Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
Exécuté par Bob (administrateur) sur BOB-CLEVO (Notebook P15SM) (17-11-2022 16:43:00)
Exécuté depuis C:\Users\Bob\Desktop
Profils chargés: Bob
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.2251 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe ->) () [Fichier non signé] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(C:\Program Files (x86)\Windscribe\Windscribe.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\wsappcontrol.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\Hotkey\Hotkey.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\Polar\WebSync\WebSync.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (AVerMedia TECHNOLOGIES, Inc.) [Fichier non signé] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\Bob\Desktop\ZHPSuite.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (TrueCrypt Foundation -> TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(explorer.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\Windscribe.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\assistant\browser_assistant.exe <2>
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\PrivateVPN Client\PrivateVpnDaemon.exe
(services.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, Inc.) [Fichier non signé] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(services.exe ->) (AVerMedia) [Fichier non signé] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (Polar Electro Oy -> ) C:\Program Files (x86)\Polar\Daemon\polard.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(services.exe ->) (ShenZhen Foscam Intelligent Technology Co,Ltd -> ) C:\Program Files (x86)\IPCWebComponents\IPCPlgSvr.exe
(services.exe ->) (Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(services.exe ->) (Yahoo! Inc. -> Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{28D3099D-83EB-EA42-9FF6-290792AB6354}\YSearchUtilSVC.exe
(svchost.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(svchost.exe ->) (Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(svchost.exe ->) (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(svchost.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(svchost.exe ->) (Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(svchost.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(svchost.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-09-08] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [LocalServiceControl] => C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe [455168 2022-05-12] (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2587681252-4027145687-642264405-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-2587681252-4027145687-642264405-1001\...\Run: [] => [X]
HKU\S-1-5-21-2587681252-4027145687-642264405-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-05] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon iP2700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA4.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP2700 series: C:\Windows\system32\CNMLMA4.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-09-09] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-02-07] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2018-09-20]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2018-09-20]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2015-11-07]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Polar WebSync (polargofit.com).lnk [2018-02-04]
ShortcutTarget: Polar WebSync (polargofit.com).lnk -> C:\Program Files (x86)\Polar\WebSync\WebSync.exe () [Fichier non signé]
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0232721B-F8BF-4388-92CF-55AF0CCDEFD0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {127B9868-F969-4EC1-AEDF-87A0133A1C0B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519720 2013-08-21] (Acronis International GmbH -> Acronis)
Task: {1794A75D-A9FF-4734-B323-654F7B6A6B2A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {1953B4E9-D83C-4EC0-A0BC-B318583ED971} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
Task: {1F5835D0-12F8-43D9-A9D7-C881258AE799} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (Pas de fichier)
Task: {21BEE379-274A-4990-8A7C-A215E5CD0A77} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [31903104 2022-09-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {27C2D944-6A49-44C4-AFE1-5D5012010A3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-11] (Google Inc -> Google Inc.)
Task: {2F1351E3-8241-4FF2-8E52-3296B1C084CE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {30937DE7-F8B9-46D2-A185-7CAFF51DCB3F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {3119C9B7-D244-40C8-8DE0-E9CAC939A6F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-11] (Google Inc -> Google Inc.)
Task: {33B40373-5BE6-4E5F-9580-F55133D6CD65} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {39C69990-2C10-4303-9407-FFDAAC4E9F0D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {3BCAA2D6-0E8F-4048-A418-D5D5FD9D7EEF} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (Canon Inc. -> CANON INC.)
