Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Exécuté par waza9 (administrateur) sur LAPTOP-9F6PU627 (Acer Aspire A715-41G) (23-09-2024 19:57:58)
Exécuté depuis C:\Users\waza9\Downloads\FRST64.exe
Profils chargés: waza9
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4894 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\14.1.0.10619\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (INMUSIC BRANDS INC -> Numark) C:\Program Files (x86)\Numark\NS6 II\AudioDevMon.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Software by KeloCube -> ) C:\Program Files\SuperDisplay\MirrorService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\waza9\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1081648 2020-06-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Run: [Discord] => C:\Users\waza9\AppData\Local\Discord\Update.exe [1525016 2023-07-31] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Pas de fichier)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ableton Push Control Panel Autostart.lnk [2023-09-22]
ShortcutTarget: Ableton Push Control Panel Autostart.lnk -> C:\Program Files\Ableton\Push Driver\x64\AbletonPushCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {FE4E6D8F-FC09-463D-AC87-681130B655C5} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {47708DEC-A28F-48E7-A20C-4E438534B9C8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {24866443-D34F-40DB-84A6-2FAC35BAC1DF} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {92572B55-8898-4F1A-9FDB-AB3B627C54A2} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {EB443190-C5FE-421E-8E0B-BCB099360C38} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-14] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {625313CB-91FC-4A5A-9E39-A7C474D28124} - System32\Tasks\App Explorer => C:\Users\waza9\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8794648 2024-08-16] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {AA044512-8A86-46E3-901E-703062034B78} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A53C3F0E-77F8-4CD8-B537-FF3A43F463B5} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {87780B42-B09D-4596-AE72-66108BBA37F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2CE2547-D6CB-405E-9540-A726CD16420C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {73D2D802-2E73-4FDC-A1B8-100DFFA3A962} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7410F6C7-15E7-4A2B-A34D-25621A446646} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFC818FB-0EDA-4FAB-BBAF-651B0E904DCD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {56287F68-3283-4C39-BA5D-C229658D70C5} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1 <==== ATTENTION
Task: {958278C8-F5FD-4CFA-813A-05F33B0F9DAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40AECE9A-6476-41E2-872C-054D3AB57707} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E247FF36-C4C3-4590-A0DA-C4663C4B0BD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D10CAF75-F3DC-4CA8-971A-079B6EB7C407} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {21260429-3E6C-4235-B58D-DC15A86F8AB9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-14] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {73EFCD00-A172-4843-85DA-7BAC6FE4A1A4} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\waza9\AppData\Roaming\Winsoft\core.ps1 <==== ATTENTION
Task: {D6A2B35D-FD68-44DE-9C82-89D2F49E4B66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {68507C71-37BC-4D69-A097-5852BF4009DF} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {54BA4D54-C749-4954-9DEE-047730859101} - System32\Tasks\Opera scheduled Autoupdate 1636485878 => C:\Users\waza9\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5770656 2024-08-06] (Opera Norway AS -> Opera Software)
Task: {52951E8D-0FC5-479E-9127-9796E1C34506} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {86BA1072-4945-47D5-827C-40BC2D46E1C9} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {BAD93B8B-14C1-4288-89EC-E530E88A5749} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {F0F74E72-DC39-48C2-9C91-16B47A30B137} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [151080 2020-06-18] (Acer Incorporated -> Microsoft)
Task: {557D1012-F59B-4DE0-B018-320A3D85C67D} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-04-15] (Acer Incorporated -> Acer Incorporated)
Task: {5457A469-5223-4EA9-97E0-963163CBDE0E} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-04-15] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}: [DhcpDomain] home
