Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Exécuté par LENOVO (administrateur) sur DESKTOP-C4D6HN4 (LENOVO 81D1) (19-10-2024 17:29:43)
Exécuté depuis C:\Users\LENOVO\Downloads\FRST64.exe
Profils chargés: LENOVO
Plate-forme: Microsoft Windows 10 Professionnel Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE
(explorer.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal_wc.inf_amd64_9171bd9f02afbfa0\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c1fb9ebb5c11384e\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c1fb9ebb5c11384e\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(services.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180448 2019-06-21] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-26] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) [Fichier non signé]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Policies\...\system: [UseOEMBackground] 1
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2136440893-3744211162-2989140377-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2136440893-3744211162-2989140377-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON L3110 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUPE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.101\Installer\chrmstp.exe [2024-10-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2013-11-26] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2013-11-26] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to.lnk [2024-04-25]
ShortcutAndArgument: Send to.lnk -> C:\Windows\System32\wscript.exe => "C:\Users\Public\a.js" <==== ATTENTION
Startup: C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USBfichier.Vbs [2024-07-01] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {7F1C4E8E-DE91-4029-BC61-AF7C2A2DA8B3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{5DB8C813-9A93-4289-99F3-BFD1BECE65DC} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {6BC6AA2D-5B52-465C-9325-BE0CA218C114} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [135062968 2021-01-18] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {3D83ED69-494D-440D-9C0D-34C9E248D285} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C1CB0F1-0BE2-4CED-9A6D-5177DFBC06C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89564BF0-9D8C-45AD-B943-68A81DD3CB33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD64EDE6-D138-410C-8575-DFDCEB3CD4F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.101.246
Tcpip\..\Interfaces\{135aa8a9-6a4c-4c8e-83b5-30febee9f638}: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{2a90ac81-60d9-474e-b983-5bebb47f08e0}: [DhcpNameServer] 192.168.101.246
FireFox:
========
FF DefaultProfile: 5qzw65sh.default
FF ProfilePath: C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\5qzw65sh.default [2024-10-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2018-11-12] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2018-11-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] (Apple Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-10-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]
Chrome:
=======
CHR Profile: C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default [2024-10-19]
CHR Extension: (Docs) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-24]
CHR Extension: (Google Drive) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-18]
CHR Extension: (YouTube) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-19]
CHR Extension: (Gmail) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-18]
CHR Extension: (Chrome Media Router) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-31]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-06-21] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-06-21] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [Fichier non signé]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [31016 2015-07-23] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65472 2017-09-27] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-06-20] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-06-20] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-06-20] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50488 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
S3 MpKsl116e45d4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1741f1eb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl260b71b7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl273176c6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl2c347574; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl534fd332; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl5d94001a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl5e6d5297; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl6397d6cf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl66c33675; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl737dcfc6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7d8413d3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl8962d7cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl901ac2da; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9724b455; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9dd9a952; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9e0505c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslae32689b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslb0626dce; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbf5277d7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbfa5b2df; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle2484e99; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle2589206; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle418630a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslf8c96b80; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfa5b555e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfd619cd5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfff6e9c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-10-19 17:18 - 2024-10-19 17:18 - 000000000 ____D C:\Program Files\Crashpad
2024-10-19 17:16 - 2024-10-19 17:17 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_8020_593674047
2024-10-19 17:15 - 2024-10-19 17:29 - 000045563 _____ C:\Users\LENOVO\Downloads\Addition.txt
2024-10-19 17:10 - 2024-10-19 17:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-10-19 17:09 - 2024-10-19 17:31 - 000023029 _____ C:\Users\LENOVO\Downloads\FRST.txt
2024-10-19 17:08 - 2024-10-19 17:30 - 000000000 ____D C:\FRST
