Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Exécuté par David (administrateur) sur DESKTOP-FT5MPPU (Gigabyte Technology Co., Ltd. Z97P-D3) (19-09-2024 21:22:04)
Exécuté depuis C:\Users\David\Desktop\FRST64.exe
Profils chargés: David
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4894 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe ->) (Sophos Ltd -> Osquery Foundation) C:\Program Files\Sophos\Live Query\SophosOsquery.exe
(C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe <2>
(C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNetFilter.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.166.0818.0003\Microsoft.SharePoint.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.9.0\bin\cmw_srv.exe
(services.exe ->) (Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22053.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22053.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sophos UI.exe] => C:\Program Files\Sophos\Sophos UI\Sophos UI.exe [1691504 2024-07-30] (Sophos Ltd -> Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Genshin Impact_launcher_pcseaepic_1_3] => [X]
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45120304 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Steam] => "D:\Steam\steam.exe" -silent (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-09-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Bloom] => C:\Users\David\AppData\Roaming\Bloom\Bloom.exe --Ii7SIeN (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [utweb] => "C:\Users\David\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier) <==== ATTENTION
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\David\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525024 2023-11-13] (Discord Inc. -> GitHub)
HKU\S-1-5-18\...\Run: [KeePassXC] => C:\Program Files\KeePassXC\KeePassXC.exe [5480656 2024-03-09] (DroidMonkey Apps, LLC -> KeePassXC Team)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-15] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {EEC99CFD-61EE-4B19-AF53-E6BB2C9DF73B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {9D3BC3CE-7F80-4987-9939-6AA9C42FE936} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DA92CE2F-5193-4026-801E-72E838E4F982} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5075248 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "70b8e1f7-50f7-4dfd-9c0d-2f3d80a18de1" --version "6.27.11214" --silent
Task: {18E34DB9-9138-494A-A48E-7308A665A45A} - System32\Tasks\CCleanerSkipUAC - David => C:\Program Files\CCleaner\CCleaner.exe [39072560 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {FD8EB4D1-10E2-485A-B6F8-3F974DBCA6DD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{2B2B68DC-B108-4747-BD05-68CE3A3459D9} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {9E771E3C-41D3-40E9-9401-98141CC78464} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C14028B-E5AD-4924-B82D-4F69F355072E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {17938C86-EB5A-464E-A3D6-ACA636C88FFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB1F9A85-FCA0-46B2-8C1C-E89FAA6FC277} - System32\Tasks\Microsoft\Windows\EnterpriseMgmtNonCritical\061D46CE-8F97-40D5-90D9-739BFC91F3D5\Queued Schedule created for queued alerts => C:\WINDOWS\system32\deviceenroller.exe [503808 2024-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {954BC412-E4B3-4B80-8697-8ADD879FEA8A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {320BFF34-32DF-47D1-8E1C-4F9A7B756A44} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {50F06E16-B21C-4D53-BA3C-0A8D9C4ED308} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {F11EAE14-8302-4A49-B340-4EB4FC21F42D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C329CCF5-9797-4A89-BC15-F4BC16F2779F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {694BBBAE-BAAE-4B7A-BD46-B14728221080} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93B65EBE-D520-4C9F-8849-60A772749CD4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65F0B45C-DFAF-4892-A55F-82EE6E9DDD28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6559B01-4B66-46BA-BDFD-2F5FE12023C9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA22DC07-AA47-4EDD-9956-ACA878DE9586} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {36B7CCFB-65C2-44FD-8555-480830B239B5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-201965744-369715036-2321557594-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f783deb9-7d2c-453b-9a45-387dddf48d1e}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-19]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2024-09-08]
Edge Extension: (Google Docs hors connexion) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-01]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]
Edge Extension: (Avast SafePrice) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2024-09-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 11
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-16]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 11 [2024-09-19]
CHR Notifications: Profile 11 -> hxxps://inroadslab.com; hxxps://www.lemonde.fr; hxxps://www.netflix.com