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\960586F6E65602465602D38D80ED: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\C496675626F687D263432403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\C496675626F687D263432403: [DhcpDomain] home
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\E45445745414259333F5548545: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\E45445745414259333F5548545: [DhcpDomain] Home
Tcpip\..\Interfaces\{c34b8b4c-e050-4684-b390-c526aa8be6f6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c34b8b4c-e050-4684-b390-c526aa8be6f6}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-26]
Edge Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-18]
Edge Extension: (Edge relevant text changes) - C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
FireFox:
========
FF DefaultProfile: 2jnu17ym.default
FF ProfilePath: C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\2jnu17ym.default [2021-11-09]
FF ProfilePath: C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release [2021-11-09]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release\Extensions\abb-acer@amazon.com.xpi [2021-11-09] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-11-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default [2024-09-23]
CHR Notifications: Default -> hxxps://cymatics.fm
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-09-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-27]
CHR Extension: (AdBlock - bloquez les publicités sur le web) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-19]
CHR Extension: (Google Drawings) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2022-09-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-06]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-12]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-28]
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-08-28]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-08-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-12]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-08-27]
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-08-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-09]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-23]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
Opera:
=======
OPR Profile: C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable [2023-09-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-30]
OPR Extension: (Opera Crypto Wallet) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-09]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-11-13]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [17243936 2024-02-15] (Autodesk, Inc. -> Autodesk)
R2 AdskNLM; C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe [1201488 2021-04-05] (Flexera Software LLC -> Flexera)
S3 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [13247264 2024-02-16] (Autodesk, Inc. -> Autodesk, Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2569352 2024-08-11] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595888 2022-07-29] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NS6IIAudioDevMon; C:\Program Files (x86)\Numark\NS6 II\AudioDevMon.exe [611416 2017-04-05] (INMUSIC BRANDS INC -> Numark)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 SuperDisplay; C:\Program Files\SuperDisplay\MirrorService.exe [692944 2020-09-20] (Software by KeloCube -> )
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [306728 2020-04-15] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R3 FocusritePCIeSwRoot; C:\Windows\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUsb; C:\Windows\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUsbAudio; C:\Windows\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\Windows\System32\drivers\FocusriteUsbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221264 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 NumarkNS6II; C:\Windows\System32\drivers\NumarkNS6II.sys [588400 2017-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Numark)
R3 superdisplay_hidbus; C:\Windows\System32\drivers\superdisplay_hidbus.sys [27448 2020-09-08] (Software by KeloCube -> )
S3 superdisplay_wpdfilter_2; C:\Windows\system32\drivers\superdisplay_wpdfilter_2.sys [32568 2020-09-10] (Software by KeloCube -> )
S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2022-08-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 19:57 - 2024-09-23 19:58 - 000027633 _____ C:\Users\waza9\Downloads\FRST.txt
2024-09-23 19:57 - 2024-09-23 19:58 - 000000000 ____D C:\FRST
2024-09-23 19:56 - 2024-09-23 19:56 - 002397696 _____ (Farbar) C:\Users\waza9\Downloads\FRST64.exe
