Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par User (administrateur) sur PC-LENOVO-STÉPH (LENOVO ChiefRiver Platform) (29-08-2023 19:32:34)
Exécuté depuis C:\Users\User\Desktop\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Proton Technologies AG -> ) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> dasHost.exe
Impossible d'accéder au processus -> dllhost.exe
Impossible d'accéder au processus -> dwm.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
Impossible d'accéder au processus -> WUDFHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-05-12] (Open-Shell) [Fichier non signé]
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2020-08-12] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [] => [X]
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-08-03] (Proton Technologies AG -> ProtonVPN)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwCP.dll [2012-07-30] (Broadcom Corporation -> Broadcom Corporation.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C47B3952-D67F-4038-86B2-DA7C38A8834C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B520E0C3-2FF7-4888-AA5B-1A636470C2D6} - System32\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {136AF4ED-480D-46A8-B768-C444145B85AB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2571112955-4239876419-1220594018-1001 => "C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe" (Pas de fichier)
Task: {00F5F5FE-4D3B-4260-BBC1-5973E62793F6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {8E46A010-CC59-4100-B7D0-C4B3C857597D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {101F76CF-E02F-4AE8-88FD-1BF7F9443C8F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (Pas de fichier)
Task: {32D3AD1C-BE49-477C-B77B-F912139648DB} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {4ABB74D7-506D-4167-A20E-5ADFD6C9A3F2} - System32\Tasks\Lenovo\LSC\RebootCountTask => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount (Pas de fichier)
Task: {660A8F2D-92BE-423C-978A-F8B46BFD852A} - System32\Tasks\Lenovo\LSC\Time72Task => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate (Pas de fichier)
Task: {8C0EA934-3553-4B9B-B494-1AD839647B55} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563AA83-68F0-4BF8-8539-3A30A1382031} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {23C33F68-C094-4D05-BA25-262C3ADED4B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBABD41C-9640-4882-958D-D8EB3FC4E832} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE5F6402-16FA-4D04-A779-99F695A76263} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [896408 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {A3DF0BD7-5AEC-4F4F-8F2C-778AD6816398} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2021-01-15] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7EB051F8-8EBE-45B9-92D0-23F26503DA6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32196F3C-E890-4AB0-8957-99EAB1FD83A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71CB3E27-974E-4FE9-8B29-C9709D48B54D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BFF868F8-66C7-4B35-A6F3-3005A96E8D6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {76DA94C1-978B-4A68-9AAF-79C949324411} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [687008 2023-08-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DD1707CC-F96D-4236-A9AA-64FEC836A862} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {FB1460CC-8BF0-4947-977C-EE4C001D0B76} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 ] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FED2C404-8325-4430-9A7F-FF2D333CE2B5} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Pas de fichier)
Task: {EDDA08E2-A324-49AE-82C8-B7DBC1AE43CF} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{07e5b248-3456-42d9-b3f1-1681055429eb}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cdd9aa6a-c17f-4a9e-b56f-63ed7ea59cec}: [DhcpNameServer] 192.168.0.254
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-01]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: sdcf5m94.default-1449679278495-1622248414203
FF DefaultProfile: bjcbl64y.default
FF ProfilePath: C:\Users\User\AppData\Roaming\TomTom\HOME\Profiles\2xvvmal5.default [2019-07-16]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-07-16] [] [non signé]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 [2023-08-29]
FF Homepage: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.google.fr/
FF Session Restore: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.gametwist.com; hxxps://odysee.com; hxxps://www.piecesauto.fr; hxxps://twitter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bookmark search plus 2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\bookmarksearchplus2@aafn.org.xpi [2023-05-12]
FF Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\firefox@online-convert.com.xpi [2021-05-29]
FF Extension: (I don't care about cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-08-12]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-06-28]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\uBlock0@raymondhill.net.xpi [2023-07-26]
FF Extension: (Reverse Image Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2023-02-22]
FF Extension: (Tab Suspender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{29780561-0607-49f3-aba9-fb8806d2f22d}.xpi [2021-05-29]
FF Extension: (Privacy Pass) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{48748554-4c01-49e8-94af-79662bf34d50}.xpi [2023-02-16]
FF Extension: (New Tab Homepage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2021-05-29]
FF Extension: (Flash and Video Download) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2021-05-29]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-25]
FF Extension: (Auto Tab Discard) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-12-20]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default [2023-02-03]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF NewTab: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF Session Restore: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> est activé.