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-12]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12 [2024-09-16]
CHR Extension: (Torrent Scanner) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-11]
CHR Extension: (Avast SafePrice) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-06-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-15]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-06-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-07-15]
CHR Extension: (Web Safety) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2023-09-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-14]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-19]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
Opera:
=======
OPR Profile: C:\Users\David\AppData\Roaming\Opera Software\Opera Stable [2022-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-14]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1086256 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-07-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-08-24] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [5561024 2020-09-06] (Int3 Software AB -> Int3 Software AB)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\FileSyncHelper.exe [3523112 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [7430504 2024-05-23] (Sophos Ltd -> Sophos Limited)
R2 hshld_12.9.0; C:\Program Files (x86)\Hotspot Shield\12.9.0\bin\cmw_srv.exe [259088 2024-05-07] (Pango LLC -> Pango Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-09-17] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-09-16] (Malwarebytes Inc. -> Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11476792 2023-02-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\OneDriveUpdaterService.exe [3863984 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-08-03] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-10-25] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe [13792112 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [3863680 2024-07-30] (Sophos Limited -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1318768 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [2716008 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Live Query; C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe [3526512 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [3151720 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [2782056 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [18171760 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22442808 2024-09-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
S2 hshld_12.7.5; "C:\Program Files (x86)\Hotspot Shield\12.7.5\bin\cmw_srv.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1869904 2023-05-10] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2513192 2022-12-03] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S3 EQU8_HELPER_13; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_13.sys [38080 2020-09-06] (Int3 Software AB -> )
S4 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [325920 2020-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [37280 2017-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [841264 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-12] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-17] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 optousb; C:\WINDOWS\system32\DRIVERS\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R3 optovcm; C:\WINDOWS\system32\DRIVERS\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [42856 2017-06-29] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
R1 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [817712 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S0 Sophos ELAM; C:\WINDOWS\System32\DRIVERS\SophosEL.sys [30712 2024-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\WINDOWS\System32\DRIVERS\SophosED.sys [2674344 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2021-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-07-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]
U4 MrxSmb10; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-19 21:22 - 2024-09-19 21:22 - 000031966 ____C C:\Users\David\Desktop\FRST.txt
2024-09-19 18:44 - 2024-09-19 21:22 - 000000000 ____D C:\FRST
2024-09-19 18:43 - 2024-09-19 18:42 - 002397696 ____C (Farbar) C:\Users\David\Desktop\FRST64.exe
2024-09-19 18:42 - 2024-09-19 18:42 - 002397696 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2024-09-19 18:29 - 2024-09-19 18:36 - 000000000 ____D C:\Users\David\AppData\Roaming\ZHP
2024-09-19 18:29 - 2024-09-19 18:29 - 000000865 ____C C:\Users\David\Desktop\ZHPSuite.lnk
2024-09-19 18:29 - 2024-09-19 18:29 - 000000000 ____D C:\Users\David\AppData\Local\ZHP
2024-09-19 18:28 - 2024-09-19 18:28 - 003539144 ____C (Nicolas Coolman) C:\Users\David\Desktop\ZHPSuite.exe
2024-09-19 18:28 - 2024-09-19 18:28 - 003539144 _____ (Nicolas Coolman) C:\Users\David\Downloads\ZHPSuite.exe
2024-09-19 18:27 - 2024-09-19 18:27 - 363871256 _____ (Paessler AG (www.paessler.com) ) C:\Users\David\Downloads\prtg_installer_with_trial_key_000014-XAGKFM-8FFN6R-W4A6CC-RM61HF-T107UK-F7CZJ2-90QXQP-N3DGX1-T04KKH.exe