2024-10-19 17:08 - 2024-10-19 17:08 - 002397696 _____ (Farbar) C:\Users\LENOVO\Downloads\FRST64.exe
2024-09-25 07:46 - 2024-09-25 07:46 - 000011984 _____ C:\Users\LENOVO\Desktop\MEDICAMENTS 10.xlsx
2024-09-24 19:27 - 2024-09-24 19:23 - 000010347 _____ C:\Users\LENOVO\Desktop\6609c5a9-ce26-406a-a24b-8d3e3743c592.pdf
2024-09-24 19:27 - 2024-09-24 19:23 - 000010295 _____ C:\Users\LENOVO\Desktop\9a03fad2-77f1-41d2-a6ae-1d25bab53761.pdf
2024-09-24 18:53 - 2023-10-14 23:24 - 000060886 _____ C:\Users\LENOVO\Desktop\INVENTAIRE ANTSEZA 2023.xlsx
2024-09-24 11:58 - 2024-09-24 11:55 - 000592971 _____ C:\Users\LENOVO\Desktop\BL S1 2024 CSB II ANTSEZA.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-10-19 17:25 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-19 17:18 - 2018-11-12 20:58 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-19 17:18 - 2018-11-12 20:58 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-19 17:16 - 2018-11-13 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2024-10-19 17:16 - 2018-11-13 23:20 - 000000000 ____D C:\Program Files (x86)\TNod
2024-10-19 17:14 - 2018-11-12 20:58 - 000000000 ____D C:\Program Files (x86)\Google
2024-10-19 17:11 - 2019-03-19 07:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-10-19 17:08 - 2019-03-19 07:50 - 000000000 ____D C:\WINDOWS\INF
2024-10-19 16:48 - 2021-01-18 12:43 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-10-19 16:22 - 2020-05-22 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-19 15:49 - 2018-11-12 22:02 - 000000000 ____D C:\Users\LENOVO\Documents\YouCam
2024-10-19 15:45 - 2019-07-25 15:37 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Excel
2024-10-19 15:36 - 2018-11-14 10:37 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Word
2024-10-19 15:31 - 2018-11-12 22:26 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\vlc
2024-10-19 15:15 - 2021-01-18 19:56 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2024-10-19 15:15 - 2021-01-18 19:55 - 000000000 __SHD C:\Users\LENOVO\IntelGraphicsProfiles
2024-10-19 15:15 - 2020-05-22 16:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-19 15:14 - 2019-03-19 07:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-10-19 12:38 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-10-19 01:03 - 2020-05-22 15:50 - 000000000 ____D C:\Users\LENOVO
2024-10-19 01:03 - 2019-03-19 07:37 - 000000000 ____D C:\WINDOWS\servicing
2024-10-19 01:03 - 2019-03-19 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-14 01:28 - 2018-11-09 00:14 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Packages
2024-10-08 10:12 - 2020-11-21 09:30 - 000000000 ____D C:\Securite
2024-10-04 10:21 - 2024-03-22 15:07 - 000000000 ____D C:\Users\LENOVO\Desktop\OM ac Avril
2024-09-27 14:45 - 2024-04-18 09:06 - 000000000 ____D C:\Users\LENOVO\Desktop\Fiche Solofoson
==================== Fichiers à la racine de certains dossiers ========
2024-10-19 17:18 - 2024-10-19 17:18 - 000039315 _____ () C:\Program Files\chrome_installer.log
2019-01-28 17:12 - 2019-01-28 17:12 - 007895040 _____ () C:\Program Files (x86)\GUT7F15.tmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par LENOVO (administrateur) sur DESKTOP-C4D6HN4 (LENOVO 81D1) (19-10-2024 17:29:43)
Exécuté depuis C:\Users\LENOVO\Downloads\FRST64.exe
Profils chargés: LENOVO
Plate-forme: Microsoft Windows 10 Professionnel Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE
(explorer.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal_wc.inf_amd64_9171bd9f02afbfa0\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c1fb9ebb5c11384e\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c1fb9ebb5c11384e\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(services.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Nero AG) [Fichier non signé] C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180448 2019-06-21] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-26] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) [Fichier non signé]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Policies\...\system: [UseOEMBackground] 1
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2136440893-3744211162-2989140377-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774936 2017-04-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2136440893-3744211162-2989140377-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON L3110 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUPE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.101\Installer\chrmstp.exe [2024-10-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2013-11-26] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2013-11-26] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to.lnk [2024-04-25]
ShortcutAndArgument: Send to.lnk -> C:\Windows\System32\wscript.exe => "C:\Users\Public\a.js" <==== ATTENTION
Startup: C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USBfichier.Vbs [2024-07-01] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {7F1C4E8E-DE91-4029-BC61-AF7C2A2DA8B3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{5DB8C813-9A93-4289-99F3-BFD1BECE65DC} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {6BC6AA2D-5B52-465C-9325-BE0CA218C114} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [135062968 2021-01-18] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {3D83ED69-494D-440D-9C0D-34C9E248D285} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C1CB0F1-0BE2-4CED-9A6D-5177DFBC06C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89564BF0-9D8C-45AD-B943-68A81DD3CB33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD64EDE6-D138-410C-8575-DFDCEB3CD4F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.101.246
Tcpip\..\Interfaces\{135aa8a9-6a4c-4c8e-83b5-30febee9f638}: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{2a90ac81-60d9-474e-b983-5bebb47f08e0}: [DhcpNameServer] 192.168.101.246
FireFox:
========
FF DefaultProfile: 5qzw65sh.default
FF ProfilePath: C:\Users\LENOVO\AppData\Roaming\Mozilla\Firefox\Profiles\5qzw65sh.default [2024-10-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2018-11-12] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2018-11-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] (Apple Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-10-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]
Chrome:
=======
CHR Profile: C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default [2024-10-19]
CHR Extension: (Docs) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-24]
CHR Extension: (Google Drive) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-18]