Task: {3C58D6D7-9341-47EF-8070-8A56819AF3FD} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2109440 2013-04-23] (Creative Technology Ltd) [Fichier non signé]
Task: {47549369-A60C-4108-A222-60143DDC76F3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {5C6894BE-EEAE-425A-B18F-7C962CAA8E92} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {65A25DEC-7645-46FE-A0D2-36FE32250DBF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7FE8C1A3-0126-4BE4-BA9D-1A83D8FC67E5} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {82A7FAA0-F689-487F-91B8-082F92441957} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8CE0F1B8-1737-45B3-A7FA-F96A45392875} - System32\Tasks\Eteindre le PC => shutdown /s
Task: {8F49A2B8-8BCF-43E2-A18E-02858DAAD83D} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1660640 2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {9D7ACDD8-95C3-4896-891B-4C96D5BCE5DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DF4D3D4-7A2A-423E-817B-C4D827069B23} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [163840 2012-10-17] () [Fichier non signé]
Task: {9F75856A-36E3-44D1-99EE-F4EA46777052} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1A192D8-6C6E-4C84-AB86-120D4952039A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {A400F8FD-A7E8-4B84-9AB8-4B3C13495372} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {A6E88FFD-D723-4260-BE54-4F011F32EECB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B152067C-B5FA-47A0-9B59-16855716BA28} - System32\Tasks\{C1728978-F6FA-4165-BF8E-817121707BA2} => C:\WINDOWS\system32\pcalua.exe -a "Y:\My documents\Ecole\Maternelle\logiciels pédagogiques\LOGIFLOC\LogicoFloc (D)\demarrer.exe" -d "Y:\My documents\Ecole\Maternelle\logiciels pédagogiques\LOGIFLOC\LogicoFloc (D)"
Task: {B3471397-872C-4703-BAC2-DC503E0416D2} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BB2BCA7D-0A22-445F-ACC7-23A05FB90735} - System32\Tasks\Core Temp Autostart Bob => C:\Program Files\Core Temp\Core Temp.exe [1035096 2021-04-11] (ALCPU -> ALCPU)
Task: {BB4D39AB-A484-4F03-9D8B-67DF56B37108} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {BB4D39AB-A484-4F03-9D8B-67DF56B37108} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {BB4D39AB-A484-4F03-9D8B-67DF56B37108} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {BCDE631A-1ECF-4DD7-9149-027DF70CB1F6} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
Task: {C2979281-7FB9-4C96-A4F4-9138E400370E} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7842680 2013-12-12] (Acronis International GmbH -> )
Task: {C53DF0B9-2353-4E3E-833A-36C93EF6BAF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D3AED0C4-8C44-4DF0-8078-DE5C67F0D2BB} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3084288 2012-07-31] (Brother Industries, Ltd.) [Fichier non signé]
Task: {D9FEE8DD-0165-42C5-A790-4B2BB8B81500} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {DB50B9C6-EE02-47FF-AC4A-C47674BD3608} - System32\Tasks\Opera scheduled Autoupdate 1515061415 => C:\Program Files\Opera\launcher.exe [2569160 2022-10-28] (Opera Norway AS -> Opera Software)
Task: {E2009171-5223-4B06-BFFE-B55022E6B609} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [257824 2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {E934BDDF-671D-4911-95BA-4A818CBDE28F} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333760 2022-08-30] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {EC1A76BF-3350-4309-8D0D-FEA1EC4487E2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582838428 => C:\Program Files\Opera\launcher.exe [2569160 2022-10-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {F853454D-C190-427A-9C48-60B7CE19AE57} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBE73598-0E74-4350-A7A0-85E3CC30B056} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fe10b01-08f8-4160-8d00-729a748f8d90}: [DhcpNameServer] 185.123.227.250
Tcpip\..\Interfaces\{8d856642-6fa1-45d5-8f5a-6a1d2a5596b1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{afd8e235-32de-4f69-98d2-fbed2273f686}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Bob\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bob\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17]
Edge DownloadDir: Default -> C:\Users\Bob\Downloads
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Bob\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-03]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 0uzv1bge.default-1631268127323
FF ProfilePath: C:\Users\Bob\AppData\Roaming\TomTom\HOME\Profiles\3l42nrux.default [2019-04-03]