2024-09-23 19:55 - 2024-09-23 19:55 - 002095104 _____ (Farbar) C:\Users\waza9\Downloads\FRST.exe
2024-09-21 09:54 - 2024-09-23 19:34 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-09-15 18:59 - 2024-09-15 18:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-11 18:07 - 2024-09-11 18:07 - 000000000 ___HD C:\$WinREAgent
2024-09-03 15:15 - 2024-09-03 15:15 - 000133284 _____ C:\Users\waza9\OneDrive\Documents\refus are 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159235 _____ C:\Users\waza9\Downloads\Déclaration Février 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159228 _____ C:\Users\waza9\Downloads\Déclaration Juin 2024 (1).pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159142 _____ C:\Users\waza9\Downloads\Déclaration Janvier 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159078 _____ C:\Users\waza9\Downloads\Déclaration Mai 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000158917 _____ C:\Users\waza9\Downloads\Déclaration Avril 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000158025 _____ C:\Users\waza9\Downloads\Déclaration Mars 2024.pdf
2024-08-27 09:13 - 2024-08-27 09:13 - 000158229 _____ C:\Users\waza9\Downloads\Déclaration Juillet 2024.pdf
2024-08-26 12:16 - 2024-08-26 12:16 - 000564545 _____ C:\Users\waza9\Downloads\Refus d'allocation d'ARE.pdf
2024-08-26 12:16 - 2024-08-26 12:16 - 000564545 _____ C:\Users\waza9\Downloads\aaaa1.pdf
2024-08-26 12:14 - 2024-08-26 12:14 - 000530225 _____ C:\Users\waza9\OneDrive\Documents\aaaa5.jpeg
2024-08-26 12:13 - 2024-08-26 12:13 - 000087781 _____ C:\Users\waza9\OneDrive\Documents\aaaa4.jpeg
2024-08-26 12:12 - 2024-08-26 12:12 - 000216671 _____ C:\Users\waza9\OneDrive\Documents\aaaa3.jpeg
2024-08-26 12:11 - 2024-08-26 12:11 - 000125396 _____ C:\Users\waza9\OneDrive\Documents\aaaa2.jpeg.jpeg
2024-08-26 12:10 - 2024-08-26 12:09 - 000382785 _____ C:\Users\waza9\OneDrive\Documents\aaaa1.jpeg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 19:44 - 2024-07-10 20:08 - 000000000 ____D C:\Users\waza9\AppData\Local\Malwarebytes
2024-09-23 19:38 - 2021-01-20 23:44 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-23 19:38 - 2020-05-14 12:36 - 000793016 _____ C:\Windows\system32\perfh00C.dat
2024-09-23 19:38 - 2020-05-14 12:36 - 000150146 _____ C:\Windows\system32\perfc00C.dat
2024-09-23 19:38 - 2019-12-07 13:13 - 000000000 ____D C:\Windows\INF
2024-09-23 19:37 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-23 19:34 - 2021-12-18 00:30 - 000000000 ____D C:\Windows\SystemTemp
2024-09-23 19:34 - 2021-01-21 00:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-23 19:34 - 2021-01-20 23:36 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-23 19:34 - 2021-01-20 23:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-23 19:34 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\ServiceState
2024-09-23 19:34 - 2019-12-07 13:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-23 19:34 - 2019-12-07 13:03 - 001048576 _____ C:\Windows\system32\config\BBI
2024-09-23 15:47 - 2023-09-09 10:53 - 000000000 ____D C:\Users\waza9\AppData\Local\Battle.net
2024-09-23 15:47 - 2021-01-20 23:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-23 10:23 - 2021-11-09 14:29 - 000000000 ____D C:\Users\waza9\AppData\Local\Host App Service
2024-09-23 10:22 - 2023-07-13 22:58 - 000000000 ____D C:\Users\waza9\AppData\Roaming\CurseForge
2024-09-21 22:11 - 2021-11-10 13:56 - 000000000 ____D C:\ProgramData\SuperDisplay
2024-09-21 20:10 - 2021-01-20 23:41 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-21 19:29 - 2019-12-07 13:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-19 09:01 - 2023-07-07 18:13 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2024-09-18 22:12 - 2021-11-09 20:24 - 000000000 ____D C:\Users\waza9\AppData\Local\CrashDumps
2024-09-18 02:21 - 2021-01-20 23:36 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-09-16 13:17 - 2021-11-09 20:54 - 000000000 ____D C:\Users\waza9\AppData\Roaming\Microsoft\MMC
2024-09-15 18:58 - 2021-01-21 00:22 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-13 17:21 - 2021-01-20 23:36 - 000753376 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\oobe
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\Dism
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-13 12:48 - 2024-01-02 18:06 - 000000000 ____D C:\Users\waza9\OneDrive\Documents\DOC COM
2024-09-11 18:17 - 2019-12-07 13:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-11 18:14 - 2021-01-20 23:46 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-11 18:06 - 2021-11-11 02:09 - 000000000 ____D C:\Windows\system32\MRT