CHR Extension: (YouTube) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-19]
CHR Extension: (Gmail) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-18]
CHR Extension: (Chrome Media Router) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-31]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-06-21] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-06-21] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [Fichier non signé]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [31016 2015-07-23] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65472 2017-09-27] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-06-20] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-06-20] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-06-20] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50488 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-06-20] (ESET, spol. s r.o. -> ESET)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
S3 MpKsl116e45d4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1741f1eb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl260b71b7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl273176c6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl2c347574; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl534fd332; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl5d94001a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl5e6d5297; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl6397d6cf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl66c33675; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl737dcfc6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7d8413d3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl8962d7cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl901ac2da; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9724b455; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9dd9a952; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9e0505c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslae32689b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslb0626dce; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbf5277d7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslbfa5b2df; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle2484e99; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle2589206; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle418630a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslf8c96b80; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfa5b555e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfd619cd5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslfff6e9c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{795050CC-0390-4B7C-8C74-4199F6340D8E}\MpKslDrv.sys [91376 2022-03-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-10-19 17:18 - 2024-10-19 17:18 - 000000000 ____D C:\Program Files\Crashpad
2024-10-19 17:16 - 2024-10-19 17:17 - 000000000 ____D C:\Program Files (x86)\chrome_url_fetcher_8020_593674047
2024-10-19 17:15 - 2024-10-19 17:29 - 000045563 _____ C:\Users\LENOVO\Downloads\Addition.txt
2024-10-19 17:10 - 2024-10-19 17:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-10-19 17:09 - 2024-10-19 17:31 - 000023029 _____ C:\Users\LENOVO\Downloads\FRST.txt
2024-10-19 17:08 - 2024-10-19 17:30 - 000000000 ____D C:\FRST
2024-10-19 17:08 - 2024-10-19 17:08 - 002397696 _____ (Farbar) C:\Users\LENOVO\Downloads\FRST64.exe
2024-09-25 07:46 - 2024-09-25 07:46 - 000011984 _____ C:\Users\LENOVO\Desktop\MEDICAMENTS 10.xlsx
2024-09-24 19:27 - 2024-09-24 19:23 - 000010347 _____ C:\Users\LENOVO\Desktop\6609c5a9-ce26-406a-a24b-8d3e3743c592.pdf
2024-09-24 19:27 - 2024-09-24 19:23 - 000010295 _____ C:\Users\LENOVO\Desktop\9a03fad2-77f1-41d2-a6ae-1d25bab53761.pdf
2024-09-24 18:53 - 2023-10-14 23:24 - 000060886 _____ C:\Users\LENOVO\Desktop\INVENTAIRE ANTSEZA 2023.xlsx
2024-09-24 11:58 - 2024-09-24 11:55 - 000592971 _____ C:\Users\LENOVO\Desktop\BL S1 2024 CSB II ANTSEZA.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-10-19 17:25 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-19 17:18 - 2018-11-12 20:58 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-19 17:18 - 2018-11-12 20:58 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-19 17:16 - 2018-11-13 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2024-10-19 17:16 - 2018-11-13 23:20 - 000000000 ____D C:\Program Files (x86)\TNod
2024-10-19 17:14 - 2018-11-12 20:58 - 000000000 ____D C:\Program Files (x86)\Google
2024-10-19 17:11 - 2019-03-19 07:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-10-19 17:08 - 2019-03-19 07:50 - 000000000 ____D C:\WINDOWS\INF
2024-10-19 16:48 - 2021-01-18 12:43 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-10-19 16:22 - 2020-05-22 15:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-19 15:49 - 2018-11-12 22:02 - 000000000 ____D C:\Users\LENOVO\Documents\YouCam
2024-10-19 15:45 - 2019-07-25 15:37 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Excel
2024-10-19 15:36 - 2018-11-14 10:37 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Word
2024-10-19 15:31 - 2018-11-12 22:26 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\vlc
2024-10-19 15:15 - 2021-01-18 19:56 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2024-10-19 15:15 - 2021-01-18 19:55 - 000000000 __SHD C:\Users\LENOVO\IntelGraphicsProfiles
2024-10-19 15:15 - 2020-05-22 16:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-19 15:14 - 2019-03-19 07:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-10-19 12:38 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-10-19 01:03 - 2020-05-22 15:50 - 000000000 ____D C:\Users\LENOVO
2024-10-19 01:03 - 2019-03-19 07:37 - 000000000 ____D C:\WINDOWS\servicing
2024-10-19 01:03 - 2019-03-19 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-14 01:28 - 2018-11-09 00:14 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Packages
2024-10-08 10:12 - 2020-11-21 09:30 - 000000000 ____D C:\Securite
2024-10-04 10:21 - 2024-03-22 15:07 - 000000000 ____D C:\Users\LENOVO\Desktop\OM ac Avril
2024-09-27 14:45 - 2024-04-18 09:06 - 000000000 ____D C:\Users\LENOVO\Desktop\Fiche Solofoson
==================== Fichiers à la racine de certains dossiers ========
2024-10-19 17:18 - 2024-10-19 17:18 - 000039315 _____ () C:\Program Files\chrome_installer.log
2019-01-28 17:12 - 2019-01-28 17:12 - 007895040 _____ () C:\Program Files (x86)\GUT7F15.tmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================