 13:49 - 000000000 ____D C:\ProgramData\Packages
2024-05-11 16:21 - 2023-10-19 09:55 - 000000714 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job
2024-05-11 16:21 - 2023-10-19 09:55 - 000000618 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001.job
2024-05-11 16:21 - 2022-06-23 11:44 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Avast Software
2024-05-11 16:21 - 2022-06-23 11:42 - 000000000 ____D C:\ProgramData\Avast Software
2024-05-11 16:18 - 2022-01-16 13:27 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\Norton
2024-05-11 16:16 - 2023-08-31 14:55 - 000000000 ____D C:\Users\Public\Speedup Sessions
2024-05-10 16:09 - 2023-08-31 14:57 - 000000000 ____D C:\Users\Public\Security Sessions
2024-05-08 20:10 - 2023-02-23 00:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-05-08 20:10 - 2022-11-26 15:30 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-08 19:59 - 2023-08-31 14:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2024-05-08 19:59 - 2023-08-31 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2024-05-08 17:10 - 2023-10-19 09:55 - 000000000 ____D C:\Users\Michèle Duran\AppData\Local\GoToMeeting
2024-05-08 07:32 - 2023-02-23 00:35 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-08 07:32 - 2023-02-23 00:35 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-01 09:50 - 2023-05-10 12:47 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-29 14:17 - 2023-02-19 21:20 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-04-27 09:10 - 2023-02-23 00:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-27 09:10 - 2023-02-23 00:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-27 09:10 - 2020-10-03 21:17 - 000002449 _____ C:\Users\Michèle Duran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-26 12:51 - 2023-08-31 14:55 - 000003704 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys
2024-04-26 12:43 - 2024-03-12 19:19 - 000411064 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys
2024-04-26 12:43 - 2023-08-31 14:56 - 000028768 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys
2024-04-14 09:46 - 2023-10-19 09:55 - 000003900 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-14 09:46 - 2023-10-19 09:55 - 000003804 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1856590176-1829221832-1514329112-1001
2024-04-13 09:48 - 2019-10-29 14:27 - 000000000 ____D C:\Program Files\Common Files\AV
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================