2024-09-17 18:55 - 2024-09-17 18:55 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-09-17 18:55 - 2024-09-17 18:55 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-09-17 18:55 - 2024-09-17 18:55 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-09-17 18:55 - 2024-09-17 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-09-17 18:55 - 2024-09-17 18:55 - 000000000 ____D C:\Program Files\LGHUB
2024-09-16 20:09 - 2024-09-16 20:10 - 000166581 _____ C:\Users\David\Downloads\230417_FicheReflexe_PiratageCompte.pdf
2024-09-16 11:52 - 2024-09-16 12:12 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2024-09-15 20:54 - 2024-09-19 18:26 - 000000000 ____D C:\Program Files\TeamViewer
2024-09-15 20:54 - 2024-09-15 20:54 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2024-09-15 20:54 - 2024-09-15 20:54 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2024-09-15 20:53 - 2024-09-15 20:53 - 070029144 _____ (TeamViewer Germany GmbH) C:\Users\David\Downloads\TeamViewer_Setup_x64.exe
2024-09-15 14:56 - 2024-09-15 14:56 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-19 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-19 20:16 - 2021-12-22 23:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-09-19 18:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-09-19 18:35 - 2021-12-22 23:46 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-19 18:35 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2024-09-19 18:35 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2024-09-19 18:35 - 2017-11-21 11:44 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-19 18:26 - 2022-04-06 19:24 - 000000000 ____D C:\Users\David\AppData\Local\LGHUB
2024-09-19 18:26 - 2021-12-22 23:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-19 18:26 - 2020-11-02 18:07 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-19 18:26 - 2020-05-05 23:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-09-19 18:26 - 2017-11-21 11:13 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2024-09-18 22:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-09-18 21:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-18 21:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-09-17 18:55 - 2023-08-26 12:12 - 000000000 ____D C:\Users\David\AppData\Roaming\G HUB
2024-09-16 22:13 - 2023-09-13 19:29 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2024-09-16 11:51 - 2020-10-04 20:11 - 000239568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-09-16 11:44 - 2020-10-04 20:11 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2024-09-16 11:44 - 2020-10-04 20:11 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2024-09-16 11:44 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-09-16 11:33 - 2020-02-09 17:58 - 000000000 ____D C:\Program Files\CCleaner
2024-09-16 01:20 - 2022-09-10 11:19 - 000000000 ____D C:\Users\David\AppData\Roaming\com.adobe.dunamis
2024-09-16 01:20 - 2017-11-21 22:43 - 000000000 ___DC C:\Users\David\AppData\Local\Adobe
2024-09-16 01:20 - 2017-11-21 11:06 - 000000000 ___DC C:\Users\David\AppData\Roaming\Adobe
2024-09-16 01:13 - 2023-09-13 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2024-09-16 01:07 - 2021-12-22 23:34 - 000470808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-16 01:07 - 2021-12-22 23:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-09-16 01:06 - 2019-12-07 16:53 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-09-16 01:06 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-15 23:58 - 2017-11-21 22:15 - 000000000 ___DC C:\Users\David\AppData\Roaming\Microsoft\Word
2024-09-15 23:47 - 2021-12-26 21:51 - 000000000 ____D C:\Users\David\AppData\Local\Deployment
2024-09-15 23:04 - 2018-07-29 18:54 - 000000000 ___DC C:\Users\David\AppData\Local\CrashDumps
2024-09-15 22:23 - 2021-09-20 12:57 - 000000000 ___DC C:\Users\David\Documents\Fichiers Outlook
2024-09-15 22:23 - 2021-09-20 12:57 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Outlook
2024-09-15 20:58 - 2018-12-09 21:51 - 000000000 ___DC C:\Users\David\AppData\Local\D3DSCache
2024-09-15 20:56 - 2018-01-21 01:18 - 000000000 ___DC C:\Users\David\AppData\Local\Packages
2024-09-15 20:54 - 2021-10-03 15:38 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2024-09-15 15:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-15 15:08 - 2021-12-22 23:35 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-15 14:52 - 2017-11-21 21:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-15 14:50 - 2017-11-21 21:59 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-15 14:45 - 2023-01-17 18:55 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-09-15 14:45 - 2021-12-22 23:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-09-15 14:45 - 2021-04-16 01:10 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-15 14:44 - 2022-10-11 21:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-15 14:44 - 2022-10-11 21:26 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-09-15 14:38 - 2017-11-21 12:47 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-09-15 14:36 - 2021-06-17 16:44 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-09 22:02 - 2021-12-22 23:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-201965744-369715036-2321557594-1001
