Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Exécuté par ISMAIL (administrateur) sur DESKTOP-1IFJ95J (ASUSTeK COMPUTER INC. X555LAB) (13-12-2024 12:22:04)
Exécuté depuis C:\Users\ISMAIL\Desktop\FRST64(1).exe
Profils chargés: ISMAIL
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5131 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\RUXIM\PLUGScheduler.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\RUXIMICS.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe <2>
(C:\Users\ISMAIL\AppData\Local\Programs\Microsoft VS Code\Code.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.exe
(C:\Users\ISMAIL\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Temp\is-M7SFB.tmp\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.tmp
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe <2>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22098.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Programs\Microsoft VS Code\Code.exe <9>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\VpnUpdate.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_11.2411.2.0_x64__8wekyb3d8bbwe\Maps.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\PLUGScheduler.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] (ASUS Cloud Corporation -> )
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\Installer\setup.exe [6871616 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3469735148-2751303216-132763565-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3469735148-2751303216-132763565-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1427704 2024-05-10] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [674304 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.140\Installer\chrmstp.exe [2024-12-13] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C231986D-68F5-4008-9642-C72A069942E7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-04-11] (ASUSTeK Computer Inc. -> AsusTek)
Task: {44CF5F12-FF40-4CDD-A3C9-A7F93CC052AD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé]
Task: {E7ACA1C4-A82A-4882-B8AC-AABDF769B043} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {ABA9A59C-CB30-4C93-BF57-67E3B07E61FF} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {57645A36-47BC-4A30-8C72-A35619882643} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {62028A33-44A5-4712-BEC6-97424BA36447} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5974312 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus).
Task: {CBFAC4EE-0B9C-409D-A626-75D45D799EDF} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [3914536 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B8467C34-BC53-4162-B546-AC3ADB36FDB7} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8289064 2024-11-12] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {42D16868-638B-411A-A042-2A244C693383} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {828A7993-7798-44C7-AF9C-3E905E4516D5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ed2735fa-82e3-45e3-a767-1e105e9ef35f" --version "6.29.11342" --silent
Task: {8E15CA9A-DDC7-4444-8A1B-6705FB8F9741} - System32\Tasks\CCleanerSkipUAC - ISMAIL => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> )
Task: {FCEBB5D6-EEB5-4C68-A3CD-AC7318ABE18B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3A6FC31F-DCAA-4E92-8D0E-90F0E1CA66FE} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {89BEBE61-3F86-41CA-ABED-24F658C2E5D7} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [911776 2023-10-03] (PIRIFORM SOFTWARE LIMITED -> Piriform)
Task: {09CD820A-D634-4233-9417-4836D594F99B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3D322B-2FA7-49BC-B140-EC78DF5BA9A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B52E131A-67A5-448F-B258-648B67B91F8F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311952 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {138615C5-2A38-4C2A-9597-7E78CEE72258} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311952 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFC20556-F455-41E1-84A1-0EA69B1A2665} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5C59F54-16FB-4C6E-9726-DF54E178A006} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [90816 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2DB351E-B0B3-4893-8380-A95B2361AF67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F71A92E9-EC4B-4C6A-83BC-6DA05389835F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E17570F-9A26-4F0F-B85C-4CD20A53E09E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0F74362-4935-44EB-8215-295CCA98AB65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {904A729E-3893-480F-AE37-3EA710D0257A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {2F2C84A9-41FB-487E-9FD6-758B814CEDB2} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3469735148-2751303216-132763565-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {1F26587B-E08D-4702-93F5-5587789EB0BE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {F193118B-019B-4FC6-A38E-CF6CC7984351} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {27551875-A84B-42FF-A257-8282C43405D4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {21A26B44-5DA0-4825-BB30-36134F06CA2A} - System32\Tasks\WpsNotifyTask_ISMAIL => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {47F4B8C0-F71B-4E7F-B155-546E6EA65929} - System32\Tasks\WpsUpdateTask_ISMAIL => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_ISMAIL.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_ISMAIL.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.43.169
Tcpip\..\Interfaces\{47922c0e-d206-473b-95ed-e759795f9597}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}: [DhcpNameServer] 192.168.43.169
