Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 06-06-2020
Exécuté par Jean-Pierre (administrateur) sur PC-JP (Hewlett-Packard HP ProBook 6470b) (18-06-2020 16:30:57)
Exécuté depuis C:\Users\Jean-Pierre\Desktop
Profils chargés: Jean-Pierre
Platform: Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\VPN\Avira.VpnService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(Yahoo! Inc. -> Yahoo Inc.) C:\Program Files\Yahoo!\yset\{79825CFA-A6FF-DC47-BA34-D8ECB781CD0E}\YSearchUtilSVC.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\...\Run: [] => [X]
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2972672 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\Windows\system32\hpinkstsC511LM.dll [271032 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\Windows\system32\HPDiscoPMC511.dll [597512 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5520 series): C:\Windows\system32\HPDiscoPMB111.dll [580712 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\W32X86\pdf architect_pdfpmon_v.4.12.26.3.dll [750200 2020-05-19] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [98816 2020-05-19] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {05CF9E9A-A443-4576-9E0A-FA76C30915C8} - System32\Tasks\HP AR Program Upload - fe467ebbf2864a61a63879731955a45fb777dedd3f9040ca93b3e1119680f251 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2619400 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {0AB0C288-B039-4CE7-ACAC-A1927F14501E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2020-03-25] (Google Inc -> Google LLC)
Task: {2BF074A4-AB81-4F1F-8EF0-9D60B02F5D69} - System32\Tasks\HP AR Program Upload - 4a8e0e7eccd046a790e56b5e7075ac597cc074a22e714ad38897ea50833d0330 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2619400 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {2F642A71-797B-4CB3-9A9A-C18C7D2F0010} - System32\Tasks\Avira_Security_Update => C:\Program Files\Avira\Security\Avira.Spotlight.Common.Updater.exe [228040 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3219C55C-B021-45A6-8DBA-42A430BF40A5} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2759632 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3AF67501-77E6-4F42-B64A-1F74F071452B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {49DD015B-B982-49D0-9584-7D099450C2E7} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {5302CAD1-553F-43A5-AE90-93C0FC360E26} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [3976712 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {677B0671-9714-4D4B-856B-9F1AC3597C9E} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-02-26] () [Fichier non signé]
Task: {6A836816-75B4-4930-9590-BB8549F7C0BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {758930E7-1006-4C61-897A-1ED78D3F6E0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {964C2765-DAA2-47D4-9C6C-987E37C10F7F} - System32\Tasks\HP AR Program Upload - 403c28c0ea554d759f95ea7ba8b85cb3cc970863514645268a652915055ccbcf => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2619400 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {97546122-06B2-42E5-BBB1-4EABE6CA8360} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ADE50013-C8D9-4E3B-B2F6-D7E398281901} - System32\Tasks\HP AR Program Upload - d4a04384850d4f5d9a851fecf171499394975936822f464587c8300d23ca292c => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2619400 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {B8D891B7-D4C0-4703-875D-985076479104} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [28678840 2020-06-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B9F3F4E6-C1C9-45A5-BD7A-438D83831CB6} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2014-08-21] () [Fichier non signé]
Task: {C2D01BF2-1F4F-4BA6-8A1A-EA74DDA010D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154920 2020-03-25] (Google Inc -> Google LLC)
Task: {C99ADEFA-F66A-4BB9-98B6-468ED5288186} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [109264 2020-06-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {F295AD83-7FD8-4C51-AB4E-039EF6C35EF9} - System32\Tasks\HP AR Program Upload - 6f9e00e9400b42de9f7878744f1be4714551cc8e180645b296fa236bc85865c4 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2619400 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {FC5FA568-4566-4CD2-AC5B-A916A9A1FA1C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{269B23BE-4467-4693-8208-0948F1565FDF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A26A4456-BF5F-4077-BCDD-8255FF520AA6}: [DhcpNameServer] 192.168.10.1