2024-09-09 22:02 - 2021-12-22 23:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-09 22:02 - 2020-09-13 21:49 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-08 16:26 - 2021-12-22 23:59 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-08 16:26 - 2021-12-22 23:59 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 00:11 - 2022-09-30 17:53 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-07 09:52 - 2016-07-16 13:47 - 000000167 _____ C:\WINDOWS\win.ini
2024-09-07 09:46 - 2022-09-30 17:53 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-07 09:46 - 2021-12-22 23:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-01 22:31 - 2024-02-16 23:46 - 000284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-09-01 22:31 - 2022-10-27 12:03 - 000124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-09-01 22:31 - 2022-10-27 12:03 - 000075192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-09-01 22:31 - 2022-01-17 17:41 - 002799144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000783912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000210360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000149032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
==================== Fichiers à la racine de certains dossiers ========
2021-05-18 20:12 - 2023-09-11 23:49 - 000000032 _____ () C:\Users\David\AppData\Roaming\.machineId
2017-11-21 22:49 - 2023-01-20 00:45 - 000000033 _____ () C:\Users\David\AppData\Roaming\AdobeWLCMCache.dat
2019-08-19 20:02 - 2019-08-19 20:02 - 000000895 ____C () C:\Users\David\AppData\Roaming\AdobeWLCMR2Cache.dat
2022-08-11 22:50 - 2022-08-11 22:50 - 000001004 _____ () C:\Users\David\AppData\Roaming\tof_launcher.reg
2020-11-22 00:22 - 2020-11-22 00:22 - 000000044 _____ () C:\Users\David\AppData\Roaming\~SiMPLEX.ini
2020-11-08 21:20 - 2020-11-08 21:28 - 000000081 _____ () C:\Users\David\AppData\Local\.bidstack.fault
2021-09-09 19:48 - 2021-09-09 19:48 - 000000017 _____ () C:\Users\David\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par David (administrateur) sur DESKTOP-FT5MPPU (Gigabyte Technology Co., Ltd. Z97P-D3) (19-09-2024 21:22:04)
Exécuté depuis C:\Users\David\Desktop\FRST64.exe
Profils chargés: David
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4894 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe ->) (Sophos Ltd -> Osquery Foundation) C:\Program Files\Sophos\Live Query\SophosOsquery.exe
(C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe <2>
(C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNetFilter.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos UI\Sophos UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.166.0818.0003\Microsoft.SharePoint.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Pango LLC -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\12.9.0\bin\cmw_srv.exe
(services.exe ->) (Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(services.exe ->) (Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22053.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22053.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sophos UI.exe] => C:\Program Files\Sophos\Sophos UI\Sophos UI.exe [1691504 2024-07-30] (Sophos Ltd -> Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Genshin Impact_launcher_pcseaepic_1_3] => [X]
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45120304 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Steam] => "D:\Steam\steam.exe" -silent (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-09-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Bloom] => C:\Users\David\AppData\Roaming\Bloom\Bloom.exe --Ii7SIeN (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [utweb] => "C:\Users\David\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier) <==== ATTENTION
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\David\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-201965744-369715036-2321557594-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525024 2023-11-13] (Discord Inc. -> GitHub)
HKU\S-1-5-18\...\Run: [KeePassXC] => C:\Program Files\KeePassXC\KeePassXC.exe [5480656 2024-03-09] (DroidMonkey Apps, LLC -> KeePassXC Team)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-15] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {EEC99CFD-61EE-4B19-AF53-E6BB2C9DF73B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {9D3BC3CE-7F80-4987-9939-6AA9C42FE936} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DA92CE2F-5193-4026-801E-72E838E4F982} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5075248 2024-08-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "70b8e1f7-50f7-4dfd-9c0d-2f3d80a18de1" --version "6.27.11214" --silent
