Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Exécuté par Thierry (administrateur) sur DESKTOP-MTKA5M4 (ASUSTeK COMPUTER INC. TP300LD) (23-08-2022 02:08:51)
Exécuté depuis C:\Users\Thierry\Desktop
Profils chargés: Thierry
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1586 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\CR_883A9.tmp\setup.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\E5D26B9E-D892-4F17-8E7D-1DA2E4FEA72C\MpSigStub.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837232 2014-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT CORPORATION -> IVT Corporation)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [bt] => C:\Users\Thierry\AppData\Roaming\BitTorrent\BitTorrent.exe [2106408 2022-03-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371856 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\MountPoints2: {d8a0c562-91a3-11eb-89ba-c6bd2a310726} - "D:\SISetup.exe"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-05-12] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-05] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {15AECEC6-36D1-464E-9DEA-906927F2179F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17932707-C1DF-44EF-BABD-DA2552F409FB} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {39346560-2DBF-49D7-A821-5FC594D02A32} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {421736DB-D916-4368-BD37-AEA133EE4804} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6B0CB1FD-78FE-43C8-94C3-A1585BC7ECA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D4CCC44-54D1-4FDD-8AA4-370100F57630} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [140088 2019-04-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {7F438022-55AD-4493-B16A-259D3EBA3B48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {997FB40C-9630-41A8-A9F5-28ABE5C11E0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0C91A25-C5CB-4033-B0F7-7A1F7751963A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {B4A156AA-37F5-4810-AE49-B368163A046F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C403A308-C4FD-46DF-809B-244BC5F8AAF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C60EDF1C-EDAD-42F2-9FF1-14F81950B897} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2015-06-30] (ASUSTeK Computer Inc. -> AsusTek)
Task: {E8E3C7DB-6E6B-4402-8924-B7E169193B3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1054B30-E7BA-4692-A62B-D21D85B0A54C} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {F2682B46-9E95-408B-B563-A70171940B82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{7149ca1f-5092-4525-a249-56fd84157758}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{b345be30-caea-41ba-9911-da6284bea7b8}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Thierry\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default [2022-08-23]
CHR Notifications: Default -> hxxps://mail.yahoo.com; hxxps://www.20minutes.fr
CHR StartupUrls: Default -> "","hxxp://www.google.fr/","hxxp://www.google.com/","hxxps://www.google.com/","hxxp://www.mondial-automobile.com/visiteurs/","hxxps://www.duckduckgo.com"
CHR Extension: (Safe Torrent Scanner) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-22]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-23]
CHR Extension: (WhatFont) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-02-24]
CHR Extension: (Cisco Webex Extension) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-08-23]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-23]
CHR Extension: (Pocket) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2021-02-24]
CHR Extension: (Extension Abonnement RSS (par Google)) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2021-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT CORPORATION -> IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT CORPORATION -> IVT Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69328 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUSTeK Computer Inc. -> ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Mediatek Inc. -> Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Mediatek Inc. -> Ralink Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 INVN_MotionApps; C:\Windows\System32\drivers\WUDFRd.sys [315392 2022-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [494384 2013-06-07] (Mediatek Inc. -> Ralink Technology Corp.)
R3 MpKsl93d84305; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C9AC16A-F31E-4BB8-BD55-98D3508F0FB1}\MpKslDrv.sys [137464 2022-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-23 02:08 - 2022-08-23 02:13 - 000021541 _____ C:\Users\Thierry\Desktop\FRST.txt
2022-08-23 01:58 - 2022-08-23 02:11 - 000000000 ____D C:\FRST
2022-08-23 01:52 - 2022-08-23 01:52 - 000000873 _____ C:\Users\Thierry\Desktop\JRT.txt
2022-08-23 01:38 - 2022-08-23 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-08-23 01:37 - 2022-08-23 01:39 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-08-23 01:30 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Desktop\JRT.exe
2022-08-23 01:23 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Downloads\JRT.exe
2022-08-23 01:22 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Desktop\FRST64 (1).exe
2022-08-23 01:12 - 2022-08-23 01:17 - 000000000 ____D C:\AdwCleaner
2022-08-23 01:11 - 2022-08-23 01:16 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\CyberGhost
2022-08-23 01:10 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Desktop\AdwCleaner.exe
2022-08-23 01:06 - 2022-08-23 01:09 - 000000000 ____D C:\Program Files\TAP-Windows
2022-08-23 01:03 - 2022-08-23 01:03 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\Mozilla
2022-08-23 01:01 - 2022-08-23 01:11 - 000000000 ____D C:\Users\Thierry\AppData\Local\CyberGhost
2022-08-23 01:01 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Downloads\FRST64 (1).exe
2022-08-23 01:01 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Downloads\AdwCleaner.exe
2022-08-23 01:00 - 2022-08-23 01:00 - 000001067 _____ C:\Users\Thierry\Desktop\CyberGhost 8.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000916 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000868 _____ C:\Users\Thierry\Desktop\Start Tor Browser.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2022-08-23 00:59 - 2022-08-23 01:02 - 000000000 ____D C:\Program Files\CyberGhost 8
2022-08-23 00:49 - 2022-08-23 00:51 - 000000000 ____D C:\Users\Thierry\Desktop\Tor Browser
2022-08-23 00:42 - 2022-08-23 00:43 - 000122104 _____ (CyberGhost S.R.L.) C:\Users\Thierry\Downloads\cgsetup_fr_.exe
2022-08-23 00:33 - 2022-08-23 00:46 - 103559184 _____ C:\Users\Thierry\Downloads\torbrowser-install-win64-11.5.1_fr.exe