2024-09-11 18:04 - 2021-11-11 02:09 - 199688632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-09-09 23:01 - 2021-12-11 21:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3325502090-3881661430-1837460602-1001
2024-09-09 23:01 - 2021-11-09 14:38 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3325502090-3881661430-1837460602-1001
2024-09-09 23:01 - 2021-11-09 14:29 - 000002425 _____ C:\Users\waza9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-09 13:03 - 2021-01-20 23:41 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:03 - 2021-01-20 23:41 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-06 11:46 - 2022-10-23 09:04 - 000124344 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-09-06 11:46 - 2022-10-23 09:04 - 000075192 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-09-06 11:46 - 2022-02-21 15:36 - 002799144 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-09-06 11:46 - 2022-02-21 15:36 - 000149032 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-09-06 11:44 - 2024-02-17 00:39 - 000284224 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000783912 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000243240 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000210360 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-09-01 01:32 - 2021-11-09 14:29 - 000000000 ____D C:\Users\waza9
2024-08-29 23:16 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-08-26 12:14 - 2022-01-17 14:23 - 000000000 ___RD C:\Users\waza9\OneDrive\Documents\Scanned Documents
==================== Fichiers à la racine de certains dossiers ========
2022-09-10 17:55 - 2022-09-10 17:55 - 000000041 _____ () C:\Users\waza9\AppData\Roaming\data_dir
2024-07-09 22:38 - 2024-07-09 22:38 - 000007603 _____ () C:\Users\waza9\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par waza9 (administrateur) sur LAPTOP-9F6PU627 (Acer Aspire A715-41G) (23-09-2024 19:57:58)
Exécuté depuis C:\Users\waza9\Downloads\FRST64.exe
Profils chargés: waza9
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4894 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) [Fichier non signé] C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\adskflex.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357645.inf_amd64_3c66802dbd4d45a0\B357435\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\14.1.0.10619\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (INMUSIC BRANDS INC -> Numark) C:\Program Files (x86)\Numark\NS6 II\AudioDevMon.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Software by KeloCube -> ) C:\Program Files\SuperDisplay\MirrorService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\waza9\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1081648 2020-06-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Run: [Discord] => C:\Users\waza9\AppData\Local\Discord\Update.exe [1525016 2023-07-31] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Pas de fichier)
HKU\S-1-5-21-3325502090-3881661430-1837460602-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ableton Push Control Panel Autostart.lnk [2023-09-22]
ShortcutTarget: Ableton Push Control Panel Autostart.lnk -> C:\Program Files\Ableton\Push Driver\x64\AbletonPushCpl.exe (Thesycon Software Solutions GmbH & Co. KG -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {FE4E6D8F-FC09-463D-AC87-681130B655C5} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {47708DEC-A28F-48E7-A20C-4E438534B9C8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {24866443-D34F-40DB-84A6-2FAC35BAC1DF} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {92572B55-8898-4F1A-9FDB-AB3B627C54A2} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {EB443190-C5FE-421E-8E0B-BCB099360C38} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-14] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {625313CB-91FC-4A5A-9E39-A7C474D28124} - System32\Tasks\App Explorer => C:\Users\waza9\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8794648 2024-08-16] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {AA044512-8A86-46E3-901E-703062034B78} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A53C3F0E-77F8-4CD8-B537-FF3A43F463B5} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {87780B42-B09D-4596-AE72-66108BBA37F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2CE2547-D6CB-405E-9540-A726CD16420C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {73D2D802-2E73-4FDC-A1B8-100DFFA3A962} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7410F6C7-15E7-4A2B-A34D-25621A446646} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFC818FB-0EDA-4FAB-BBAF-651B0E904DCD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {56287F68-3283-4C39-BA5D-C229658D70C5} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1 <==== ATTENTION
