Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Exécuté par issan (administrateur) sur NEW-REAL-MEN (Packard Bell oneTwo S3280) (09-01-2021 00:47:17)
Exécuté depuis C:\Users\issan\Desktop
Profils chargés: issan
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3366710949-3086691539-1551123523-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3366710949-3086691539-1551123523-1001\...\Policies\Explorer: []
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
Startup: C:\Users\issan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2018-08-23]
ShortcutAndArgument: Alertes de surveillance de l'encre - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN578691X30604;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\issan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 2540 series.lnk [2021-01-09]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 2540 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN578691X30604;CONNECTION=USB;MONITOR=1;

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {039E966E-E32C-4EA3-8DC9-C05B65232104} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0A4C8808-1DE9-436C-A98E-9E7086470B81} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {126198A3-CF77-4E25-82AA-D9B1C55665DB} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {1C33511F-5A40-4323-8489-9445F6CC95B4} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2021-01-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {1F339AC2-BD79-43FB-BF88-DF8F3DA0179C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {241240AD-E8BE-4ACE-BA14-1F34412248E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {294E23B7-3BFD-4936-A930-30EDEF9204EA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {2C2396C3-BD2C-4171-9254-15884354185C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {339E8E8E-CFF8-4FB0-B811-574AD891367C} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [4150312 2013-07-08] (Acer Incorporated -> )
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {386A5540-026A-450B-9FF7-79596452B7EF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {4D0BA6D5-24C5-4124-B547-6FBBFBE78A63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-19] (Google Inc -> Google Inc.)
Task: {561B25CC-4B10-4EE3-A9E4-8D0CDE24650C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [40008 2013-01-22] (Acer Incorporated -> )
Task: {56F2A76E-D7E9-4D45-9988-D2ED030DA08B} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {5CA87D34-313E-45A4-9F68-45214A9732DF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {61E03C0A-00D2-4AC3-9A29-707970F70AFF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7152DF32-4E04-4904-B582-53564A330BFB} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {77681866-8BAE-4BC3-A1B3-F6D735712AD5} - \WPD\SqmUpload_S-1-5-21-3366710949-3086691539-1551123523-1001 -> Pas de fichier <==== ATTENTION
Task: {7FFDDE88-8DDD-4561-8A19-590D9348F261} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {88276E22-85AC-471A-8AFC-88F354CFA8E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {889A2209-7D41-40AD-A4C8-8FA401F2B035} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {9027CD28-05B1-47E6-BD60-34D28BCC3349} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {94BE210C-77DD-4762-86A8-A67DA1046B18} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [490728 2014-08-27] (Acer Incorporated -> Acer Incorporated)
Task: {95A8FA77-5D72-4FA6-935D-E3C098A39BA5} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {95C6B131-4838-4765-8DCC-62CD48BD74AB} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {A3338440-4601-41E8-8DE1-319D39E01978} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {A5A6EA34-2104-4736-834F-00E7579A5AFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-19] (Google Inc -> Google Inc.)