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2332333343423: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2332333343423: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2537333642483: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-25]
Edge Extension: (Google Docs hors connexion) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-08-20]
Edge Extension: (Edge relevant text changes) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2hgqb39f.default-1654602866718
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\6cyo7l1i.default-release-1 [2024-11-14]
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\jklviwsd.default-release [2024-11-14]
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718 [2024-12-13]
FF Extension: (uBlock Origin) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\uBlock0@raymondhill.net.xpi [2024-12-01]
FF Extension: (Spacial Blue) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{23a33630-c7f2-4383-a584-798397f8ea8c}.xpi [2022-06-07]
FF Extension: (Union Pacific) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{79d2a527-d4b5-4d7d-b74f-25d42c443d66}.xpi [2022-06-07]
FF Extension: (Galaxy Blue) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{a722dad2-f2cc-4485-9e1d-e5213db643a5}.xpi [2022-06-07]
FF Extension: (Video DownloadHelper) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-09-11]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-12-11]
FF Extension: (Pacific Ocean - Kaikoura) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d4475e05-2c14-478d-aef3-5981fb0f7cbe}.xpi [2022-06-07]
FF Extension: (Pacific Ocean Paradise) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d6cae59d-0218-4a22-b293-c2b80afda89b}.xpi [2022-06-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
Chrome:
=======
CHR Profile: C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default [2024-09-25]
CHR Extension: (Lighthouse) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2024-05-15]
CHR Extension: (Sad Panda) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2018-05-14]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-05-15]
CHR Extension: (uBlock Origin) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-05]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-25]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-04-22]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-04-22]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-04-22]
BRA Extension: (PDF Viewer) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-04-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-04-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Fichier non signé]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUSTeK Computer Inc. -> ASUS)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
S2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-05-10] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6709664 2023-10-03] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14715824 2022-11-15] (ADLICE -> )
S2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12779816 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101872 2017-04-11] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [80696 2024-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-16] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2024-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2024-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2024-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-12-13] (Malwarebytes Inc. -> Malwarebytes)
R3 MpKslc764065d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54914EF7-E059-48E6-B125-3FB38146A742}\MpKslDrv.sys [267552 2024-12-13] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [114104 2023-10-03] (Piriform Software Ltd -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2023-11-17] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-05-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-13 12:22 - 2024-12-13 12:31 - 000034458 _____ C:\Users\ISMAIL\Desktop\FRST.txt
2024-12-13 12:17 - 2024-12-13 12:28 - 000000000 ____D C:\FRST
2024-12-13 12:14 - 2024-12-13 12:16 - 002402304 _____ (Farbar) C:\Users\ISMAIL\Desktop\FRST64(1).exe
2024-12-13 01:52 - 2024-12-13 01:52 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-12-08 13:47 - 2024-12-08 13:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-01 15:05 - 2024-12-01 15:05 - 000041920 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2024-11-29 17:33 - 2024-12-10 17:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-11-16 00:35 - 2024-11-16 00:44 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-13 12:34 - 2023-05-12 11:27 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\Malwarebytes
2024-12-13 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-13 12:11 - 2020-11-03 23:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-13 00:43 - 2021-12-16 03:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-13 00:43 - 2016-08-12 11:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-13 00:43 - 2016-08-12 11:19 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-12-12 15:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-12 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-10 14:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-12-10 13:23 - 2020-11-04 00:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-12-10 00:42 - 2016-03-01 14:13 - 000000000 ____D C:\Users\ISMAIL\dwhelper
2024-12-09 15:13 - 2016-03-05 17:35 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\vlc
2024-12-08 13:49 - 2019-12-24 19:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-08 13:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-07 00:24 - 2020-06-15 00:11 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-07 00:24 - 2020-06-15 00:11 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-05 14:39 - 2021-07-20 06:23 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-12-05 13:32 - 2019-03-13 16:49 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\Code
