Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-11-2019 Exécuté par Olivier (administrateur) sur DESKTOP-02OD6QM (MSI MS-7970) (13-11-2019 21:34:58) Exécuté depuis C:\Users\Olivier\Desktop Profils chargés: Olivier (Profils disponibles: defaultuser0 & Olivier) Platform: Windows 10 Pro Version 1903 18362.418 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc. -> Apple Inc.) D:\Utilitaires\Gravure\IPAD\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Electronic Arts, Inc. -> Electronic Arts) D:\Jeux\Origin\OriginWebHelperService.exe (Logixoft -> Logixoft) C:\Windows\System32\rvlkl.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (TEFINCOM S.A. -> ) D:\Utilitaires\Internet\NordVPN\nordvpn-service.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8919048 2016-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => D:\Utilitaires\Gravure\IPAD\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [60074328 2018-07-08] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228728 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-153319874-3285867458-1482135188-1001\...\Run: [] => [X] HKU\S-1-5-21-153319874-3285867458-1482135188-1001\...\MountPoints2: {550ed16e-7ea0-11e7-8a27-4ccc6a63675e} - "H:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-153319874-3285867458-1482135188-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4612520 2019-10-09] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk [2018-12-09] ShortcutTarget: rvlkl.lnk -> C:\Windows\System32\rvlkl.exe (Logixoft -> Logixoft) GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {04FEAF68-80D1-4EA3-82EE-16FC5B66D418} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1054555B-458E-448D-A8FD-198B8A190273} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {12CBEC6E-633D-4366-A4CD-E571D00FABBF} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {42F87A97-E39F-4CDA-9D42-052519DA93A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.) Task: {5A004FFF-8BDB-4F8F-98D9-6A351F648E81} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {836A73B4-B775-446C-A5A1-59D4EF2F2BC3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8DF4071D-2A74-49EB-B3A9-75220AF0F301} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BF825709-2B4D-4A00-A63C-EA6CDC4F4752} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-24] (Adobe Inc. -> Adobe) Task: {DBFACF74-3CCB-4DC1-B527-CAF3A4D66508} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E63DD48B-7249-41E8-BC88-F0953C4A005F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759288 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {F61BA88A-2ECC-495C-B034-5A9683CD6AEC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {FD7C652D-2B9C-4008-A68C-F735D1283724} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{32cbb3a5-8cc6-4888-b360-6d689154c220}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{97b8d469-498e-4ea9-ba57-04acd502a7d1}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{e5167da8-b93d-4d64-b2c8-fbcb032de4c9}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-153319874-3285867458-1482135188-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/ SearchScopes: HKU\S-1-5-21-153319874-3285867458-1482135188-1001 -> DefaultScope {45E2EA83-A562-4A06-AB39-3F3E9BCEF571} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-153319874-3285867458-1482135188-1001 -> {45E2EA83-A562-4A06-AB39-3F3E9BCEF571} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> D:\Utilitaires\Téléchargements\EagleGet\eagleSniffer.dll [2019-08-03] (Beijing Pu Technology Limited -> EagleGet.com) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-06-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-28] (Oracle America, Inc. -> Oracle Corporation) Edge: ====== DownloadDir: C:\Users\Olivier\Downloads Edge Session Restore: HKU\S-1-5-21-153319874-3285867458-1482135188-1001 -> est activé. FireFox: ======== FF DefaultProfile: k32oxh3b.default-1557047350574 FF ProfilePath: C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574 [2019-11-13] FF DownloadDir: C:\Users\Olivier\Desktop\Desinfection FF Session Restore: Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574 -> est activé. FF Notifications: Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574 -> hxxps://notifscreen.com; hxxps://steamcommunity.com FF Extension: (Hoxx VPN Proxy) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\@hoxx-vpn.xpi [2019-10-25] FF Extension: (Firefox DevTools ADB Extension) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\adb@mozilla.org.xpi [2019-05-07] [UpdateUrl:hxxps://ftp.mozilla.org/pub/labs/devtools/adb-extension/win32/update.json] FF Extension: (anonymoX) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\client@anonymox.net.xpi [2019-07-24] FF Extension: (EagleGet Free Downloader) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\eagleget_ffext@eagleget.com.xpi [2019-08-07] FF Extension: (FreeNet VPN - Fast and Secure VPN) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\firefox@freenetvpn.com.xpi [2019-07-24] FF Extension: (Tampermonkey) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\firefox@tampermonkey.net.xpi [2019-09-12] FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15] FF Extension: (NordVPN – #1 VPN Proxy Extension for Firefox) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\nordvpnproxy@nordvpn.com.xpi [2019-11-05] FF Extension: (uBlock Origin) - C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\k32oxh3b.default-1557047350574\Extensions\uBlock0@raymondhill.net.xpi [2019-10-24] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-24] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-24] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin HKU\S-1-5-21-153319874-3285867458-1482135188-1001: eagleget.com/EagleGet32 -> D:\Utilitaires\Téléchargements\EagleGet\npEagleget.dll [2017-12-03] (Beijing Jiupu Technology Co., Ltd. -> EagleGet) Chrome: ======= CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1207984 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567704 2019-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc. -> Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591872 2019-10-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7201680 2018-07-26] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; D:\Utilitaires\Gravure\Daemon Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 egGetSvc; D:\Utilitaires\Téléchargements\EagleGet\EGMonitor.exe [338936 2019-08-03] (Beijing Pu Technology Limited -> ) S3 GalaxyClientService; D:\Jeux\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-27] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-27] (GOG Sp. z o.o. -> GOG.com) S3 MBAMService; D:\Utilitaires\Securite\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 nordvpn-service; D:\Utilitaires\Internet\NordVPN\nordvpn-service.exe [217552 2019-10-01] (TEFINCOM S.A. -> ) S3 Origin Client Service; D:\Jeux\Origin\OriginClientService.exe [2348336 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Jeux\Origin\OriginWebHelperService.exe [3228464 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208176 2019-11-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-01] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-01] (Disc Soft Ltd -> Disc Soft Ltd) S3 eagleGet; C:\WINDOWS\System32\Drivers\eagleGet.sys [86520 2019-08-03] (Beijing Pu Technology Limited -> eagleGet) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_485c1c3102021986\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek ) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2014-05-13] (Microsoft Corporation) [Fichier non signé] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-11-13 21:34 - 2019-11-13 21:36 - 000021628 _____ C:\Users\Olivier\Desktop\FRST.txt 2019-11-13 21:34 - 2019-11-13 21:35 - 000000000 ____D C:\FRST 2019-11-13 16:51 - 2019-11-13 16:51 - 002260480 _____ (Farbar) C:\Users\Olivier\Desktop\FRST64.exe 2019-11-13 16:49 - 2019-11-13 16:52 - 000000000 ____D C:\Users\Olivier\Desktop\Desinfection 2019-11-13 16:37 - 2019-11-13 16:37 - 000000000 ____D C:\ProgramData\Office Genuine Advantage 2019-11-13 16:36 - 2019-11-13 16:36 - 002031992 _____ (Microsoft Corporation) C:\Users\Olivier\Desktop\MGADiag.exe 2019-11-13 15:56 - 2019-11-13 15:56 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray 2019-11-13 15:56 - 2019-11-08 14:11 - 000208176 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2019-11-13 15:56 - 2019-09-19 09:07 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2019-11-13 15:56 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2019-11-13 15:56 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2019-11-13 15:56 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2019-11-13 15:56 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2019-11-13 15:56 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys 2019-11-13 15:51 - 2019-11-13 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-11-13 15:51 - 2019-11-13 15:51 - 006164184 _____ (Avira Operations GmbH & Co. KG) C:\Users\Olivier\Desktop\avira_fr_froe3_5dcbe5afcd3de__dwndws.exe 2019-11-13 15:51 - 2019-11-13 15:51 - 000001267 _____ C:\Users\Public\Desktop\Avira.lnk 2019-11-13 15:51 - 2019-11-13 15:51 - 000001267 _____ C:\ProgramData\Desktop\Avira.lnk 2019-11-13 15:08 - 2019-11-13 15:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2019-11-13 15:04 - 2019-11-13 16:13 - 000000000 ____D C:\Users\Olivier\AppData\Roaming\Opera Software 2019-11-13 15:04 - 2019-11-13 16:13 - 000000000 ____D C:\Users\Olivier\AppData\Local\Opera Software 2019-11-13 14:58 - 2019-11-13 16:12 - 000000000 ____D C:\Program Files (x86)\Avira 2019-11-13 14:12 - 2019-11-13 14:23 - 000000008 __RSH C:\ProgramData\ntuser.pol 2019-11-13 14:06 - 2019-11-13 14:06 - 000000000 _____ C:\Recovery.txt 2019-11-13 12:50 - 2019-11-13 