Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2025 Exécuté par jbgdt (administrateur) sur DESKTOP-OIL2S7T (MSI MS-7918) (15-01-2025 21:08:04) Exécuté depuis C:\Users\jbgdt\Desktop\FRST64.exe Profils chargés: jbgdt Plate-forme: Microsoft Windows 10 Famille Version 2004 19041.450 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCopyAccelerator.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\MusNotifyIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ea7f458f0e49497d\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <2> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13991760 2024-07-07] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1843456 2024-12-23] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\MountPoints2: {5b7f49a4-2f1c-11ef-a902-d8cb8ac41fb6} - "F:\OnePlus_setup.exe" /s HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\MountPoints2: {a10476ea-6b63-11ed-a8ae-d8cb8ac41fb6} - "E:\OnePlus_setup.exe" /s HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\MountPoints2: {b5801a33-52ed-11ee-a8ba-d8cb8ac41fb6} - "E:\OnePlus_setup.exe" /s HKU\S-1-5-21-3473521187-1294090053-3665839470-1001\...\MountPoints2: {c40bdbe7-2e13-11ed-a8ad-d8cb8ac41fb6} - "E:\OnePlus_setup.exe" /s ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {85683211-75DB-42AF-ADE6-CFCAB2B3DC29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {EBE863BF-2BEC-41D9-B565-78137DC64524} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) Task: {DD7FCEAD-A58E-451B-A07C-13C1DEA08620} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0de17816-6ecd-4b6c-82a5-8f9c81f04b5b" --version "6.31.11415" --silent Task: {90BF9C73-6BD9-43DA-AFF7-FEB1B0E5EC90} - System32\Tasks\CCleanerSkipUAC - jbgdt => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) Task: {386FD30E-D72A-4687-AA9D-5B7CA9E91C29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4833BECF-413B-433B-9F7D-E3C1A99D101D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E60BF10E-335C-4905-910E-23947FA65D46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CDAE98D0-5F95-45ED-9ED4-663C66C51532} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B27F1A3A-9085-4333-8817-5DFCCDEF1145} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {B1F801C2-8E78-4C57-8DA2-62E449FF36C3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3473521187-1294090053-3665839470-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2025-01-14] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {E2CCBBA5-7DCE-4A1F-8B4E-B9E94938A037} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-14] (Mozilla Corporation -> Mozilla Foundation) Task: {8803BAD5-BA12-41A7-8A01-08AC27C0CE38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D44EAB6F-9AA0-4349-B6CE-C643172C340B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {61406F51-8A99-4875-86E3-B388CCCFBDD6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {C84EFCDC-914D-4C3E-BE84-2385199E567A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6B75FC86-35F2-4A71-836D-5ACE8676E3EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {421412B8-F158-49E7-A708-D535A870FA19} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A01AF076-4F57-442B-83A2-A10125765E42} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C0DDFCED-5B2D-49EB-9CB4-C4D1EAD62F0C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {603619EB-8D3B-4ED7-AB88-4DB62E2B9303} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5333A6C5-1861-4305-8D98-6CCFB0A822B3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2024-12-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule Task: {9AE76A2D-E09D-47C1-96E6-CA3A5DBCD194} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3473521187-1294090053-3665839470-1001 => C:\Users\jbgdt\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2024-11-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{79555224-79df-42c2-ba83-f2766133b604}: [DhcpNameServer] 192.168.203.204 Tcpip\..\Interfaces\{9dd69077-fee9-4599-b607-3f4e47c7c3c0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9dd69077-fee9-4599-b607-3f4e47c7c3c0}: [DhcpDomain] home Edge: ======= DownloadDir: C:\Users\jbgdt\Downloads Edge Notifications: HKU\S-1-5-21-3473521187-1294090053-3665839470-1001 -> hxxps://web.skype.com Edge Profile: C:\Users\jbgdt\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-29] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jbgdt\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-01-13] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: v8m9q3gh.default FF ProfilePath: C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\v8m9q3gh.default [2021-01-06] FF ProfilePath: C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431 [2025-01-15] FF Homepage: Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431 -> hxxps://www.youtube.com/|hxxps://discord.com/channels/703935854342832160/941374644018118656|hxxps://outlook.live.com/mail/0/|hxxps://mail.yahoo.com/d/folders/1|hxxps://www.furaffinity.net/|hxxps://www.reddit.com/?feed=home FF Notifications: Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431 -> hxxps://www.hunqz.com; hxxps://www.romeo.com FF Extension: (AdBlocker Ultimate) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18] FF Extension: (AdGuard AdBlocker) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\adguardadblocker@adguard.com.xpi [2025-01-09] FF Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\firefox@ghostery.com.xpi [2024-12-03] FF Extension: (Consent-O-Matic) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\gdpr@cavi.au.dk.xpi [2024-10-09] FF Extension: (HTTPS Everywhere) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\https-everywhere-eff@eff.org.xpi [2022-05-18] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-11-01] FF Extension: (SponsorBlock pour YouTube - Supprime les publicités intégrées) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\sponsorBlocker@ajay.app.xpi [2025-01-10] FF Extension: (uBlock Origin) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\uBlock0@raymondhill.net.xpi [2024-11-26] FF Extension: (Startpage - recherche privé) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2024-10-09] FF Extension: (Youtube-shorts block) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{34daeb50-c2d2-4f14-886a-7160b24d66a4}.xpi [2024-09-04] FF Extension: (Gamer TIme) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{3afd3680-7dda-4412-be2c-1494d8162531}.xpi [2024-05-21] FF Extension: (Selenium IDE) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2024-11-01] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-12-16] FF Extension: (Eight Dollars) - C:\Users\jbgdt\AppData\Roaming\Mozilla\Firefox\Profiles\1cyxt79i.default-release-1603019230431\Extensions\{f2e41fc0-9746-4397-9e1b-90a33637be5f}.xpi [2023-04-03] FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]