2024-12-03 18:02 - 2021-12-13 11:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3469735148-2751303216-132763565-1001
2024-12-03 18:02 - 2020-11-04 00:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3469735148-2751303216-132763565-1001
2024-12-03 18:02 - 2020-11-03 23:55 - 000002422 _____ C:\Users\ISMAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-02 13:35 - 2020-11-04 00:07 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-02 13:35 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2024-12-02 13:35 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2024-12-02 13:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-12-02 13:31 - 2019-07-17 18:45 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-12-01 15:15 - 2017-07-21 07:32 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2024-12-01 15:14 - 2023-10-17 11:47 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\Kamo
2024-12-01 15:14 - 2022-02-10 21:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-01 15:12 - 2017-06-14 10:29 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-01 15:12 - 2017-06-14 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-01 15:09 - 2017-08-10 10:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-12-01 15:09 - 2016-02-19 09:15 - 000000000 __SHD C:\Users\ISMAIL\IntelGraphicsProfiles
2024-12-01 15:04 - 2020-11-04 00:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-01 15:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-12-01 15:03 - 2020-11-03 23:46 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-01 15:03 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-12-01 15:02 - 2016-01-28 09:51 - 000000000 ____D C:\ProgramData\AVAST Software
2024-12-01 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-11-28 14:01 - 2017-06-27 04:03 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\CrashDumps
2024-11-24 18:12 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-24 18:04 - 2020-11-04 00:19 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 18:04 - 2020-11-04 00:19 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-23 00:16 - 2023-10-05 12:55 - 000000000 ____D C:\Program Files\RUXIM
2024-11-14 18:29 - 2020-11-04 00:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-11-14 18:13 - 2020-11-03 23:46 - 000459416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-14 18:12 - 2016-02-19 10:24 - 000000000 ____D C:\Program Files\CCleaner
2024-11-14 18:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-14 16:20 - 2020-11-03 23:52 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-14 13:09 - 2023-10-03 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Kamo
2024-11-14 12:55 - 2022-10-13 02:48 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-11-13 01:38 - 2016-02-19 10:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 01:32 - 2016-02-19 10:47 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2016-02-19 09:15 - 2016-02-22 20:25 - 000000166 _____ () C:\Users\ISMAIL\AppData\Roaming\sp_data.sys
2016-03-30 15:59 - 2020-08-10 00:42 - 000007598 _____ () C:\Users\ISMAIL\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par ISMAIL (administrateur) sur DESKTOP-1IFJ95J (ASUSTeK COMPUTER INC. X555LAB) (13-12-2024 12:22:04)
Exécuté depuis C:\Users\ISMAIL\Desktop\FRST64(1).exe
Profils chargés: ISMAIL
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5131 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\RUXIM\PLUGScheduler.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\RUXIMICS.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe <2>
(C:\Users\ISMAIL\AppData\Local\Programs\Microsoft VS Code\Code.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.exe
(C:\Users\ISMAIL\AppData\Local\Temp\vscode-stable-user-x64\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Temp\is-M7SFB.tmp\CodeSetup-stable-f1a4fb101478ce6ec82fe9627c43efbf9e98c813.tmp
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe <2>
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22098.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ISMAIL\AppData\Local\Programs\Microsoft VS Code\Code.exe <9>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\VpnUpdate.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_11.2411.2.0_x64__8wekyb3d8bbwe\Maps.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2410.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\PLUGScheduler.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] (ASUS Cloud Corporation -> )
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\Installer\setup.exe [6871616 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3469735148-2751303216-132763565-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3469735148-2751303216-132763565-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1427704 2024-05-10] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [674304 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.140\Installer\chrmstp.exe [2024-12-13] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C231986D-68F5-4008-9642-C72A069942E7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-04-11] (ASUSTeK Computer Inc. -> AsusTek)
Task: {44CF5F12-FF40-4CDD-A3C9-A7F93CC052AD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé]
Task: {E7ACA1C4-A82A-4882-B8AC-AABDF769B043} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {ABA9A59C-CB30-4C93-BF57-67E3B07E61FF} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {57645A36-47BC-4A30-8C72-A35619882643} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {62028A33-44A5-4712-BEC6-97424BA36447} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5974312 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (l'élément de données a 80 caractères en plus).