2022-08-22 23:37 - 2022-08-22 23:37 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-23 02:08 - 2021-02-24 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-23 02:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-23 02:00 - 2021-02-24 22:23 - 000000000 ____D C:\Program Files\Google
2022-08-23 01:58 - 2021-04-12 11:16 - 000000000 ____D C:\Program Files (x86)\Wondershare
2022-08-23 01:57 - 2021-04-12 11:16 - 000000000 ____D C:\Users\Thierry\.android
2022-08-23 01:41 - 2021-02-24 02:04 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-23 01:21 - 2021-05-07 23:39 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-23 01:09 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-08-23 00:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-23 00:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-23 00:16 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
2022-08-23 00:16 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-08-23 00:15 - 2020-11-19 00:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 00:15 - 2020-11-19 00:31 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-22 23:55 - 2021-02-24 00:47 - 000000000 ____D C:\Windows\system32\MRT
2022-08-22 23:34 - 2021-02-24 00:47 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-22 23:24 - 2021-10-13 22:25 - 000004180 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BD14C0D3-AE0E-45B0-87E4-27A76D6CA46D}
2022-08-22 23:14 - 2022-03-16 11:13 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3964324572-413007010-4171602057-1001
2022-08-22 23:14 - 2022-03-16 11:09 - 000002423 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-22 23:14 - 2022-01-21 10:47 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3964324572-413007010-4171602057-1001
2022-08-22 23:12 - 2022-04-09 16:43 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\BitTorrent
2022-08-22 23:12 - 2021-10-07 18:33 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\BitTorrent
2022-08-22 23:11 - 2021-10-07 18:37 - 000000000 ____D C:\Users\Thierry\AppData\Local\BitTorrentHelper
2022-08-22 23:08 - 2020-11-19 00:31 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-22 23:08 - 2020-11-19 00:31 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Thierry (administrateur) sur DESKTOP-MTKA5M4 (ASUSTeK COMPUTER INC. TP300LD) (23-08-2022 02:08:51)
Exécuté depuis C:\Users\Thierry\Desktop
Profils chargés: Thierry
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1586 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\CR_883A9.tmp\setup.exe <2>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\E5D26B9E-D892-4F17-8E7D-1DA2E4FEA72C\MpSigStub.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837232 2014-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT CORPORATION -> IVT Corporation)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [bt] => C:\Users\Thierry\AppData\Roaming\BitTorrent\BitTorrent.exe [2106408 2022-03-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371856 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\MountPoints2: {d8a0c562-91a3-11eb-89ba-c6bd2a310726} - "D:\SISetup.exe"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-05-12] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-05] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {15AECEC6-36D1-464E-9DEA-906927F2179F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17932707-C1DF-44EF-BABD-DA2552F409FB} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {39346560-2DBF-49D7-A821-5FC594D02A32} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {421736DB-D916-4368-BD37-AEA133EE4804} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {6B0CB1FD-78FE-43C8-94C3-A1585BC7ECA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D4CCC44-54D1-4FDD-8AA4-370100F57630} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [140088 2019-04-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {7F438022-55AD-4493-B16A-259D3EBA3B48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {997FB40C-9630-41A8-A9F5-28ABE5C11E0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0C91A25-C5CB-4033-B0F7-7A1F7751963A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {B4A156AA-37F5-4810-AE49-B368163A046F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C403A308-C4FD-46DF-809B-244BC5F8AAF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C60EDF1C-EDAD-42F2-9FF1-14F81950B897} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2015-06-30] (ASUSTeK Computer Inc. -> AsusTek)
Task: {E8E3C7DB-6E6B-4402-8924-B7E169193B3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1054B30-E7BA-4692-A62B-D21D85B0A54C} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {F2682B46-9E95-408B-B563-A70171940B82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{7149ca1f-5092-4525-a249-56fd84157758}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{b345be30-caea-41ba-9911-da6284bea7b8}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Thierry\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28]
FireFox:
========
FF HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default [2022-08-23]
CHR Notifications: Default -> hxxps://mail.yahoo.com; hxxps://www.20minutes.fr
CHR StartupUrls: Default -> "","hxxp://www.google.fr/","hxxp://www.google.com/","hxxps://www.google.com/","hxxp://www.mondial-automobile.com/visiteurs/","hxxps://www.duckduckgo.com"
CHR Extension: (Safe Torrent Scanner) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-22]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-23]
CHR Extension: (WhatFont) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-02-24]
CHR Extension: (Cisco Webex Extension) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-08-23]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-23]
CHR Extension: (Pocket) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2021-02-24]
CHR Extension: (Extension Abonnement RSS (par Google)) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2021-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT CORPORATION -> IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT CORPORATION -> IVT Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69328 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUSTeK Computer Inc. -> ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Mediatek Inc. -> Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Mediatek Inc. -> Ralink Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 INVN_MotionApps; C:\Windows\System32\drivers\WUDFRd.sys [315392 2022-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [494384 2013-06-07] (Mediatek Inc. -> Ralink Technology Corp.)