Task: {18E34DB9-9138-494A-A48E-7308A665A45A} - System32\Tasks\CCleanerSkipUAC - David => C:\Program Files\CCleaner\CCleaner.exe [39072560 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {FD8EB4D1-10E2-485A-B6F8-3F974DBCA6DD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{2B2B68DC-B108-4747-BD05-68CE3A3459D9} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {9E771E3C-41D3-40E9-9401-98141CC78464} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C14028B-E5AD-4924-B82D-4F69F355072E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {17938C86-EB5A-464E-A3D6-ACA636C88FFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB1F9A85-FCA0-46B2-8C1C-E89FAA6FC277} - System32\Tasks\Microsoft\Windows\EnterpriseMgmtNonCritical\061D46CE-8F97-40D5-90D9-739BFC91F3D5\Queued Schedule created for queued alerts => C:\WINDOWS\system32\deviceenroller.exe [503808 2024-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {954BC412-E4B3-4B80-8697-8ADD879FEA8A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {320BFF34-32DF-47D1-8E1C-4F9A7B756A44} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {50F06E16-B21C-4D53-BA3C-0A8D9C4ED308} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {F11EAE14-8302-4A49-B340-4EB4FC21F42D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C329CCF5-9797-4A89-BC15-F4BC16F2779F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {694BBBAE-BAAE-4B7A-BD46-B14728221080} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93B65EBE-D520-4C9F-8849-60A772749CD4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65F0B45C-DFAF-4892-A55F-82EE6E9DDD28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6559B01-4B66-46BA-BDFD-2F5FE12023C9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA22DC07-AA47-4EDD-9956-ACA878DE9586} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {36B7CCFB-65C2-44FD-8555-480830B239B5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-201965744-369715036-2321557594-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2: <==== ATTENTION (Restriction - Zones)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f783deb9-7d2c-453b-9a45-387dddf48d1e}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-19]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2024-09-08]
Edge Extension: (Google Docs hors connexion) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-01]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]
Edge Extension: (Avast SafePrice) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2024-09-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 11
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-16]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 11 [2024-09-19]
CHR Notifications: Profile 11 -> hxxps://inroadslab.com; hxxps://www.lemonde.fr; hxxps://www.netflix.com
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-12]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12 [2024-09-16]
CHR Extension: (Torrent Scanner) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-11]
CHR Extension: (Avast SafePrice) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-06-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-15]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-06-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-07-15]
CHR Extension: (Web Safety) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2023-09-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-14]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-19]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
Opera:
=======
OPR Profile: C:\Users\David\AppData\Roaming\Opera Software\Opera Stable [2022-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\David\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-14]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1086256 2024-08-16] (Gen Digital Inc. -> Piriform Software Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2023-07-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-08-24] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [5561024 2020-09-06] (Int3 Software AB -> Int3 Software AB)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\FileSyncHelper.exe [3523112 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [7430504 2024-05-23] (Sophos Ltd -> Sophos Limited)
R2 hshld_12.9.0; C:\Program Files (x86)\Hotspot Shield\12.9.0\bin\cmw_srv.exe [259088 2024-05-07] (Pango LLC -> Pango Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-09-17] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-09-16] (Malwarebytes Inc. -> Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11476792 2023-02-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\OneDriveUpdaterService.exe [3863984 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-08-03] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2021-10-25] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SophosNtpService.exe [13792112 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [3863680 2024-07-30] (Sophos Limited -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1318768 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [2716008 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Live Query; C:\Program Files\Sophos\Live Query\SophosLiveQueryService.exe [3526512 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [3151720 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [2782056 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [18171760 2024-07-30] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22442808 2024-09-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
