Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Exécuté par Family (administrateur) sur DESKTOP-IME0L9A (ASUSTeK COMPUTER INC. X541NA) (03-08-2019 16:24:26)
Exécuté depuis C:\Users\Family\Desktop
Profils chargés: Family (Profils disponibles: Family)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHeciSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Solute GmbH -> Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [99048 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [323632 2018-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1211628697-3636531907-586675083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1211628697-3636531907-586675083-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-15] (Adobe Inc. -> Adobe)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {03D9CAAE-CA99-44C2-A0BC-D7C0D0D0901C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2758096 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {0729E391-C3F7-4909-B892-980ECAC4777F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {257FA7A8-474B-4564-A327-3B42357377FC} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-07-23] (Solute GmbH -> Avira)
Task: {2F2641E2-D2C5-49B5-BB45-945FAC0EAE93} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-07-23] (Solute GmbH -> Avira)
Task: {5A13EBA4-C18C-4E1E-9366-479950BE8012} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-07-23] (Solute GmbH -> Avira)
Task: {73BABFA6-FA13-407A-BE63-E4C7FB3B00AF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5751664 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {A069C8E9-D0DC-4A32-AA45-EFF0EE2DE225} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A6A372C8-AB13-4D6B-AF1A-DACA6CB8DC80} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-09-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AC69DE51-C2D1-4DE7-A95D-DA24199AF456} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4829904 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BDBAAB31-554C-4902-85BB-F0E24617E831} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-09-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EC8B0CE1-93C3-488C-84EC-E18403D9D3BE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [48703784 2018-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {FD935FFA-BEA1-4390-B914-BB4F1B94C0D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-24] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE15721A-E101-4A3B-8802-C9685048B4F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
Task: {FE4D683F-06C1-4C61-8B0E-E8101A0596C7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-15] (Adobe Inc. -> Adobe)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b9a6f1d7-40a3-422a-9c2d-9c0f9d94fc27}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

FireFox:
========
FF DefaultProfile: h1uffop3.default
FF ProfilePath: C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1uffop3.default [2019-08-03]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1uffop3.default\Extensions\firefox@ghostery.com.xpi [2019-05-15]
FF Extension: (uBlock Origin) - C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1uffop3.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208480 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [534768 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484256 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484256 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1765896 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Windows\system32\DRIVERS\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [453408 2019-07-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2980056 2019-04-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [378528 2019-04-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [103840 2019-07-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [1701480 2017-07-07] (Intel Corporation -> Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [99320 2016-10-24] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\Windows\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [78936 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\Windows\System32\drivers\avelam.sys [22336 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199008 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [196328 2019-08-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2019-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [89736 2019-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [45472 2019-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74168 2017-07-07] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69560 2017-07-07] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382392 2017-07-07] (Intel Corporation -> Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUSTeK Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-08-03] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-08-03 16:24 - 2019-08-03 16:29 - 000022275 _____ C:\Users\Family\Desktop\FRST.txt
2019-08-03 16:23 - 2019-08-03 16:23 - 000000572 _____ C:\Users\Family\Downloads\FRST.txt
2019-08-03 16:17 - 2019-08-03 16:23 - 000000000 ____D C:\FRST
2019-08-03 16:09 - 2019-08-03 16:09 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-08-03 16:09 - 2019-08-03 16:09 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-08-03 16:09 - 2019-08-03 16:09 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-08-03 16:09 - 2019-08-03 16:09 - 000000000 ____D C:\Users\Family\AppData\Local\mbamtray
2019-08-03 16:09 - 2019-08-03 16:09 - 000000000 ____D C:\Users\Family\AppData\Local\mbam
2019-08-03 16:08 - 2019-08-03 16:08 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-03 16:08 - 2019-08-03 16:08 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-03 16:08 - 2019-08-03 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-03 16:08 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-08-03 16:08 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-03 16:06 - 2019-08-03 16:07 - 002096128 _____ (Farbar) C:\Users\Family\Desktop\FRST64.exe
2019-08-03 12:55 - 2019-08-03 12:55 - 000001195 _____ C:\Users\Public\Desktop\Avira.lnk
2019-08-03 12:38 - 2019-08-03 16:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-03 12:38 - 2019-08-03 12:38 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-03 12:37 - 2019-08-03 12:38 - 000000000 ____D C:\AdwCleaner
2019-08-03 12:36 - 2019-08-03 12:36 - 007623880 _____ (Malwarebytes) C:\Users\Family\Downloads\adwcleaner_7.4.exe
2019-08-03 12:34 - 2019-08-03 12:34 - 064826264 _____ (Malwarebytes ) C:\Users\Family\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11824.exe
2019-08-03 12:32 - 2019-08-03 12:32 - 000000000 ____D C:\Users\Family\AppData\Local\OneDrive
2019-08-03 12:31 - 2019-08-03 13:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-22 20:43 - 2019-07-22 20:43 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-07-04 23:36 - 2019-07-04 23:36 - 000007602 _____ C:\Users\Family\AppData\Local\Resmon.ResmonCfg
2019-07-04 23:31 - 2019-08-03 12:29 - 000000000 ____D C:\Users\Family\AppData\Local\D3DSCache

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-08-03 16:12 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-03 16:08 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-08-03 16:03 - 2018-12-23 17:09 - 000000000 ____D C:\Users\Family\AppData\LocalLow\Mozilla
2019-08-03 16:00 - 2018-12-23 15:19 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-03 15:40 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-08-03 15:34 - 2018-12-25 16:47 - 000000000 ____D C:\Program Files\rempl
2019-08-03 14:29 - 2018-12-23 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-08-03 14:26 - 2018-12-23 17:37 - 000199008 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2019-08-03 14:26 - 2018-12-23 17:37 - 000196328 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2019-08-03 14:26 - 2018-12-23 17:37 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2019-08-03 14:06 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-03 14:06 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-08-03 13:50 - 2018-12-23 17:31 - 000000000 ____D C:\Program Files (x86)\Avira
2019-08-03 13:35 - 2018-12-23 15:33 - 001677054 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-03 13:35 - 2018-04-12 18:18 - 000756044 _____ C:\Windows\system32\perfh00C.dat
2019-08-03 13:35 - 2018-04-12 18:18 - 000142164 _____ C:\Windows\system32\perfc00C.dat
2019-08-03 13:34 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-08-03 13:33 - 2018-12-23 17:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-03 13:33 - 2018-12-23 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-03 13:27 - 2018-12-23 15:41 - 000000000 __SHD C:\Users\Family\IntelGraphicsProfiles
2019-08-03 13:26 - 2018-12-23 15:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-03 13:25 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-08-03 13:00 - 2018-12-23 15:45 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1211628697-3636531907-586675083-1001
2019-08-03 12:57 - 2018-12-23 15:40 - 000000000 ___RD C:\Users\Family\OneDrive
2019-08-03 12:57 - 2018-12-23 15:35 - 000002404 _____ C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-03 12:55 - 2018-12-23 17:31 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-03 12:53 - 2018-12-23 17:35 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-08-03 12:15 - 2018-12-23 15:35 - 000000000 ____D C:\Users\Family
2019-07-22 21:22 - 2018-12-23 17:48 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-22 21:22 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-04 23:38 - 2018-12-23 17:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-07-04 23:14 - 2018-12-23 17:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Fichiers à la racine de certains dossiers ================

2019-07-04 23:36 - 2019-07-04 23:36 - 000007602 _____ () C:\Users\Family\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ============================