Task: {CBFAC4EE-0B9C-409D-A626-75D45D799EDF} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [3914536 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B8467C34-BC53-4162-B546-AC3ADB36FDB7} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8289064 2024-11-12] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {42D16868-638B-411A-A042-2A244C693383} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {828A7993-7798-44C7-AF9C-3E905E4516D5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ed2735fa-82e3-45e3-a767-1e105e9ef35f" --version "6.29.11342" --silent
Task: {8E15CA9A-DDC7-4444-8A1B-6705FB8F9741} - System32\Tasks\CCleanerSkipUAC - ISMAIL => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> )
Task: {FCEBB5D6-EEB5-4C68-A3CD-AC7318ABE18B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3A6FC31F-DCAA-4E92-8D0E-90F0E1CA66FE} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {89BEBE61-3F86-41CA-ABED-24F658C2E5D7} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [911776 2023-10-03] (PIRIFORM SOFTWARE LIMITED -> Piriform)
Task: {09CD820A-D634-4233-9417-4836D594F99B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3D322B-2FA7-49BC-B140-EC78DF5BA9A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B52E131A-67A5-448F-B258-648B67B91F8F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311952 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {138615C5-2A38-4C2A-9597-7E78CEE72258} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311952 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFC20556-F455-41E1-84A1-0EA69B1A2665} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [186992 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5C59F54-16FB-4C6E-9726-DF54E178A006} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [90816 2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2DB351E-B0B3-4893-8380-A95B2361AF67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F71A92E9-EC4B-4C6A-83BC-6DA05389835F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E17570F-9A26-4F0F-B85C-4CD20A53E09E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0F74362-4935-44EB-8215-295CCA98AB65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {904A729E-3893-480F-AE37-3EA710D0257A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {2F2C84A9-41FB-487E-9FD6-758B814CEDB2} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3469735148-2751303216-132763565-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {1F26587B-E08D-4702-93F5-5587789EB0BE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {F193118B-019B-4FC6-A38E-CF6CC7984351} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {27551875-A84B-42FF-A257-8282C43405D4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {21A26B44-5DA0-4825-BB30-36134F06CA2A} - System32\Tasks\WpsNotifyTask_ISMAIL => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {47F4B8C0-F71B-4E7F-B155-546E6EA65929} - System32\Tasks\WpsUpdateTask_ISMAIL => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_ISMAIL.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_ISMAIL.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.43.169
Tcpip\..\Interfaces\{47922c0e-d206-473b-95ed-e759795f9597}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}: [DhcpNameServer] 192.168.43.169
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2332333343423: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2332333343423: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{83cdcf4d-aa7a-4b0e-8075-6deb5292c3b1}\6427565626F687D2537333642483: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-25]
Edge Extension: (Google Docs hors connexion) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-08-20]
Edge Extension: (Edge relevant text changes) - C:\Users\ISMAIL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2hgqb39f.default-1654602866718
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\6cyo7l1i.default-release-1 [2024-11-14]
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\jklviwsd.default-release [2024-11-14]
FF ProfilePath: C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718 [2024-12-13]
FF Extension: (uBlock Origin) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\uBlock0@raymondhill.net.xpi [2024-12-01]
FF Extension: (Spacial Blue) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{23a33630-c7f2-4383-a584-798397f8ea8c}.xpi [2022-06-07]
FF Extension: (Union Pacific) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{79d2a527-d4b5-4d7d-b74f-25d42c443d66}.xpi [2022-06-07]
FF Extension: (Galaxy Blue) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{a722dad2-f2cc-4485-9e1d-e5213db643a5}.xpi [2022-06-07]
FF Extension: (Video DownloadHelper) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-09-11]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-12-11]
FF Extension: (Pacific Ocean - Kaikoura) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d4475e05-2c14-478d-aef3-5981fb0f7cbe}.xpi [2022-06-07]
FF Extension: (Pacific Ocean Paradise) - C:\Users\ISMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\2hgqb39f.default-1654602866718\Extensions\{d6cae59d-0218-4a22-b293-c2b80afda89b}.xpi [2022-06-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
Chrome:
=======
CHR Profile: C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default [2024-09-25]
CHR Extension: (Lighthouse) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2024-05-15]
CHR Extension: (Sad Panda) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2018-05-14]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-05-15]
CHR Extension: (uBlock Origin) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ISMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-05]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-25]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-04-22]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-04-22]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-04-22]
BRA Extension: (PDF Viewer) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-04-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ISMAIL\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-04-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Fichier non signé]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUSTeK Computer Inc. -> ASUS)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512968 2024-12-04] (Microsoft Corporation -> Microsoft Corporation)
