Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Exécuté par demetrio (administrateur) sur DELODY (TOSHIBA SATELLITE C50-B) (28-01-2021 20:43:43)
Exécuté depuis C:\Users\demetrio\Desktop
Profils chargés: demetrio
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\demetrio\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\demetrio\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe Gmbh -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Toshiba Europe Gmbh -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [136952 2018-05-30] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [227168 2019-09-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-146080111-690057411-2808020090-1001\...\Run: [Spotify Web Helper] => C:\Users\demetrio\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-05-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-146080111-690057411-2808020090-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-146080111-690057411-2808020090-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\demetrio\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-146080111-690057411-2808020090-1001\...\Run: [] => [X]
HKU\S-1-5-21-146080111-690057411-2808020090-1001\...\Run: [EPSON Stylus DX7400 Series] => C:\WINDOWS\TEMP\E_SFE4E.tmp [132 2021-01-24] () [Fichier non signé] <==== ATTENTION
HKLM\...\Print\Monitors\EPSON Stylus DX7400 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMCDE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk [2016-10-03]
ShortcutTarget: BackupRemind.lnk -> C:\Program Files (x86)\Wondershare\Dr.Fone pour Android\BackupRemind.exe (Pas de fichier)
Startup: C:\Users\demetrio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-03-12]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\demetrio\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook) [Fichier non signé]
Startup: C:\Users\demetrio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2018-05-10]
ShortcutTarget: OneNote 2007 - Capture d'écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {055E80E0-B8CD-41FB-981E-FB41BFA8623A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {102D1F53-021B-4C29-88AA-DD23363523CF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-12] (Adobe Inc. -> Adobe)
Task: {37F15B34-CCF5-4320-AFB0-4C2BBB4621EF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-12] (Adobe Inc. -> Adobe)
Task: {6B8E6181-1170-42BF-8527-CBE5D5433E1F} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [88064 2014-03-12] (TOSHIBA Corporation) [Fichier non signé]
Task: {7E7FD049-E9AC-406E-A2DE-F68C1B24FC7B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {812F6E2E-AD4F-4D68-A801-EBA277EC81C0} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {9D2CEC2A-BF5F-4838-BC85-0BE42679B7CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {AA33BF41-CE57-41BE-A5B8-6CCBF69329E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B144ED45-58BB-47A9-A764-E8E79EACE094} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D1D8F1BA-2E8D-4582-8CB7-7777C9E26E39} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {c1f85ef8-bcc2-4606-bb39-70c523715eb3} C:\WINDOWS\System32\sdiagschd.dll [0 2014-10-29] ()
Task: {D7BAFEC3-E5B8-418F-82B1-A01B7C04C469} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {DE058F15-331A-4BE0-9FEF-92AB273BEE74} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-02-21] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {F6E799CD-B516-4075-B24C-04E6C0F9CA33} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {F9E2BAB5-C673-4F81-A352-92E7A17E88B8} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {FEF5E03B-71A8-44FC-99C8-B926073B3732} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7A0B9F09-1199-4F48-A102-80CB61C23A70}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DB814890-9F55-4FCF-BD90-30330F159615}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\demetrio\AppData\Roaming\Mozilla\Firefox\Profiles\NmyZYsF3.default [2016-08-30]
FF Extension: (Avira Browser Safety) - C:\Users\demetrio\AppData\Roaming\Mozilla\Firefox\Profiles\NmyZYsF3.default\Extensions\abs@avira.com [2016-08-30] []
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-146080111-690057411-2808020090-1001: vasco.com/VascoCardReaderPlugin -> C:\Users\demetrio\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (Vasco Data Security International GmbH -> VASCO Data Security)
FF Plugin HKU\S-1-5-21-146080111-690057411-2808020090-1001: vasco.com/VascoCardReaderPlugin64 -> C:\Users\demetrio\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll [2014-10-27] (Vasco Data Security International GmbH -> VASCO Data Security)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default [2021-01-28]
CHR Notifications: Default -> hxxps://webmail.condorcet.be
CHR Extension: (Slides) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Hide My IP) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\albbiglcfndaaphglmeaejkhepckkfgf [2019-09-01]
CHR Extension: (Docs) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-14]
CHR Extension: (YouTube) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Recherche Google) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Adobe Acrobat) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-28]
CHR Extension: (Sheets) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Protection Web Avira) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-01-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-28]
CHR Extension: (SparkChess) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2018-09-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-22]
CHR Extension: (Instant web translator) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogmhkfpjfpiaekchdcppgpbdadbgoibl [2016-01-05]
CHR Extension: (Gmail) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR Profile: C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-14]
CHR Profile: C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-08-02]
CHR DefaultSearchURL: Profile 3 -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C210BE1377D20170606&p={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> mcafee
CHR Extension: (Slides) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-02]
CHR Extension: (Docs) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-02]
CHR Extension: (Google Drive) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-02]
CHR Extension: (YouTube) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-02]
CHR Extension: (Adobe Acrobat) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-02]
CHR Extension: (Google Play Musique) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-08-02]
CHR Extension: (Sheets) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-02]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-08-02]