Task: {B7A79AF3-D36A-4BF0-82FB-72F7C68C026A} - \WPD\SqmUpload_S-1-5-21-3366710949-3086691539-1551123523-1004 -> Pas de fichier <==== ATTENTION
Task: {C3C967CF-9AA3-4770-B30C-0ACE96966B4D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE8FEB27-2A23-42C4-A863-B994CB827A45} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {D82626C5-0404-457C-B6D4-F36ED753E34B} - System32\Tasks\HP AR Program Upload - 37692cc8d7ad497a8070933a087ae2876033191e24c2443e96ec41cd54b999cf => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [3495432 2014-03-06] (Hewlett Packard -> TODO: <Company name>)
Task: {DFDA64B9-4C8A-4DE4-99F1-DAF600A3514B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {E0587E51-2AC3-469B-AD61-8964550B162E} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2649200 2020-10-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E7440422-EE6C-4D61-8422-CCB249940B5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F01F41FA-477D-4EF9-832E-21C5D49A32B4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {F1E34554-54C8-4628-BDAB-E7181EA765D7} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2437920 2017-10-02] (Acer Incorporated -> Acer)
Task: {F5933586-BC24-4407-A063-F6B91472CE40} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {F8E84DA9-2653-403B-A7CA-2C2C0815F210} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [527616 2014-03-03] (Acer Incorporated -> Acer Incorporated)
Task: {FB2CAF93-BED6-4030-A784-05939691C5F7} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {FBD50EB7-181B-4CE1-A344-BBF9F416AE1D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{4e466727-fcdf-409e-89ff-8a4caf105c98}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{654033d1-8620-4a62-8b92-5462e5bc0fd7}: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR Notifications: Default -> hxxp://easypoke.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.fr/
CHR Extension: (Slides) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Docs) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-19]
CHR Extension: (YouTube) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Recherche Google) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-29]
CHR Extension: (Gmail) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-19]
CHR Extension: (Chrome Media Router) - C:\Users\issan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-09-22] (Advanced Micro Devices, Inc. -> )
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1205960 2020-10-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\AntiVir Desktop\ProtectedService.exe [537472 2020-10-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [483432 2020-10-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [483432 2020-10-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [573960 2020-11-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated -> Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-08-07] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-09-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337920 2017-05-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38504 2014-03-26] (Realtek Semiconductor Corp -> Windows (R) Codename Longhorn DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-09 00:47 - 2021-01-09 00:50 - 000023349 _____ C:\Users\issan\Desktop\FRST.txt
2021-01-09 00:44 - 2021-01-09 00:44 - 002282496 _____ (Farbar) C:\Users\issan\Desktop\FRST64.exe
2021-01-09 00:25 - 2021-01-09 00:33 - 1142718171 _____ C:\Users\issan\Downloads\Dinosaur.2000.FRENCH.720p.BluRay.x264-AiRLiNE.mkv
2021-01-08 23:43 - 2021-01-08 23:43 - 000000000 ____D C:\Users\issan\AppData\LocalLow\IGDump
2021-01-08 23:39 - 2021-01-08 23:39 - 000000000 ____D C:\Users\issan\AppData\Local\mbam
2021-01-08 23:36 - 2021-01-08 23:36 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-08 23:35 - 2021-01-08 23:35 - 002086424 _____ (Malwarebytes) C:\Users\issan\Downloads\MBSetup.exe
2021-01-08 23:35 - 2021-01-08 23:35 - 002086424 _____ (Malwarebytes) C:\Users\issan\Downloads\MBSetup (1).exe
2021-01-08 23:33 - 2021-01-08 23:33 - 000000000 ___HD C:\$WinREAgent
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-07 20:11 - 2021-01-07 20:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-07 20:10 - 2021-01-07 20:10 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-07 20:08 - 2021-01-07 20:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-07 20:07 - 2021-01-07 20:07 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-07 20:06 - 2021-01-07 20:06 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-07 18:56 - 2021-01-09 00:43 - 000000000 ____D C:\Program Files\CCleaner
2021-01-07 18:56 - 2021-01-07 18:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-07 18:56 - 2021-01-07 18:56 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-07 18:56 - 2021-01-07 18:56 - 000000875 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-07 18:56 - 2021-01-07 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-07 18:48 - 2021-01-07 18:49 - 030536752 _____ (Piriform Software Ltd) C:\Users\issan\Downloads\ccsetup575.exe