Internet Explorer:
==================
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1408810604&from=cor&uid=HitachiXHTS725050A7E635_TF0500Y903PHNL03PHNLX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408810604&from=cor&uid=HitachiXHTS725050A7E635_TF0500Y903PHNL03PHNLX&q={searchTerms}
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhXffsVcb8xZ4wNVo2i-XYg_Mxv6a2Lf9wGJBRIwym2DePLS4MNqfwZSTPqq2ESGWDOtklksiqewR181BKcSpd3YyXMG23AFhA6GOXvMg0c7B-WVkUrHwHx-dW9sW_LYZVPGvNbrvfxoUpJjFEIS7fQ,,&q={searchTerms}
HKU\S-1-5-21-418825840-2060682866-3884725902-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D051920-A7DC2D27D18&form=CONMHP&conlogo=CT3335817
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-418825840-2060682866-3884725902-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D051920-N0400A7DC2D27D18&form=CONBDF&conlogo=CT3335817&q={searchTerms}
SearchScopes: HKU\S-1-5-21-418825840-2060682866-3884725902-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D051920-N0400A7DC2D27D18&form=CONBDF&conlogo=CT3335817&q={searchTerms}
SearchScopes: HKU\S-1-5-21-418825840-2060682866-3884725902-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=F-ET&o=14466&src=kw&q={searchTerms}&locale=&apn_ptnrs=%5EFT&apn_dtid=%5EYYYYYY%5EYY%5EFR&apn_uid=1CECD1B0-148B-4220-9219-B7B38ADB7EA3&apn_sauid=52F9AB7B-149D-449F-93C3-A80334A0A3FC
SearchScopes: HKU\S-1-5-21-418825840-2060682866-3884725902-1000 -> {DB158B4F-3054-40C7-B6BE-EDB3EE0BE3AD} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04] (Ask.com -> Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04] (Ask.com -> Ask)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKU\S-1-5-21-418825840-2060682866-3884725902-1000 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04] (Ask.com -> Ask)

FireFox:
========
FF DefaultProfile: lhxo7k7r.default-1444391539413
FF ProfilePath: C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\lhxo7k7r.default-1444391539413 [2020-06-18]
FF Homepage: Mozilla\Firefox\Profiles\lhxo7k7r.default-1444391539413 -> hxxps://www.orange.fr/portail
FF NewTab: Mozilla\Firefox\Profiles\lhxo7k7r.default-1444391539413 -> hxxps://defaultsearch.co/homepage?hp=1&pId=PF170501&iDate=2020-05-19 02:10:14&bName=&bitmask=0300
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\lhxo7k7r.default-1444391539413\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF Extension: (Nouvel onglet de Yahoo) - C:\Program Files\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-24] [] [non signé]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2017-01-31] [] [non signé]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa3\npPicasa3.dll [2014-08-13] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Architect 4 -> C:\Program Files\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-418825840-2060682866-3884725902-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Jean-Pierre\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-18] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
CHR DownloadDir: C:\Users\Jean-Pierre\Downloads\chrome
CHR Extension: (Slides) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-25]
CHR Extension: (Docs) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-25]
CHR Extension: (Google Drive) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-25]
CHR Extension: (YouTube) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-25]
CHR Extension: (Avira Password Manager) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-06-15]
CHR Extension: (Avira Safe Shopping) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-04-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-01]
CHR Extension: (Skype) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-03-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-25]
CHR Extension: (Gmail) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-25]
CHR Extension: (Chrome Media Router) - C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-01]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [1208664 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [573256 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [383240 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files\Avira\Security\Avira.Spotlight.Service.exe [243856 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-25] (Mixbyte Inc -> Freemake)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [242480 2012-08-23] (Intel Corporation-Mobile Wireless Group -> )