Task: {958278C8-F5FD-4CFA-813A-05F33B0F9DAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40AECE9A-6476-41E2-872C-054D3AB57707} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E247FF36-C4C3-4590-A0DA-C4663C4B0BD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D10CAF75-F3DC-4CA8-971A-079B6EB7C407} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {21260429-3E6C-4235-B58D-DC15A86F8AB9} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-14] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {73EFCD00-A172-4843-85DA-7BAC6FE4A1A4} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\waza9\AppData\Roaming\Winsoft\core.ps1 <==== ATTENTION
Task: {D6A2B35D-FD68-44DE-9C82-89D2F49E4B66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {68507C71-37BC-4D69-A097-5852BF4009DF} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {54BA4D54-C749-4954-9DEE-047730859101} - System32\Tasks\Opera scheduled Autoupdate 1636485878 => C:\Users\waza9\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5770656 2024-08-06] (Opera Norway AS -> Opera Software)
Task: {52951E8D-0FC5-479E-9127-9796E1C34506} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {86BA1072-4945-47D5-827C-40BC2D46E1C9} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {BAD93B8B-14C1-4288-89EC-E530E88A5749} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {F0F74E72-DC39-48C2-9C91-16B47A30B137} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [151080 2020-06-18] (Acer Incorporated -> Microsoft)
Task: {557D1012-F59B-4DE0-B018-320A3D85C67D} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-04-15] (Acer Incorporated -> Acer Incorporated)
Task: {5457A469-5223-4EA9-97E0-963163CBDE0E} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-04-15] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}: [DhcpDomain] home
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\960586F6E65602465602D38D80ED: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\C496675626F687D263432403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\C496675626F687D263432403: [DhcpDomain] home
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\E45445745414259333F5548545: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e12fcbb-ef77-4157-8ca0-6beb9575a92e}\E45445745414259333F5548545: [DhcpDomain] Home
Tcpip\..\Interfaces\{c34b8b4c-e050-4684-b390-c526aa8be6f6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c34b8b4c-e050-4684-b390-c526aa8be6f6}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-26]
Edge Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-18]
Edge Extension: (Edge relevant text changes) - C:\Users\waza9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
FireFox:
========
FF DefaultProfile: 2jnu17ym.default
FF ProfilePath: C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\2jnu17ym.default [2021-11-09]
FF ProfilePath: C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release [2021-11-09]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release\Extensions\abb-acer@amazon.com.xpi [2021-11-09] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Users\waza9\AppData\Roaming\Mozilla\Firefox\Profiles\gr7j22xh.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-11-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default [2024-09-23]
CHR Notifications: Default -> hxxps://cymatics.fm
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-09-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-27]
CHR Extension: (AdBlock - bloquez les publicités sur le web) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-19]
CHR Extension: (Google Drawings) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2022-09-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-06]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-12]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-28]
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-08-28]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-08-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-12]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-08-27]
CHR Extension: (Torrent Scanner) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-08-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\waza9\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-09]
CHR Profile: C:\Users\waza9\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-23]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