FF Extension: (Emulator) - C:\Users\Bob\AppData\Roaming\TomTom\HOME\Profiles\3l42nrux.default\Extensions\Navcore.9.510.1234792@tomtom.com [2017-06-06] [] [non signé]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0uzv1bge.default-1631268127323 [2022-10-30]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0uzv1bge.default-1631268127323\Extensions\firefox@ghostery.com.xpi [2022-10-27]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\0uzv1bge.default-1631268127323\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-27]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-02-01] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-10-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-10-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll [Pas de fichier]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-15] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-15] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll [2016-12-26] (ShenZhen Foscam Intelligent Technology Co,Ltd -> )
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @TRENDnet.com/CameraPlugin -> C:\Program Files (x86)\TRENDnet\Plugin\npcamstreamctrl.dll [2015-09-10] (TRENDnet, Inc. -> TRENDnet)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2019-04-01] (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-2587681252-4027145687-642264405-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-12-30] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default [2022-11-17]
CHR Notifications: Default -> hxxp://korben.info; hxxps://androidcaptcha.info; hxxps://calendar.google.com; hxxps://donnons.org; hxxps://forum.zebulon.fr; hxxps://fr-mg42.mail.yahoo.com; hxxps://fr.aliexpress.com; hxxps://fr.ecoflow.com; hxxps://harriswilson.fr; hxxps://iss.shopimind.com; hxxps://jamaisvulgaire.com; hxxps://laspirateur.by.finebird.com; hxxps://mail.yahoo.com; hxxps://mg.mail.yahoo.com; hxxps://mgen.mesdocteurs.com; hxxps://television.telerama.fr; hxxps://twitter.com; hxxps://web.whatsapp.com; hxxps://www.20minutes.fr; hxxps://www.bluettipower.eu; hxxps://www.boursier.com; hxxps://www.conforama.fr; hxxps://www.consoglobe.com; hxxps://www.doctrine.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.gouvernement.fr; hxxps://www.immojeune.com; hxxps://www.label-naturel.com; hxxps://www.leslipfrancais.fr; hxxps://www.lesnumeriques.com; hxxps://www.maison-et-domotique.com; hxxps://www.maisonsdumonde.com; hxxps://www.motomag.com; hxxps://www.pdfforge.org; hxxps://www.radioclassique.fr; hxxps://www.reddit.com; hxxps://www.retraite.com; hxxps://www.santediscount.com; hxxps://www.scooter-system.fr; hxxps://www.singaporeair.com; hxxps://www.sncf-connect.com; hxxps://www.telerama.fr; hxxps://www.tomtom.com; hxxps://www.wondershare.com
CHR HomePage: Default -> search.lilo.org
CHR NewTab: Default -> Active:"chrome-extension://lkdlikflakpjhppfiejegdnccommiokf/tab/tab.html", Not-active:"chrome-extension://ibbfklbaljofpaanmpaeadejijfdddco/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Extension: (Avira Password Manager) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-11-08]
CHR Extension: (Avira Safe Shopping) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-26]
CHR Extension: (Lilo - Achats Solidaires) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppbcbfkedkkgoconajccohfcmmgjffi [2022-05-10]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-06]
CHR Extension: (Protection Web Avira) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-08]
CHR Extension: (IE Tab) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2022-11-15]
CHR Extension: (Yahoo Partner) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2020-01-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-17]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2022-11-15]
CHR Extension: (Skype) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-12]
CHR Extension: (Lilo Moteur et solidaire) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdlikflakpjhppfiejegdnccommiokf [2021-05-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-12]
CHR Profile: C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-17]
CHR Profile: C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-31]
CHR Extension: (Avira Password Manager) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-05-17]
CHR Extension: (Avira Safe Shopping) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-05-17]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-17]
CHR Extension: (Protection Web Avira) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-05-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-17]
CHR Extension: (Skype) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-14]
CHR Profile: C:\Users\Bob\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-2587681252-4027145687-642264405-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dohgledglbbohojmcfcikbhgliipjegd]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [oelloajafbopojkjmieelljfkcmdpdhf] - C:\Program Files\AuthenTec TrueSuite\x86\tschrome.crx <non trouvé(e)>

Opera:
=======