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2236640 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970976 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2109224 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [597800 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1516328 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2014-08-21] () [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files\Yahoo!\yset\{79825CFA-A6FF-DC47-BA34-D8ECB781CD0E}\YSearchUtilSvc.exe [160536 2015-12-04] (Yahoo! Inc. -> Yahoo Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2778416 2012-08-23] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1035776 2009-07-14] (Microsoft Windows -> LSI Corp)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [143360 2012-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [155336 2020-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [172816 2020-05-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36688 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60360 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [33280 2019-03-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2014-07-28] (Intel Corporation -> Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation -> Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10383360 2012-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [31032 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SMIGrabber3C; System32\Drivers\SmiUsbGrabber3C.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-06-18 16:30 - 2020-06-18 16:31 - 000026235 _____ C:\Users\Jean-Pierre\Desktop\FRST.txt
2020-06-18 16:30 - 2020-06-18 16:31 - 000000000 ____D C:\FRST
2020-06-18 16:07 - 2020-06-18 16:07 - 002013184 _____ (Farbar) C:\Users\Jean-Pierre\Desktop\FRST.exe
2020-06-05 16:03 - 2020-06-06 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-05-25 22:50 - 2020-05-25 22:50 - 000092237 _____ C:\Users\Jean-Pierre\Documents\La Banque Postale - Épargne et Placements.pdf
2020-05-25 22:50 - 2020-05-25 22:50 - 000000000 ____D C:\Users\Jean-Pierre\AppData\Local\pdfforge
2020-05-19 18:58 - 2020-05-25 22:51 - 000000000 ____D C:\Users\Jean-Pierre\AppData\Roaming\PDF Architect 7
2020-05-19 16:16 - 2020-05-19 16:16 - 000000953 _____ C:\Users\Public\Desktop\PDF Architect 7.lnk
2020-05-19 16:16 - 2020-05-19 16:16 - 000000953 _____ C:\ProgramData\Desktop\PDF Architect 7.lnk
2020-05-19 16:13 - 2020-05-19 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 7
2020-05-19 16:12 - 2020-05-19 16:15 - 000000000 ____D C:\Program Files\PDF Architect 7
2020-05-19 16:09 - 2020-05-19 18:58 - 000000000 ____D C:\ProgramData\PDF Architect 7
2020-05-19 16:08 - 2020-05-19 16:09 - 000000000 ____D C:\Program Files\PDFCreator
2020-05-19 16:08 - 2020-05-19 16:08 - 000000919 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2020-05-19 16:08 - 2020-05-19 16:08 - 000000919 _____ C:\ProgramData\Desktop\PDFCreator.lnk
2020-05-19 16:08 - 2020-05-19 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2020-05-19 16:03 - 2020-05-19 16:03 - 033138104 _____ (pdfforge GmbH) C:\Users\Jean-Pierre\Downloads\PDFCreator-4_0_4-Setup.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-06-18 16:20 - 2017-03-16 19:41 - 000705684 _____ C:\Windows\system32\prfh0416.dat
2020-06-18 16:20 - 2017-03-16 19:41 - 000689012 _____ C:\Windows\system32\perfh007.dat
2020-06-18 16:20 - 2017-03-16 19:41 - 000648486 _____ C:\Windows\system32\perfh01F.dat
2020-06-18 16:20 - 2017-03-16 19:41 - 000148984 _____ C:\Windows\system32\perfc007.dat
2020-06-18 16:20 - 2017-03-16 19:41 - 000147524 _____ C:\Windows\system32\prfc0416.dat
2020-06-18 16:20 - 2017-03-16 19:41 - 000139868 _____ C:\Windows\system32\perfc01F.dat
2020-06-18 16:20 - 2010-11-21 02:30 - 000747570 _____ C:\Windows\system32\perfh00C.dat
2020-06-18 16:20 - 2010-11-21 02:30 - 000150062 _____ C:\Windows\system32\perfc00C.dat
2020-06-18 16:20 - 2010-11-20 23:01 - 004146310 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-18 16:20 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2020-06-18 16:11 - 2016-11-20 12:17 - 000000000 ____D C:\Users\Jean-Pierre\AppData\LocalLow\Mozilla