2021-01-06 23:11 - 2021-01-06 23:16 - 1604630346 _____ C:\Users\issan\Downloads\Brain.on.Fire.2016.FRENCH.720p.WEBRip.x264-Wawacity.ec.mkv
2021-01-06 20:27 - 2021-01-06 20:27 - 000000000 ____D C:\Users\issan\AppData\Local\Opera Software
2021-01-06 20:25 - 2021-01-06 20:25 - 000000000 ____D C:\Users\issan\AppData\Roaming\Opera Software
2020-12-19 14:40 - 2020-12-19 14:40 - 000092759 _____ C:\Users\issan\Downloads\bulletin-adhesion_vincenzo-lisci.pdf
2020-12-19 14:40 - 2020-12-19 14:40 - 000068650 _____ C:\Users\issan\Downloads\mandat-resiliation_vincenzo-lisci.pdf
2020-12-19 14:40 - 2020-12-19 14:40 - 000063491 _____ C:\Users\issan\Downloads\mandat-sepa.pdf
2020-12-19 14:21 - 2020-12-19 14:21 - 000050418 _____ C:\Users\issan\Downloads\ATTESTATION AFFILIATION-17-04-2020.pdf
2020-12-10 21:38 - 2020-12-19 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-12-10 21:38 - 2020-12-10 21:38 - 000001207 _____ C:\Users\Public\Desktop\Avira.lnk

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-09 00:53 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 00:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-09 00:48 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-09 00:48 - 2016-06-06 00:26 - 000000000 ____D C:\FRST
2021-01-09 00:42 - 2018-01-29 03:42 - 000000000 ____D C:\Users\issan\AppData\Local\Packages
2021-01-09 00:41 - 2015-03-19 17:24 - 000000000 ____D C:\Users\issan\AppData\Local\CrashDumps
2021-01-09 00:37 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-09 00:07 - 2020-03-18 13:22 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-09 00:07 - 2019-03-19 13:00 - 000791936 _____ C:\WINDOWS\system32\perfh00C.dat
2021-01-09 00:07 - 2019-03-19 13:00 - 000150004 _____ C:\WINDOWS\system32\perfc00C.dat
2021-01-09 00:07 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-09 00:05 - 2020-03-18 13:07 - 000000000 ____D C:\Users\issan
2021-01-08 23:59 - 2020-03-18 13:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-08 23:59 - 2020-03-18 12:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 23:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-08 23:37 - 2016-06-05 17:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-08 23:24 - 2015-03-19 14:25 - 000000000 ___RD C:\Users\issan\OneDrive
2021-01-08 23:18 - 2018-03-14 11:22 - 000000000 ___RD C:\Users\issan\3D Objects
2021-01-08 23:18 - 2016-02-13 14:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-07 23:49 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-07 23:49 - 2017-07-23 22:08 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-07 23:44 - 2020-03-18 12:57 - 000304000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-07 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-07 23:23 - 2020-03-18 13:47 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6C68E7AD-3D47-4AE3-99E8-B44B78A043A1}
2021-01-07 20:43 - 2015-03-22 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-07 20:33 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-07 20:33 - 2015-03-22 19:53 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-07 20:28 - 2020-10-14 15:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-07 20:06 - 2020-03-18 13:04 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-07 19:09 - 2015-07-02 21:37 - 000000000 ____D C:\Users\issan\AppData\Roaming\vlc
2021-01-07 19:06 - 2020-03-12 10:51 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-07 18:45 - 2019-01-23 00:46 - 000001155 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-01-06 21:58 - 2020-09-03 21:30 - 000003714 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-01-06 21:32 - 2019-01-16 16:48 - 000000000 ____D C:\Users\issan\Desktop\film
2021-01-06 21:02 - 2020-09-03 22:03 - 000000000 ____D C:\Users\Public\Security Sessions
2021-01-06 21:01 - 2019-02-25 13:52 - 000000000 ____D C:\Users\issan\Desktop\y
2021-01-06 20:02 - 2020-09-03 21:32 - 000003786 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-01-06 20:02 - 2020-09-03 21:32 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-12-19 12:56 - 2020-03-18 13:47 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-19 12:55 - 2019-09-14 14:34 - 000002136 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-12-19 12:55 - 2017-04-12 19:27 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 21:49 - 2020-03-18 13:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-10 21:49 - 2020-03-18 13:47 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-10 21:47 - 2020-03-18 13:47 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3366710949-3086691539-1551123523-1001
2020-12-10 21:47 - 2020-03-18 13:07 - 000002459 _____ C:\Users\issan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 21:34 - 2017-07-23 22:08 - 000000000 ____D C:\ProgramData\Package Cache

==================== Fichiers à la racine de certains dossiers ========

2016-01-11 20:14 - 2016-01-11 21:19 - 000009216 _____ () C:\Users\issan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================