OPR Profile: C:\Users\Bob\AppData\Roaming\Opera Software\Opera Stable [2022-11-17]
OPR Notifications: Opera Stable -> hxxps://mail.yahoo.com; hxxps://www.immojeune.com; hxxps://www.maison-et-domotique.com; hxxps://www.rustica.fr; hxxps://www.santediscount.com; hxxps://www.systemed.fr; hxxps://www.tomtom.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Bob\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-15]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Bob\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-15]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\Bob\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-10-15]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1144904 2013-08-21] (Acronis International GmbH -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3894264 2016-02-05] (Acronis International GmbH -> Acronis)
S4 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] (Amazon Services LLC -> )
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [Fichier non signé]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [Fichier non signé]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [Fichier non signé]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266432 2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [292304 2022-11-11] (Avira Operations GmbH -> Avira Operations GmbH)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [Fichier non signé]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-11-07] (Creative Labs) [Fichier non signé]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-11-07] (Creative Labs) [Fichier non signé]
S2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2016-09-06] (Fork, Ltd.) [Fichier non signé]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [Fichier non signé]
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8778136 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8778136 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project)
R2 FosCloudSvr; C:\Program Files (x86)\IPCWebComponents\IPCPlgSvr.exe [91776 2016-12-26] (ShenZhen Foscam Intelligent Technology Co,Ltd -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-16] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-07] (Malwarebytes Inc. -> Malwarebytes)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [493544 2018-12-21] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [419536 2012-12-12] (Polar Electro Oy -> )
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46080 2013-07-09] () [Fichier non signé]
R2 PrivateVPN Daemon; C:\Program Files (x86)\PrivateVPN Client\PrivateVpnDaemon.exe [13824 2020-01-05] () [Fichier non signé]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7151024 2013-10-22] (Acronis International GmbH -> Acronis)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{28D3099D-83EB-EA42-9FF6-290792AB6354}\YSearchUtilSvc.exe [182736 2017-03-21] (Yahoo! Inc. -> Yahoo Inc.)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AirplaneModeHid; C:\WINDOWS\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Software Corp. -> Insyde Corporation)
R3 ALSysIO; C:\Users\Bob\AppData\Local\Temp\ALSysIO64.sys [47240 2022-11-17] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [164832 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R3 AVerIT13x; C:\WINDOWS\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [185704 2022-06-13] (NortonLifeLock Inc. -> BullGuard Ltd.)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-18] (Disc Soft Ltd -> Disc Soft Ltd)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [116000 2016-02-05] (Acronis International GmbH -> Acronis International GmbH)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2021-05-31] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 NPF; C:\WINDOWS\SysWOW64\drivers\npf64.sys [36600 2017-03-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [26624 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [224848 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [219040 2022-11-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [61376 2022-10-14] (Avira Operations GmbH -> Avira Operations GmbH)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-02-05] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2016-02-05] (Acronis International GmbH -> Acronis International GmbH)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [198248 2016-03-28] (IDRIX -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-17] (Microsoft Windows -> Microsoft Corporation)
R1 Win10Pcap; C:\WINDOWS\system32\DRIVERS\Win10Pcap.sys [50304 2015-10-07] (SoftEther Corporation -> Daiyuu Nobori, University of Tsukuba, Japan)
R1 Win10Pcap; C:\Windows\SysWOW64\DRIVERS\Win10Pcap.sys [44544 2017-07-10] (SoftEther Corporation -> Daiyuu Nobori, University of Tsukuba, Japan)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-11-17 16:43 - 2022-11-17 16:43 - 000053684 _____ C:\Users\Bob\Desktop\FRST.txt