12:50 - 000214174 _____ C:\Users\Olivier\Desktop\WindowsFirewall.diagcab 2019-11-12 23:37 - 2019-11-12 23:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2019-11-12 23:37 - 2019-11-12 23:37 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2019-11-11 15:50 - 2019-11-11 15:50 - 000169884 _____ C:\Users\Olivier\Documents\IMG_20191111_0001.pdf 2019-11-11 15:50 - 2019-11-11 15:50 - 000157968 _____ C:\Users\Olivier\Documents\IMG_20191111_0002.pdf 2019-11-10 12:29 - 2019-11-10 12:47 - 108949023 _____ C:\Users\Olivier\Desktop\Rustica_-_8_Novembre_2019.pdf 2019-10-31 22:11 - 2019-10-31 22:11 - 000000000 ____D C:\Users\Olivier\AppData\Roaming\Valve Corporation 2019-10-31 18:12 - 2019-10-31 18:13 - 108747014 _____ C:\Users\Olivier\Desktop\Les_Inrockuptibles_-_30_Octobre_2019.pdf 2019-10-24 15:07 - 2019-10-24 15:07 - 000000000 ____D C:\ProgramData\Microsoft Toolkit ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-11-13 21:35 - 2016-12-31 17:37 - 000000000 ____D C:\Users\Olivier\AppData\LocalLow\Mozilla 2019-11-13 21:34 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2019-11-13 21:28 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-11-13 21:23 - 2019-08-29 16:07 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-11-13 21:23 - 2019-03-19 13:01 - 000791936 _____ C:\WINDOWS\system32\perfh00C.dat 2019-11-13 21:23 - 2019-03-19 13:01 - 000150004 _____ C:\WINDOWS\system32\perfc00C.dat 2019-11-13 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-11-13 21:18 - 2019-08-29 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-11-13 21:18 - 2018-12-08 18:03 - 000000000 ____D C:\ProgramData\rvlkl 2019-11-13 21:18 - 2017-07-31 18:05 - 000000000 ____D C:\ProgramData\NVIDIA 2019-11-13 21:17 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-11-13 21:16 - 2019-03-19 05:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2019-11-13 21:16 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-11-13 21:03 - 2017-01-01 18:04 - 000000000 ____D C:\Users\Olivier\AppData\Roaming\AIMP 2019-11-13 20:12 - 2019-08-29 15:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-11-13 19:36 - 2019-07-25 15:15 - 000073728 _____ C:\Users\Olivier\Desktop\Ip list.xls 2019-11-13 19:32 - 2019-08-29 16:12 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AD479BBE-5891-4A72-A429-4FCF979DCFBA} 2019-11-13 16:12 - 2016-12-31 17:56 - 000000000 ____D C:\ProgramData\Avira 2019-11-13 15:56 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-11-13 15:51 - 2016-12-31 17:57 - 000000000 ____D C:\ProgramData\Package Cache 2019-11-13 15:12 - 2019-08-29 15:51 - 000663288 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-11-13 14:10 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-11-13 14:02 - 2018-05-23 14:29 - 000000000 ____D C:\Users\Olivier\AppData\Local\D3DSCache 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack 2019-11-13 13:46 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-11-13 12:52 - 2017-01-02 17:55 - 000000000 ____D C:\Users\Olivier\AppData\Local\ElevatedDiagnostics 2019-11-13 12:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-11-13 12:19 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2019-11-13 12:19 - 2018-05-18 08:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-11-13 12:15 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-11-13 12:15 - 2016-12-31 16:50 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-11-13 10:41 - 2017-10-15 10:34 - 000000000 ___RD C:\Users\Olivier\3D Objects 2019-11-13 10:41 - 2016-12-30 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-11-13 00:27 - 2016-12-31 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-11-13 00:25 - 2016-12-31 19:42 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-11-12 23:31 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-09 12:41 - 2017-01-01 22:57 - 000000000 ____D C:\Users\Olivier\AppData\Roaming\vlc 2019-11-03 09:30 - 2019-07-21 11:31 - 000000378 _____ C:\Users\Olivier\Desktop\X2 Uptobox.txt 2019-11-02 02:24 - 2019-08-29 16:12 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-153319874-3285867458-1482135188-1001 2019-11-02 02:24 - 2019-08-29 15:58 - 000002452 _____ C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-02 02:24 - 2016-12-30 19:56 - 000000000 ___RD C:\Users\Olivier\OneDrive 2019-11-01 01:31 - 2018-07-02 19:43 - 000000000 ____D C:\ProgramData\Packages 2019-11-01 01:03 - 2016-12-31 17:37 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-11-01 01:03 - 2016-12-31 17:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-10-24 20:58 - 2019-08-29 16:12 - 000004764 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-10-24 20:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-10-24 20:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-10-24 20:58 - 2017-01-17 19:11 - 000000000 ____D C:\Users\Olivier\AppData\Local\Adobe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================