FF Extension: (Français (FR) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default\Extensions\langpack-fr@palemoon.org.xpi [2022-06-15] [] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851232 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-07-03] (Mixbyte Inc -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-08-29] (Malwarebytes Inc. -> Malwarebytes)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe [472168 2023-08-03] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.WireGuardService.exe [471656 2023-08-03] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.0\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-29 18:58 - 2023-08-29 19:31 - 000042964 _____ C:\Users\User\Desktop\Addition.txt
2023-08-29 18:43 - 2023-08-29 19:37 - 000025653 _____ C:\Users\User\Desktop\FRST.txt
2023-08-29 18:40 - 2023-08-29 19:35 - 000000000 ____D C:\FRST
2023-08-29 18:32 - 2023-08-29 18:32 - 000386380 _____ C:\Users\User\Desktop\ZHPDiag.html
2023-08-29 18:32 - 2023-08-29 18:32 - 000312737 _____ C:\Users\User\Desktop\ZHPDiag.txt
2023-08-29 16:59 - 2023-08-29 16:59 - 002382336 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 000000000 ____D C:\Users\User\AppData\Local\ZHP
2023-08-29 15:01 - 2023-08-29 15:02 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-08-29 15:00 - 2023-08-29 15:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-17 14:37 - 2023-08-18 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-09 15:24 - 2023-08-09 15:24 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-29 19:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-29 19:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-29 18:32 - 2018-05-01 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\ZHP
2023-08-29 17:06 - 2018-06-20 01:47 - 000000000 ____D C:\Users\User\Documents\Désinfection
2023-08-29 16:34 - 2021-06-05 00:47 - 000000000 ____D C:\Users\User\AppData\Local\OpenShell
2023-08-29 15:00 - 2023-02-05 19:13 - 000222272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2023-08-29 15:00 - 2023-02-05 19:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-29 14:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-29 14:54 - 2017-10-22 17:01 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-29 14:20 - 2022-02-10 11:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-29 14:14 - 2020-08-12 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-29 14:14 - 2020-08-12 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-29 14:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-29 03:54 - 2020-08-12 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 21:23 - 2021-12-13 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:09 - 000002475 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-27 02:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 02:46 - 2020-06-22 02:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-27 02:46 - 2020-06-22 02:40 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-18 15:14 - 2015-10-23 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-18 10:36 - 2015-10-23 16:34 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000992 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-08-13 13:56 - 2017-02-04 04:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-11 12:43 - 2020-08-12 23:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-11 12:43 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-11 12:43 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-11 12:35 - 2021-06-10 04:46 - 000466872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-10 17:34 - 2018-05-29 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-09 18:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 18:08 - 2020-08-12 23:10 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 01:30 - 2015-10-24 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 01:17 - 2015-10-24 04:06 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2015-10-19 11:31 - 2015-10-19 11:36 - 000000070 _____ () C:\Program Files\smaple.txt
2019-10-02 17:17 - 2020-12-29 08:55 - 000002210 _____ () C:\Users\User\AppData\Roaming\downloads.json
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par User (administrateur) sur PC-LENOVO-STÉPH (LENOVO ChiefRiver Platform) (29-08-2023 19:32:34)
Exécuté depuis C:\Users\User\Desktop\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Open-Shell) [Fichier non signé] C:\Program Files\Open-Shell\StartMenu.exe
(Proton Technologies AG -> ) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> dasHost.exe
Impossible d'accéder au processus -> dllhost.exe
Impossible d'accéder au processus -> dwm.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> WmiPrvSE.exe
Impossible d'accéder au processus -> WUDFHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-05-12] (Open-Shell) [Fichier non signé]
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2020-08-12] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [] => [X]
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-08-03] (Proton Technologies AG -> ProtonVPN)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwCP.dll [2012-07-30] (Broadcom Corporation -> Broadcom Corporation.)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C47B3952-D67F-4038-86B2-DA7C38A8834C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B520E0C3-2FF7-4888-AA5B-1A636470C2D6} - System32\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {136AF4ED-480D-46A8-B768-C444145B85AB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2571112955-4239876419-1220594018-1001 => "C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe" (Pas de fichier)
Task: {00F5F5FE-4D3B-4260-BBC1-5973E62793F6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {8E46A010-CC59-4100-B7D0-C4B3C857597D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {101F76CF-E02F-4AE8-88FD-1BF7F9443C8F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (Pas de fichier)
Task: {32D3AD1C-BE49-477C-B77B-F912139648DB} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {4ABB74D7-506D-4167-A20E-5ADFD6C9A3F2} - System32\Tasks\Lenovo\LSC\RebootCountTask => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount (Pas de fichier)
Task: {660A8F2D-92BE-423C-978A-F8B46BFD852A} - System32\Tasks\Lenovo\LSC\Time72Task => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate (Pas de fichier)
Task: {8C0EA934-3553-4B9B-B494-1AD839647B55} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563AA83-68F0-4BF8-8539-3A30A1382031} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {23C33F68-C094-4D05-BA25-262C3ADED4B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBABD41C-9640-4882-958D-D8EB3FC4E832} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE5F6402-16FA-4D04-A779-99F695A76263} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [896408 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {A3DF0BD7-5AEC-4F4F-8F2C-778AD6816398} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2021-01-15] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7EB051F8-8EBE-45B9-92D0-23F26503DA6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32196F3C-E890-4AB0-8957-99EAB1FD83A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71CB3E27-974E-4FE9-8B29-C9709D48B54D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BFF868F8-66C7-4B35-A6F3-3005A96E8D6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {76DA94C1-978B-4A68-9AAF-79C949324411} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [687008 2023-08-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DD1707CC-F96D-4236-A9AA-64FEC836A862} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {FB1460CC-8BF0-4947-977C-EE4C001D0B76} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 ] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FED2C404-8325-4430-9A7F-FF2D333CE2B5} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Pas de fichier)