2020-06-18 15:50 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-18 12:33 - 2017-10-14 17:40 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-06-18 12:33 - 2009-07-14 06:34 - 000026240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-18 12:33 - 2009-07-14 06:34 - 000026240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-17 18:47 - 2020-03-25 16:35 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 18:47 - 2020-03-25 16:34 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 18:47 - 2020-03-25 16:34 - 000002127 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-15 20:06 - 2020-03-25 16:35 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-14 16:39 - 2020-04-21 11:30 - 000000000 ____D C:\Users\Jean-Pierre\Downloads\chrome
2020-06-13 16:08 - 2020-04-17 11:24 - 000003444 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-06-09 15:37 - 2018-03-13 21:02 - 000004640 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-09 15:37 - 2014-08-30 15:32 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-06-09 15:37 - 2014-08-30 15:32 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-06-09 15:37 - 2014-08-30 15:32 - 000004484 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-09 15:37 - 2014-08-24 19:44 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-09 15:28 - 2017-05-06 15:26 - 000007624 _____ C:\Users\Jean-Pierre\Desktop\annonces bon coin.txt
2020-06-08 12:21 - 2020-04-17 11:19 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-06-08 12:21 - 2014-08-22 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-06-06 12:58 - 2014-08-22 18:40 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-06-04 16:01 - 2017-04-14 19:00 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-29 14:28 - 2009-07-14 06:53 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-05-24 20:52 - 2019-11-18 12:02 - 000000432 __RSH C:\ProgramData\ntuser.pol
2020-05-23 20:18 - 2014-09-06 18:36 - 000000000 ____D C:\Users\Jean-Pierre\AppData\Roaming\vlc
2020-05-23 20:06 - 2015-03-02 20:10 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2020-05-19 16:09 - 2015-04-02 18:44 - 000098816 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2020-05-19 10:26 - 2014-08-22 18:50 - 000155336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

==================== Fichiers à la racine de certains dossiers ========

2016-09-29 19:16 - 2016-09-29 19:16 - 122084842 _____ () C:\Program Files\openoffice1.cab
2016-09-29 19:11 - 2016-09-29 19:11 - 002314240 _____ () C:\Program Files\openoffice413.msi
2016-09-29 19:11 - 2016-09-29 19:11 - 000478720 _____ () C:\Program Files\setup.exe
2016-09-29 19:11 - 2016-09-29 19:11 - 000000279 _____ () C:\Program Files\setup.ini
2014-10-29 14:22 - 2014-10-29 14:22 - 000001309 _____ () C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.boostrap.log
2014-10-29 14:22 - 2014-10-29 14:22 - 000005811 _____ () C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.installation.log
2019-05-30 16:02 - 2019-05-30 16:03 - 000000096 _____ () C:\Users\Jean-Pierre\AppData\Roaming\Camdata.ini
2019-05-30 16:02 - 2019-05-30 16:03 - 000000408 _____ () C:\Users\Jean-Pierre\AppData\Roaming\CamLayout.ini
2019-05-30 16:02 - 2019-05-30 16:03 - 000000408 _____ () C:\Users\Jean-Pierre\AppData\Roaming\CamShapes.ini
2019-05-30 16:02 - 2019-05-30 16:03 - 000004509 _____ () C:\Users\Jean-Pierre\AppData\Roaming\CamStudio.cfg
2017-02-05 21:26 - 2017-03-23 12:03 - 000007887 _____ () C:\Users\Jean-Pierre\AppData\Roaming\pcouffin.cat
2017-02-05 21:26 - 2017-03-23 12:03 - 000001144 _____ () C:\Users\Jean-Pierre\AppData\Roaming\pcouffin.inf
2017-02-05 21:26 - 2017-03-23 12:03 - 000000055 _____ () C:\Users\Jean-Pierre\AppData\Roaming\pcouffin.log
2014-10-29 14:22 - 2014-10-29 14:22 - 000000097 _____ () C:\Users\Jean-Pierre\AppData\Roaming\WindApp.boostrap.log
2014-10-29 14:22 - 2014-10-29 14:22 - 000000374 _____ () C:\Users\Jean-Pierre\AppData\Roaming\WindApp.installation.log
2020-04-10 09:53 - 2020-05-08 16:29 - 000004608 _____ () C:\Users\Jean-Pierre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-23 17:48 - 2014-08-23 17:55 - 000000003 _____ () C:\Users\Jean-Pierre\AppData\Local\proxy.log

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2020-06-11 18:23
==================== Fin de FRST.txt ========================