CHR Extension: (Protection Web Avira) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-08-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-02]
CHR Extension: (AdBlock) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-08-02]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-08-02]
CHR Extension: (Extension AllDebrid ) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mdjbgnpehbhpibonmjjjbjaoechnlcaf [2018-08-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-02]
CHR Extension: (Gmail) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-02]
CHR Profile: C:\Users\demetrio\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169032 2020-05-07] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-12] (Adobe Inc. -> Adobe)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-05-30] (Intel(R) Driver & Support Assistant -> Intel)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] (DTS, Inc. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent Inc -> WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Dr.Fone pour Android\DriverInstall.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppID; C:\WINDOWS\system32\drivers\appid.sys [83456 2018-06-08] (Microsoft Windows) [Fichier non signé]
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-12-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) [Fichier non signé]
S3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) [Fichier non signé]
S3 HidBatt; C:\WINDOWS\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) [Fichier non signé]
S0 pcmcia; C:\WINDOWS\System32\drivers\pcmcia.sys [114528 2013-08-22] () [Fichier non signé]
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291032 2013-11-22] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 SiSRaid4; C:\WINDOWS\System32\drivers\sisraid4.sys [0 2013-08-22] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-10-10] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S0 uagp35; C:\WINDOWS\System32\drivers\uagp35.sys [0 2013-08-22] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [16384 2013-08-22] () [Fichier non signé]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-28 20:43 - 2021-01-28 20:44 - 000025896 _____ C:\Users\demetrio\Desktop\FRST.txt
2021-01-28 20:43 - 2021-01-28 20:44 - 000000000 ____D C:\FRST
2021-01-28 20:09 - 2021-01-28 20:09 - 002297856 _____ (Farbar) C:\Users\demetrio\Desktop\FRST64.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-28 20:28 - 2015-07-30 15:04 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-146080111-690057411-2808020090-1001
2021-01-28 20:28 - 2014-06-02 17:57 - 000000000 ___DO C:\Users\demetrio\OneDrive
2021-01-28 20:28 - 2014-04-22 18:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 20:27 - 2018-06-27 10:44 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-28 20:22 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-28 19:29 - 2015-11-27 10:50 - 000000000 ____D C:\Users\demetrio\AppData\Local\PokerStars.BE
2021-01-28 19:29 - 2015-11-27 10:48 - 000000000 ____D C:\Program Files (x86)\PokerStars.BE
2021-01-28 18:56 - 2013-08-22 14:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-01-28 18:47 - 2016-08-30 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-28 18:47 - 2015-08-18 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2021-01-28 18:46 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2021-01-28 18:11 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\registration
2021-01-28 17:54 - 2015-07-30 14:47 - 000000000 ____D C:\Users\demetrio
2021-01-28 17:41 - 2020-10-28 08:23 - 000002325 _____ C:\Users\demetrio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-28 17:41 - 2020-10-28 08:23 - 000002317 _____ C:\Users\demetrio\Desktop\Microsoft Teams.lnk
2021-01-24 15:34 - 2014-04-03 22:55 - 003016554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-24 15:34 - 2013-08-28 11:25 - 000427760 _____ C:\WINDOWS\system32\perfh013.dat
2021-01-24 15:34 - 2013-08-28 11:25 - 000003894 _____ C:\WINDOWS\system32\perfc013.dat
2021-01-24 15:34 - 2013-08-28 11:16 - 000421534 _____ C:\WINDOWS\system32\perfh010.dat
2021-01-24 15:34 - 2013-08-28 11:16 - 000056872 _____ C:\WINDOWS\system32\perfc010.dat
2021-01-24 15:34 - 2013-08-28 11:08 - 000805600 _____ C:\WINDOWS\system32\perfh00C.dat
2021-01-24 15:34 - 2013-08-28 11:08 - 000156456 _____ C:\WINDOWS\system32\perfc00C.dat
2021-01-24 15:34 - 2013-08-28 10:59 - 000382024 _____ C:\WINDOWS\system32\perfh007.dat
2021-01-24 15:34 - 2013-08-28 10:59 - 000058388 _____ C:\WINDOWS\system32\perfc007.dat

==================== Fichiers à la racine de certains dossiers ========

2018-10-17 12:07 - 2018-10-17 12:07 - 000004608 _____ () C:\Users\demetrio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== FCheck ================================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

FCheck: C:\WINDOWS\SysWOW64\BROSNMP.DLL [2014-09-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\cca.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\efscore.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\msra.exe [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\NlsData004e.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\TpmInit.exe [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\bitsperf.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\DaOtpCredentialProvider.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\drprov.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\efswrt.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll [2014-01-31] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\NcaApi.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\NlsLexicons0003.dll [2013-08-22] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\NlsLexicons0047.dll [2013-08-22] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\ntlanman.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\rshx32.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\sdiagschd.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\setupugc.exe [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\SystemSettingsDatabase.dll [2014-11-14] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\usbui.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\winipsec.dll [2014-10-29] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\xactengine3_5.dll [2009-09-04] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\Drivers\sisraid4.sys [2013-08-22] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\WINDOWS\system32\Drivers\UAGP35.SYS [2013-08-22] <==== ATTENTION (zéro octet Fichier/Dossier)

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2020-10-29 13:14
==================== Fin de FRST.txt ========================