Task: {EDDA08E2-A324-49AE-82C8-B7DBC1AE43CF} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{07e5b248-3456-42d9-b3f1-1681055429eb}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cdd9aa6a-c17f-4a9e-b56f-63ed7ea59cec}: [DhcpNameServer] 192.168.0.254
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-01]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: sdcf5m94.default-1449679278495-1622248414203
FF DefaultProfile: bjcbl64y.default
FF ProfilePath: C:\Users\User\AppData\Roaming\TomTom\HOME\Profiles\2xvvmal5.default [2019-07-16]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-07-16] [] [non signé]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 [2023-08-29]
FF Homepage: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.google.fr/
FF Session Restore: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.gametwist.com; hxxps://odysee.com; hxxps://www.piecesauto.fr; hxxps://twitter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bookmark search plus 2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\bookmarksearchplus2@aafn.org.xpi [2023-05-12]
FF Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\firefox@online-convert.com.xpi [2021-05-29]
FF Extension: (I don't care about cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-08-12]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-06-28]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\uBlock0@raymondhill.net.xpi [2023-07-26]
FF Extension: (Reverse Image Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2023-02-22]
FF Extension: (Tab Suspender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{29780561-0607-49f3-aba9-fb8806d2f22d}.xpi [2021-05-29]
FF Extension: (Privacy Pass) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{48748554-4c01-49e8-94af-79662bf34d50}.xpi [2023-02-16]
FF Extension: (New Tab Homepage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2021-05-29]
FF Extension: (Flash and Video Download) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2021-05-29]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-25]
FF Extension: (Auto Tab Discard) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-12-20]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default [2023-02-03]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF NewTab: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF Session Restore: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> est activé.
FF Extension: (Français (FR) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default\Extensions\langpack-fr@palemoon.org.xpi [2022-06-15] [] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851232 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-07-03] (Mixbyte Inc -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-08-29] (Malwarebytes Inc. -> Malwarebytes)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe [472168 2023-08-03] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.WireGuardService.exe [471656 2023-08-03] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.0\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-29 18:58 - 2023-08-29 19:31 - 000042964 _____ C:\Users\User\Desktop\Addition.txt
2023-08-29 18:43 - 2023-08-29 19:37 - 000025653 _____ C:\Users\User\Desktop\FRST.txt
2023-08-29 18:40 - 2023-08-29 19:35 - 000000000 ____D C:\FRST
2023-08-29 18:32 - 2023-08-29 18:32 - 000386380 _____ C:\Users\User\Desktop\ZHPDiag.html
2023-08-29 18:32 - 2023-08-29 18:32 - 000312737 _____ C:\Users\User\Desktop\ZHPDiag.txt
2023-08-29 16:59 - 2023-08-29 16:59 - 002382336 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 000000000 ____D C:\Users\User\AppData\Local\ZHP
2023-08-29 15:01 - 2023-08-29 15:02 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-08-29 15:00 - 2023-08-29 15:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-17 14:37 - 2023-08-18 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-09 15:24 - 2023-08-09 15:24 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-29 19:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-29 19:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-29 18:32 - 2018-05-01 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\ZHP
2023-08-29 17:06 - 2018-06-20 01:47 - 000000000 ____D C:\Users\User\Documents\Désinfection
2023-08-29 16:34 - 2021-06-05 00:47 - 000000000 ____D C:\Users\User\AppData\Local\OpenShell
2023-08-29 15:00 - 2023-02-05 19:13 - 000222272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2023-08-29 15:00 - 2023-02-05 19:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-29 14:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-29 14:54 - 2017-10-22 17:01 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-29 14:20 - 2022-02-10 11:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-29 14:14 - 2020-08-12 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-29 14:14 - 2020-08-12 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-29 14:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-29 03:54 - 2020-08-12 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 21:23 - 2021-12-13 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:09 - 000002475 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-27 02:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 02:46 - 2020-06-22 02:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-27 02:46 - 2020-06-22 02:40 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-18 15:14 - 2015-10-23 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-18 10:36 - 2015-10-23 16:34 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000992 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-08-13 13:56 - 2017-02-04 04:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-11 12:43 - 2020-08-12 23:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-11 12:43 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-11 12:43 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-11 12:35 - 2021-06-10 04:46 - 000466872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-10 17:34 - 2018-05-29 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-09 18:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 18:08 - 2020-08-12 23:10 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 01:30 - 2015-10-24 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 01:17 - 2015-10-24 04:06 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2015-10-19 11:31 - 2015-10-19 11:36 - 000000070 _____ () C:\Program Files\smaple.txt
2019-10-02 17:17 - 2020-12-29 08:55 - 000002210 _____ () C:\Users\User\AppData\Roaming\downloads.json
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================