S2 hshld_12.7.5; "C:\Program Files (x86)\Hotspot Shield\12.7.5\bin\cmw_srv.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5b6e4554b945d508\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1869904 2023-05-10] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2513192 2022-12-03] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
S3 EQU8_HELPER_13; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_13.sys [38080 2020-09-06] (Int3 Software AB -> )
S4 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [325920 2020-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [37280 2017-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [841264 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-12] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-17] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 optousb; C:\WINDOWS\system32\DRIVERS\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R3 optovcm; C:\WINDOWS\system32\DRIVERS\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [42856 2017-06-29] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
R1 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [817712 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S0 Sophos ELAM; C:\WINDOWS\System32\DRIVERS\SophosEL.sys [30712 2024-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\WINDOWS\System32\DRIVERS\SophosED.sys [2674344 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Sophos Limited)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2021-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-07-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X]
U4 MrxSmb10; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-19 21:22 - 2024-09-19 21:22 - 000031966 ____C C:\Users\David\Desktop\FRST.txt
2024-09-19 18:44 - 2024-09-19 21:22 - 000000000 ____D C:\FRST
2024-09-19 18:43 - 2024-09-19 18:42 - 002397696 ____C (Farbar) C:\Users\David\Desktop\FRST64.exe
2024-09-19 18:42 - 2024-09-19 18:42 - 002397696 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2024-09-19 18:29 - 2024-09-19 18:36 - 000000000 ____D C:\Users\David\AppData\Roaming\ZHP
2024-09-19 18:29 - 2024-09-19 18:29 - 000000865 ____C C:\Users\David\Desktop\ZHPSuite.lnk
2024-09-19 18:29 - 2024-09-19 18:29 - 000000000 ____D C:\Users\David\AppData\Local\ZHP
2024-09-19 18:28 - 2024-09-19 18:28 - 003539144 ____C (Nicolas Coolman) C:\Users\David\Desktop\ZHPSuite.exe
2024-09-19 18:28 - 2024-09-19 18:28 - 003539144 _____ (Nicolas Coolman) C:\Users\David\Downloads\ZHPSuite.exe
2024-09-19 18:27 - 2024-09-19 18:27 - 363871256 _____ (Paessler AG (www.paessler.com) ) C:\Users\David\Downloads\prtg_installer_with_trial_key_000014-XAGKFM-8FFN6R-W4A6CC-RM61HF-T107UK-F7CZJ2-90QXQP-N3DGX1-T04KKH.exe
2024-09-17 18:55 - 2024-09-17 18:55 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-09-17 18:55 - 2024-09-17 18:55 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-09-17 18:55 - 2024-09-17 18:55 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-09-17 18:55 - 2024-09-17 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-09-17 18:55 - 2024-09-17 18:55 - 000000000 ____D C:\Program Files\LGHUB
2024-09-16 20:09 - 2024-09-16 20:10 - 000166581 _____ C:\Users\David\Downloads\230417_FicheReflexe_PiratageCompte.pdf
2024-09-16 11:52 - 2024-09-16 12:12 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2024-09-15 20:54 - 2024-09-19 18:26 - 000000000 ____D C:\Program Files\TeamViewer
2024-09-15 20:54 - 2024-09-15 20:54 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2024-09-15 20:54 - 2024-09-15 20:54 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2024-09-15 20:53 - 2024-09-15 20:53 - 070029144 _____ (TeamViewer Germany GmbH) C:\Users\David\Downloads\TeamViewer_Setup_x64.exe
2024-09-15 14:56 - 2024-09-15 14:56 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-19 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-19 20:16 - 2021-12-22 23:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-09-19 18:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-09-19 18:35 - 2021-12-22 23:46 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-19 18:35 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2024-09-19 18:35 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2024-09-19 18:35 - 2017-11-21 11:44 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-19 18:26 - 2022-04-06 19:24 - 000000000 ____D C:\Users\David\AppData\Local\LGHUB
2024-09-19 18:26 - 2021-12-22 23:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-19 18:26 - 2020-11-02 18:07 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-19 18:26 - 2020-05-05 23:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-09-19 18:26 - 2017-11-21 11:13 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2024-09-18 22:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-09-18 21:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-18 21:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-09-17 18:55 - 2023-08-26 12:12 - 000000000 ____D C:\Users\David\AppData\Roaming\G HUB