R3 MpKsl93d84305; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C9AC16A-F31E-4BB8-BD55-98D3508F0FB1}\MpKslDrv.sys [137464 2022-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-23 02:08 - 2022-08-23 02:13 - 000021541 _____ C:\Users\Thierry\Desktop\FRST.txt
2022-08-23 01:58 - 2022-08-23 02:11 - 000000000 ____D C:\FRST
2022-08-23 01:52 - 2022-08-23 01:52 - 000000873 _____ C:\Users\Thierry\Desktop\JRT.txt
2022-08-23 01:38 - 2022-08-23 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-08-23 01:37 - 2022-08-23 01:39 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-08-23 01:30 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Desktop\JRT.exe
2022-08-23 01:23 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Downloads\JRT.exe
2022-08-23 01:22 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Desktop\FRST64 (1).exe
2022-08-23 01:12 - 2022-08-23 01:17 - 000000000 ____D C:\AdwCleaner
2022-08-23 01:11 - 2022-08-23 01:16 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\CyberGhost
2022-08-23 01:10 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Desktop\AdwCleaner.exe
2022-08-23 01:06 - 2022-08-23 01:09 - 000000000 ____D C:\Program Files\TAP-Windows
2022-08-23 01:03 - 2022-08-23 01:03 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\Mozilla
2022-08-23 01:01 - 2022-08-23 01:11 - 000000000 ____D C:\Users\Thierry\AppData\Local\CyberGhost
2022-08-23 01:01 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Downloads\FRST64 (1).exe
2022-08-23 01:01 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Downloads\AdwCleaner.exe
2022-08-23 01:00 - 2022-08-23 01:00 - 000001067 _____ C:\Users\Thierry\Desktop\CyberGhost 8.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000916 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000868 _____ C:\Users\Thierry\Desktop\Start Tor Browser.lnk
2022-08-23 01:00 - 2022-08-23 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2022-08-23 00:59 - 2022-08-23 01:02 - 000000000 ____D C:\Program Files\CyberGhost 8
2022-08-23 00:49 - 2022-08-23 00:51 - 000000000 ____D C:\Users\Thierry\Desktop\Tor Browser
2022-08-23 00:42 - 2022-08-23 00:43 - 000122104 _____ (CyberGhost S.R.L.) C:\Users\Thierry\Downloads\cgsetup_fr_.exe
2022-08-23 00:33 - 2022-08-23 00:46 - 103559184 _____ C:\Users\Thierry\Downloads\torbrowser-install-win64-11.5.1_fr.exe
2022-08-22 23:37 - 2022-08-22 23:37 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-23 02:08 - 2021-02-24 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-23 02:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-23 02:00 - 2021-02-24 22:23 - 000000000 ____D C:\Program Files\Google
2022-08-23 01:58 - 2021-04-12 11:16 - 000000000 ____D C:\Program Files (x86)\Wondershare
2022-08-23 01:57 - 2021-04-12 11:16 - 000000000 ____D C:\Users\Thierry\.android
2022-08-23 01:41 - 2021-02-24 02:04 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-23 01:21 - 2021-05-07 23:39 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-23 01:09 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-08-23 00:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-23 00:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-23 00:16 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
2022-08-23 00:16 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-08-23 00:15 - 2020-11-19 00:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 00:15 - 2020-11-19 00:31 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-22 23:55 - 2021-02-24 00:47 - 000000000 ____D C:\Windows\system32\MRT
2022-08-22 23:34 - 2021-02-24 00:47 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-22 23:24 - 2021-10-13 22:25 - 000004180 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BD14C0D3-AE0E-45B0-87E4-27A76D6CA46D}
2022-08-22 23:14 - 2022-03-16 11:13 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3964324572-413007010-4171602057-1001
2022-08-22 23:14 - 2022-03-16 11:09 - 000002423 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-22 23:14 - 2022-01-21 10:47 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3964324572-413007010-4171602057-1001
2022-08-22 23:12 - 2022-04-09 16:43 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\BitTorrent
2022-08-22 23:12 - 2021-10-07 18:33 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\BitTorrent
2022-08-22 23:11 - 2021-10-07 18:37 - 000000000 ____D C:\Users\Thierry\AppData\Local\BitTorrentHelper
2022-08-22 23:08 - 2020-11-19 00:31 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-22 23:08 - 2020-11-19 00:31 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================