Opera:
=======
OPR Profile: C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable [2023-09-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-30]
OPR Extension: (Opera Crypto Wallet) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-09]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\waza9\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-11-13]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [17243936 2024-02-15] (Autodesk, Inc. -> Autodesk)
R2 AdskNLM; C:\Program Files (x86)\Common Files\Autodesk Shared\Network License Manager\lmgrd.exe [1201488 2021-04-05] (Flexera Software LLC -> Flexera)
S3 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [13247264 2024-02-16] (Autodesk, Inc. -> Autodesk, Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2569352 2024-08-11] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595888 2022-07-29] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NS6IIAudioDevMon; C:\Program Files (x86)\Numark\NS6 II\AudioDevMon.exe [611416 2017-04-05] (INMUSIC BRANDS INC -> Numark)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 SuperDisplay; C:\Program Files\SuperDisplay\MirrorService.exe [692944 2020-09-20] (Software by KeloCube -> )
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [306728 2020-04-15] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_efe127e721dd1bb8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R3 FocusritePCIeSwRoot; C:\Windows\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUsb; C:\Windows\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUsbAudio; C:\Windows\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbSwRoot; C:\Windows\System32\drivers\FocusriteUsbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [221264 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 NumarkNS6II; C:\Windows\System32\drivers\NumarkNS6II.sys [588400 2017-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Numark)
R3 superdisplay_hidbus; C:\Windows\System32\drivers\superdisplay_hidbus.sys [27448 2020-09-08] (Software by KeloCube -> )
S3 superdisplay_wpdfilter_2; C:\Windows\system32\drivers\superdisplay_wpdfilter_2.sys [32568 2020-09-10] (Software by KeloCube -> )
S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2022-08-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 19:57 - 2024-09-23 19:58 - 000027633 _____ C:\Users\waza9\Downloads\FRST.txt
2024-09-23 19:57 - 2024-09-23 19:58 - 000000000 ____D C:\FRST
2024-09-23 19:56 - 2024-09-23 19:56 - 002397696 _____ (Farbar) C:\Users\waza9\Downloads\FRST64.exe
2024-09-23 19:55 - 2024-09-23 19:55 - 002095104 _____ (Farbar) C:\Users\waza9\Downloads\FRST.exe
2024-09-21 09:54 - 2024-09-23 19:34 - 000003112 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-09-15 18:59 - 2024-09-15 18:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-11 18:07 - 2024-09-11 18:07 - 000000000 ___HD C:\$WinREAgent
2024-09-03 15:15 - 2024-09-03 15:15 - 000133284 _____ C:\Users\waza9\OneDrive\Documents\refus are 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159235 _____ C:\Users\waza9\Downloads\Déclaration Février 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159228 _____ C:\Users\waza9\Downloads\Déclaration Juin 2024 (1).pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159142 _____ C:\Users\waza9\Downloads\Déclaration Janvier 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000159078 _____ C:\Users\waza9\Downloads\Déclaration Mai 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000158917 _____ C:\Users\waza9\Downloads\Déclaration Avril 2024.pdf
2024-08-27 09:14 - 2024-08-27 09:14 - 000158025 _____ C:\Users\waza9\Downloads\Déclaration Mars 2024.pdf
2024-08-27 09:13 - 2024-08-27 09:13 - 000158229 _____ C:\Users\waza9\Downloads\Déclaration Juillet 2024.pdf
2024-08-26 12:16 - 2024-08-26 12:16 - 000564545 _____ C:\Users\waza9\Downloads\Refus d'allocation d'ARE.pdf
2024-08-26 12:16 - 2024-08-26 12:16 - 000564545 _____ C:\Users\waza9\Downloads\aaaa1.pdf
2024-08-26 12:14 - 2024-08-26 12:14 - 000530225 _____ C:\Users\waza9\OneDrive\Documents\aaaa5.jpeg
2024-08-26 12:13 - 2024-08-26 12:13 - 000087781 _____ C:\Users\waza9\OneDrive\Documents\aaaa4.jpeg
2024-08-26 12:12 - 2024-08-26 12:12 - 000216671 _____ C:\Users\waza9\OneDrive\Documents\aaaa3.jpeg
2024-08-26 12:11 - 2024-08-26 12:11 - 000125396 _____ C:\Users\waza9\OneDrive\Documents\aaaa2.jpeg.jpeg
2024-08-26 12:10 - 2024-08-26 12:09 - 000382785 _____ C:\Users\waza9\OneDrive\Documents\aaaa1.jpeg
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 19:44 - 2024-07-10 20:08 - 000000000 ____D C:\Users\waza9\AppData\Local\Malwarebytes