2022-11-17 16:38 - 2022-11-17 16:38 - 000497108 _____ C:\Users\Bob\Desktop\ZHPDiag.txt
2022-11-17 12:52 - 2022-11-17 16:26 - 003509960 _____ (Nicolas Coolman) C:\Users\Bob\Desktop\ZHPSuite.exe
2022-11-17 11:56 - 2022-11-17 16:40 - 000000000 ____D C:\Users\Bob\Desktop\Nouveau dossier
2022-11-17 09:06 - 2022-11-17 09:06 - 000000000 ____D C:\Users\Bob\Desktop\FRST-OlderVersion
2022-11-17 09:02 - 2022-11-17 12:50 - 093323264 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-11-17 08:57 - 2022-11-17 09:02 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-11-17 08:18 - 2022-11-17 08:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\Bob\Downloads\HijackThis.exe
2022-11-16 17:29 - 2022-11-16 17:29 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-11-16 17:29 - 2022-11-16 17:29 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-11-16 17:29 - 2022-11-16 17:29 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-11-15 17:40 - 2022-11-15 17:40 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-15 17:40 - 2022-11-15 17:40 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-15 17:40 - 2022-11-15 17:40 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-15 17:39 - 2022-11-15 17:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-15 17:30 - 2022-11-15 17:30 - 000000000 ___HD C:\$WinREAgent
2022-11-07 17:10 - 2022-11-07 17:10 - 000039850 _____ C:\Users\Bob\Downloads\Releve_compte_31_10_2022.pdf
2022-11-07 17:05 - 2022-11-07 17:05 - 000061681 _____ C:\Users\Bob\Downloads\COM_21_01_2022.pdf
2022-11-06 19:39 - 2022-11-06 19:39 - 003543189 _____ C:\Users\Bob\Downloads\livret_blanc_scandivie_interactif-2021_148.pdf
2022-11-06 19:39 - 2022-11-06 19:39 - 000270843 _____ C:\Users\Bob\Downloads\Notice_utilisation_fonte.pdf
2022-11-06 19:20 - 2022-11-06 19:20 - 000447550 _____ C:\Users\Bob\Downloads\FA087992.pdf
2022-10-30 19:46 - 2022-10-30 19:46 - 000047479 _____ C:\Users\Bob\Downloads\attestation-varlet-robert.pdf
2022-10-30 12:14 - 2022-10-30 12:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-30 12:14 - 2022-10-30 12:14 - 000002319 _____ C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-30 12:14 - 2022-10-30 12:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-30 07:52 - 2022-10-30 07:52 - 000086892 _____ C:\Users\Bob\Downloads\EcoFlow France · Order EFFR-5310.pdf
2022-10-28 10:43 - 2022-10-28 10:43 - 000345866 _____ C:\Users\Bob\Downloads\rf_greenpeace_2af20521-6cbb-435c-a178-4b79e67e5dba.pdf
2022-10-27 13:03 - 2022-11-07 08:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-27 10:40 - 2022-10-27 10:40 - 000490715 _____ C:\Users\Bob\Downloads\ticketdirect-1.pdf
2022-10-24 15:24 - 2022-10-24 15:24 - 001085452 _____ C:\Users\Bob\Downloads\1ère CV Réunion de présentation de rentrée 21 10 22.pdf
2022-10-24 15:24 - 2022-10-24 15:24 - 000463806 _____ C:\Users\Bob\Downloads\MEMENTO 2022 2023 annexe 1ère CV 21 10 22.pptx

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-11-17 16:43 - 2021-12-21 10:49 - 000000000 ____D C:\FRST
2022-11-17 16:43 - 2016-11-18 19:22 - 000000000 ____D C:\Users\Bob\AppData\LocalLow\Mozilla
2022-11-17 16:38 - 2021-12-21 10:45 - 000607321 _____ C:\Users\Bob\Desktop\ZHPDiag.html
2022-11-17 16:38 - 2015-12-01 21:43 - 000000000 ____D C:\Users\Bob\AppData\Roaming\ZHP
2022-11-17 16:29 - 2021-12-21 10:39 - 000000902 _____ C:\Users\Bob\Desktop\ZHPSuite.lnk
2022-11-17 16:28 - 2022-06-30 06:52 - 003503832 _____ C:\WINDOWS\system32\rtp.db
2022-11-17 16:28 - 2022-06-30 06:51 - 000224848 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-11-17 16:28 - 2022-06-30 06:51 - 000219040 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-11-17 16:28 - 2020-09-22 20:19 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-17 16:28 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-11-17 16:28 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-11-17 16:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-17 16:27 - 2015-11-09 11:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-17 12:52 - 2019-02-13 18:37 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-17 12:50 - 2020-09-22 20:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-17 12:50 - 2020-09-22 20:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-17 12:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-17 12:50 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-17 12:50 - 2017-09-20 16:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-11-17 12:50 - 2017-06-16 08:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-17 12:50 - 2017-06-16 08:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-17 12:50 - 2015-11-07 18:06 - 000000000 __SHD C:\Users\Bob\IntelGraphicsProfiles