S2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-05-10] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6709664 2023-10-03] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14715824 2022-11-15] (ADLICE -> )
S2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12779816 2024-11-14] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101872 2017-04-11] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [80696 2024-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-16] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2024-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2024-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2024-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-12-13] (Malwarebytes Inc. -> Malwarebytes)
R3 MpKslc764065d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54914EF7-E059-48E6-B125-3FB38146A742}\MpKslDrv.sys [267552 2024-12-13] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [114104 2023-10-03] (Piriform Software Ltd -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2023-11-17] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-05-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-13 12:22 - 2024-12-13 12:31 - 000034458 _____ C:\Users\ISMAIL\Desktop\FRST.txt
2024-12-13 12:17 - 2024-12-13 12:28 - 000000000 ____D C:\FRST
2024-12-13 12:14 - 2024-12-13 12:16 - 002402304 _____ (Farbar) C:\Users\ISMAIL\Desktop\FRST64(1).exe
2024-12-13 01:52 - 2024-12-13 01:52 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-12-08 13:47 - 2024-12-08 13:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-01 15:05 - 2024-12-01 15:05 - 000041920 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2024-11-29 17:33 - 2024-12-10 17:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-11-16 00:35 - 2024-11-16 00:44 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-13 12:34 - 2023-05-12 11:27 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\Malwarebytes
2024-12-13 12:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-13 12:11 - 2020-11-03 23:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-13 00:43 - 2021-12-16 03:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-13 00:43 - 2016-08-12 11:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-13 00:43 - 2016-08-12 11:19 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-12-12 15:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-12 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-10 14:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-12-10 13:23 - 2020-11-04 00:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-12-10 00:42 - 2016-03-01 14:13 - 000000000 ____D C:\Users\ISMAIL\dwhelper
2024-12-09 15:13 - 2016-03-05 17:35 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\vlc
2024-12-08 13:49 - 2019-12-24 19:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-08 13:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-07 00:24 - 2020-06-15 00:11 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-07 00:24 - 2020-06-15 00:11 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-05 14:39 - 2021-07-20 06:23 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-12-05 13:32 - 2019-03-13 16:49 - 000000000 ____D C:\Users\ISMAIL\AppData\Roaming\Code
2024-12-03 18:02 - 2021-12-13 11:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3469735148-2751303216-132763565-1001
2024-12-03 18:02 - 2020-11-04 00:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3469735148-2751303216-132763565-1001
2024-12-03 18:02 - 2020-11-03 23:55 - 000002422 _____ C:\Users\ISMAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-02 13:35 - 2020-11-04 00:07 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-02 13:35 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2024-12-02 13:35 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2024-12-02 13:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-12-02 13:31 - 2019-07-17 18:45 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-12-01 15:15 - 2017-07-21 07:32 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2024-12-01 15:14 - 2023-10-17 11:47 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\Kamo
2024-12-01 15:14 - 2022-02-10 21:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-01 15:12 - 2017-06-14 10:29 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-01 15:12 - 2017-06-14 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-01 15:09 - 2017-08-10 10:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-12-01 15:09 - 2016-02-19 09:15 - 000000000 __SHD C:\Users\ISMAIL\IntelGraphicsProfiles
2024-12-01 15:04 - 2020-11-04 00:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-01 15:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-12-01 15:03 - 2020-11-03 23:46 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-01 15:03 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-12-01 15:02 - 2016-01-28 09:51 - 000000000 ____D C:\ProgramData\AVAST Software
2024-12-01 14:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-11-28 14:01 - 2017-06-27 04:03 - 000000000 ____D C:\Users\ISMAIL\AppData\Local\CrashDumps
2024-11-24 18:12 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-24 18:04 - 2020-11-04 00:19 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 18:04 - 2020-11-04 00:19 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-23 00:16 - 2023-10-05 12:55 - 000000000 ____D C:\Program Files\RUXIM
2024-11-14 18:29 - 2020-11-04 00:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-11-14 18:13 - 2020-11-03 23:46 - 000459416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-14 18:12 - 2016-02-19 10:24 - 000000000 ____D C:\Program Files\CCleaner
2024-11-14 18:08 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-14 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-14 16:20 - 2020-11-03 23:52 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-14 13:09 - 2023-10-03 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Kamo
2024-11-14 12:55 - 2022-10-13 02:48 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-11-13 01:38 - 2016-02-19 10:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 01:32 - 2016-02-19 10:47 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers ========
2016-02-19 09:15 - 2016-02-22 20:25 - 000000166 _____ () C:\Users\ISMAIL\AppData\Roaming\sp_data.sys
2016-03-30 15:59 - 2020-08-10 00:42 - 000007598 _____ () C:\Users\ISMAIL\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================