2024-09-23 19:38 - 2021-01-20 23:44 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-23 19:38 - 2020-05-14 12:36 - 000793016 _____ C:\Windows\system32\perfh00C.dat
2024-09-23 19:38 - 2020-05-14 12:36 - 000150146 _____ C:\Windows\system32\perfc00C.dat
2024-09-23 19:38 - 2019-12-07 13:13 - 000000000 ____D C:\Windows\INF
2024-09-23 19:37 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-23 19:34 - 2021-12-18 00:30 - 000000000 ____D C:\Windows\SystemTemp
2024-09-23 19:34 - 2021-01-21 00:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-23 19:34 - 2021-01-20 23:36 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-23 19:34 - 2021-01-20 23:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-23 19:34 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\ServiceState
2024-09-23 19:34 - 2019-12-07 13:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-23 19:34 - 2019-12-07 13:03 - 001048576 _____ C:\Windows\system32\config\BBI
2024-09-23 15:47 - 2023-09-09 10:53 - 000000000 ____D C:\Users\waza9\AppData\Local\Battle.net
2024-09-23 15:47 - 2021-01-20 23:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-23 10:23 - 2021-11-09 14:29 - 000000000 ____D C:\Users\waza9\AppData\Local\Host App Service
2024-09-23 10:22 - 2023-07-13 22:58 - 000000000 ____D C:\Users\waza9\AppData\Roaming\CurseForge
2024-09-21 22:11 - 2021-11-10 13:56 - 000000000 ____D C:\ProgramData\SuperDisplay
2024-09-21 20:10 - 2021-01-20 23:41 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-21 19:29 - 2019-12-07 13:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-19 09:01 - 2023-07-07 18:13 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2024-09-18 22:12 - 2021-11-09 20:24 - 000000000 ____D C:\Users\waza9\AppData\Local\CrashDumps
2024-09-18 02:21 - 2021-01-20 23:36 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-09-16 13:17 - 2021-11-09 20:54 - 000000000 ____D C:\Users\waza9\AppData\Roaming\Microsoft\MMC
2024-09-15 18:58 - 2021-01-21 00:22 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-13 17:21 - 2021-01-20 23:36 - 000753376 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\oobe
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\Dism
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-09-13 17:21 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-13 12:48 - 2024-01-02 18:06 - 000000000 ____D C:\Users\waza9\OneDrive\Documents\DOC COM
2024-09-11 18:17 - 2019-12-07 13:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-11 18:14 - 2021-01-20 23:46 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-11 18:06 - 2021-11-11 02:09 - 000000000 ____D C:\Windows\system32\MRT
2024-09-11 18:04 - 2021-11-11 02:09 - 199688632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-09-09 23:01 - 2021-12-11 21:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3325502090-3881661430-1837460602-1001
2024-09-09 23:01 - 2021-11-09 14:38 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3325502090-3881661430-1837460602-1001
2024-09-09 23:01 - 2021-11-09 14:29 - 000002425 _____ C:\Users\waza9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-09 13:03 - 2021-01-20 23:41 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:03 - 2021-01-20 23:41 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-06 11:46 - 2022-10-23 09:04 - 000124344 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-09-06 11:46 - 2022-10-23 09:04 - 000075192 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-09-06 11:46 - 2022-02-21 15:36 - 002799144 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-09-06 11:46 - 2022-02-21 15:36 - 000149032 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-09-06 11:44 - 2024-02-17 00:39 - 000284224 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000783912 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000243240 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-09-06 11:44 - 2022-02-21 15:36 - 000210360 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-09-01 01:32 - 2021-11-09 14:29 - 000000000 ____D C:\Users\waza9
2024-08-29 23:16 - 2019-12-07 13:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-08-26 12:14 - 2022-01-17 14:23 - 000000000 ___RD C:\Users\waza9\OneDrive\Documents\Scanned Documents
==================== Fichiers à la racine de certains dossiers ========
2022-09-10 17:55 - 2022-09-10 17:55 - 000000041 _____ () C:\Users\waza9\AppData\Roaming\data_dir
2024-07-09 22:38 - 2024-07-09 22:38 - 000007603 _____ () C:\Users\waza9\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================