2022-11-17 12:48 - 2017-07-01 11:09 - 000000000 ____D C:\Program Files\Google
2022-11-17 12:45 - 2020-06-11 15:05 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2022-11-17 12:45 - 2016-01-21 19:35 - 000000000 ____D C:\ProgramData\Skype
2022-11-17 12:45 - 2015-12-01 12:54 - 000000000 ____D C:\Users\Bob\AppData\Local\TomTom
2022-11-17 12:13 - 2020-09-22 20:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-17 09:41 - 2016-02-05 11:04 - 000000000 ____D C:\Users\Bob\AppData\Local\CrashDumps
2022-11-17 09:19 - 2016-09-28 09:57 - 000803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-11-17 09:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-17 09:08 - 2018-05-15 20:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-17 09:06 - 2022-09-19 19:15 - 002375168 _____ (Farbar) C:\Users\Bob\Desktop\FRST64.exe
2022-11-17 08:55 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-11-17 08:24 - 2020-10-11 11:21 - 000000000 ____D C:\Users\Bob\AppData\LocalLow\IGDump
2022-11-16 21:08 - 2017-03-18 08:37 - 000000000 ____D C:\Users\Bob\AppData\Local\Battle.net
2022-11-16 20:17 - 2021-05-15 18:50 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2022-11-16 19:18 - 2017-03-18 08:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-11-16 17:29 - 2021-05-12 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-11-16 17:29 - 2020-09-22 20:30 - 000003476 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-11-15 22:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-15 20:46 - 2015-11-09 11:13 - 000000000 ____D C:\Users\Bob\AppData\Roaming\vlc
2022-11-15 20:11 - 2020-09-22 20:17 - 000456104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-15 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-15 17:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-15 17:39 - 2020-09-22 20:19 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-15 17:29 - 2015-11-10 18:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-15 17:25 - 2022-05-16 18:10 - 000000000 ____D C:\Users\Bob\AppData\Local\IE Tab
2022-11-15 17:23 - 2022-01-16 11:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2587681252-4027145687-642264405-1001
2022-11-15 17:23 - 2020-09-22 20:30 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2587681252-4027145687-642264405-1001
2022-11-15 17:23 - 2020-09-22 20:17 - 000002450 _____ C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-15 17:23 - 2020-06-17 06:32 - 000002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-15 17:22 - 2015-11-12 10:18 - 000000000 ____D C:\Users\Bob\AppData\Local\ElevatedDiagnostics
2022-11-15 17:21 - 2015-11-10 18:49 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 19:44 - 2017-06-16 08:10 - 000000362 _____ C:\WINDOWS\BRRBCOM.INI
2022-11-07 20:55 - 2020-09-22 20:17 - 000000000 ____D C:\Users\Bob
2022-11-07 18:35 - 2020-09-22 20:30 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-07 18:35 - 2020-09-22 20:30 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-07 08:47 - 2018-01-04 10:49 - 000000000 ____D C:\Program Files\Opera
2022-11-07 08:47 - 2015-11-07 18:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 07:59 - 2022-09-28 09:42 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-05 08:21 - 2021-09-23 18:18 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-05 08:21 - 2021-09-23 18:18 - 000001936 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-05 08:21 - 2021-09-23 18:18 - 000001936 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-05 08:21 - 2021-09-23 18:18 - 000001924 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-05 08:14 - 2020-09-22 20:30 - 000003972 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1515061415
2022-11-05 08:14 - 2018-01-04 11:23 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-10-30 12:14 - 2015-11-07 18:02 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-30 11:28 - 2020-09-03 08:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-29 14:10 - 2015-11-13 07:56 - 000000000 ____D C:\Users\Bob\Documents\AVerTV
2022-10-26 10:13 - 2017-10-02 09:43 - 000000000 ____D C:\Users\Bob\AppData\Local\Greenshot
2022-10-24 17:42 - 2022-10-14 08:38 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-10-24 17:42 - 2022-10-14 08:38 - 000002161 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-24 15:19 - 2020-09-22 20:30 - 000004158 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582838428

==================== Fichiers à la racine de certains dossiers ========

2018-06-17 12:00 - 2018-06-17 16:30 - 000000600 _____ () C:\Users\Bob\AppData\Local\PUTTY.RND
2015-12-11 10:23 - 2015-12-11 10:23 - 000000017 _____ () C:\Users\Bob\AppData\Local\resmon.resmoncfg
2015-11-07 19:17 - 2015-11-07 19:26 - 000016757 _____ () C:\Users\Bob\AppData\Local\WiDiSetupLog.20151107.191730.wdl

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================