2024-09-16 22:13 - 2023-09-13 19:29 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2024-09-16 11:51 - 2020-10-04 20:11 - 000239568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-09-16 11:44 - 2020-10-04 20:11 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2024-09-16 11:44 - 2020-10-04 20:11 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2024-09-16 11:44 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-09-16 11:33 - 2020-02-09 17:58 - 000000000 ____D C:\Program Files\CCleaner
2024-09-16 01:20 - 2022-09-10 11:19 - 000000000 ____D C:\Users\David\AppData\Roaming\com.adobe.dunamis
2024-09-16 01:20 - 2017-11-21 22:43 - 000000000 ___DC C:\Users\David\AppData\Local\Adobe
2024-09-16 01:20 - 2017-11-21 11:06 - 000000000 ___DC C:\Users\David\AppData\Roaming\Adobe
2024-09-16 01:13 - 2023-09-13 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2024-09-16 01:07 - 2021-12-22 23:34 - 000470808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-16 01:07 - 2021-12-22 23:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-09-16 01:06 - 2019-12-07 16:53 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-09-16 01:06 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-09-16 01:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-15 23:58 - 2017-11-21 22:15 - 000000000 ___DC C:\Users\David\AppData\Roaming\Microsoft\Word
2024-09-15 23:47 - 2021-12-26 21:51 - 000000000 ____D C:\Users\David\AppData\Local\Deployment
2024-09-15 23:04 - 2018-07-29 18:54 - 000000000 ___DC C:\Users\David\AppData\Local\CrashDumps
2024-09-15 22:23 - 2021-09-20 12:57 - 000000000 ___DC C:\Users\David\Documents\Fichiers Outlook
2024-09-15 22:23 - 2021-09-20 12:57 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Outlook
2024-09-15 20:58 - 2018-12-09 21:51 - 000000000 ___DC C:\Users\David\AppData\Local\D3DSCache
2024-09-15 20:56 - 2018-01-21 01:18 - 000000000 ___DC C:\Users\David\AppData\Local\Packages
2024-09-15 20:54 - 2021-10-03 15:38 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2024-09-15 15:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-15 15:08 - 2021-12-22 23:35 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-15 14:52 - 2017-11-21 21:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-15 14:50 - 2017-11-21 21:59 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-15 14:45 - 2023-01-17 18:55 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-09-15 14:45 - 2021-12-22 23:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-09-15 14:45 - 2021-04-16 01:10 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-15 14:44 - 2022-10-11 21:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-15 14:44 - 2022-10-11 21:26 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-09-15 14:38 - 2017-11-21 12:47 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-09-15 14:36 - 2021-06-17 16:44 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-09 22:02 - 2021-12-22 23:59 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-201965744-369715036-2321557594-1001
2024-09-09 22:02 - 2021-12-22 23:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-09 22:02 - 2020-09-13 21:49 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-08 16:26 - 2021-12-22 23:59 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-08 16:26 - 2021-12-22 23:59 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 00:11 - 2022-09-30 17:53 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-07 09:52 - 2016-07-16 13:47 - 000000167 _____ C:\WINDOWS\win.ini
2024-09-07 09:46 - 2022-09-30 17:53 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-07 09:46 - 2021-12-22 23:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-01 22:31 - 2024-02-16 23:46 - 000284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-09-01 22:31 - 2022-10-27 12:03 - 000124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-09-01 22:31 - 2022-10-27 12:03 - 000075192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-09-01 22:31 - 2022-01-17 17:41 - 002799144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000783912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000210360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-09-01 22:31 - 2022-01-17 17:41 - 000149032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
==================== Fichiers à la racine de certains dossiers ========
2021-05-18 20:12 - 2023-09-11 23:49 - 000000032 _____ () C:\Users\David\AppData\Roaming\.machineId
2017-11-21 22:49 - 2023-01-20 00:45 - 000000033 _____ () C:\Users\David\AppData\Roaming\AdobeWLCMCache.dat
2019-08-19 20:02 - 2019-08-19 20:02 - 000000895 ____C () C:\Users\David\AppData\Roaming\AdobeWLCMR2Cache.dat
2022-08-11 22:50 - 2022-08-11 22:50 - 000001004 _____ () C:\Users\David\AppData\Roaming\tof_launcher.reg
2020-11-22 00:22 - 2020-11-22 00:22 - 000000044 _____ () C:\Users\David\AppData\Roaming\~SiMPLEX.ini
2020-11-08 21:20 - 2020-11-08 21:28 - 000000081 _____ () C:\Users\David\AppData\Local\.bidstack.fault
2021-09-09 19:48 - 2021-09-09 19:48 - 000000017 _____ () C:\Users\David\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================