RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2025
ExÃ©cutÃ© par admin (administrateur) sur DESKTOP-2HN263J (LENOVO 80TL) (18-01-2025 10:06:08)
ExÃ©cutÃ© depuis C:\Users\admin\Desktop\FRST64.exe
Profils chargÃ©s: admin & MSSQL$EBP
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.5371 (X64) Langue: FranÃ§ais (France)
Navigateur par dÃ©faut: Chrome
Mode d'amorÃ§age: Normal

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Dacuda Scanner Mouse\Scanner Mouse.exe ->) (Dacuda AG -> ) C:\Program Files (x86)\Dacuda Scanner Mouse\Scanner Mouse Monitoring.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Brother Industries, Ltd.) [Fichier non signÃ©] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (MIXBYTE, INC. -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Index Education\Pronote 2024\RÃ©seau\Client\Client PRONOTE.exe ->) (INDEX EDUCATION SAS -> Index Education) C:\Program Files\Index Education\Pronote 2024\RÃ©seau\Client\wwwroot\IECefSubProcess.exe <4>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\admin\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Dacuda AG -> ) C:\Program Files (x86)\Dacuda Scanner Mouse\Scanner Mouse.exe
(explorer.exe ->) (gemalto -> Gemalto) C:\Program Files\Gemalto\IDGo 800 Certool\IDGo800Certool.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <39>
(explorer.exe ->) (INDEX EDUCATION SAS -> Index Education) C:\Program Files\Index Education\Pronote 2024\RÃ©seau\Client\Client PRONOTE.exe
(explorer.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (TomTom International B.V. -> TomTom) C:\Program Files (x86)\RLinkToolbox 3\RLinkToolbox.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) () [Fichier non signÃ©] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [Fichier non signÃ©] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) () [Fichier non signÃ©] C:\Program Files (x86)\No-IP\ducservice.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (INDEX EDUCATION SAS -> Index Education) C:\Program Files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EBP\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (MIXBYTE, INC. -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registre (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Certool] => C:\Program Files\Gemalto\IDGo 800 Certool\IDGo800Certool.exe [217096 2016-04-04] (gemalto -> Gemalto)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3331264 2020-01-20] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [Fichier non signÃ©]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [S17A] => C:\WINDOWS\twain_32\Brims17a\Common\TwDsUiLaunch.exe [86128 2020-02-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [189320 2022-02-09] (MIXBYTE, INC. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\102.0.2.0\GoogleDriveFS.exe [62767200 2025-01-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\102.0.2.0\GoogleDriveFS.exe [62767200 2025-01-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\102.0.2.0\GoogleDriveFS.exe [62767200 2025-01-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\admin\AppData\Local\WebEx\WebexHost.exe [8083040 2023-09-26] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [RLinkToolbox.exe] => C:\Program Files (x86)\RLinkToolbox 3\RLinkToolbox.exe [1055680 2021-03-02] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2990688 2025-01-07] (Google LLC -> Google LLC)
HKU\S-1-5-21-161172763-3884771791-2718854412-1001\...\RunOnce: [Uninstall 24.232.1118.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.232.1118.0003" [94208 2025-01-18] () [Fichier non signÃ©]
HKU\S-1-5-80-3474501146-2690987104-1058319931-3814775573-4026506562\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\102.0.2.0\GoogleDriveFS.exe [62767200 2025-01-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\102.0.2.0\GoogleDriveFS.exe [62767200 2025-01-15] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG3500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBV.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: C:\WINDOWS\system32\CNMLMBV.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series XPS: C:\WINDOWS\system32\CNMXLMBV.DLL [394240 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [Fichier non signÃ©]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.265\Installer\chrmstp.exe [2025-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dacuda Scanner Mouse.lnk [2020-03-02]
ShortcutTarget: Dacuda Scanner Mouse.lnk -> C:\Program Files (x86)\Dacuda Scanner Mouse\Scanner Mouse.exe (Dacuda AG -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== TÃ¢ches planifiÃ©es (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

Task: {91D4973A-6EA6-4489-A5A3-1EB7A8EF8531} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {0952343A-5F45-46BD-B764-472534B23D95} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C50ACE37-7333-41BD-B31B-ADFA64CEFE97} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c137903d-fe0f-45d3-b7a7-e90b1105640e" --version "6.31.11415" --silent
Task: {5CC1D528-7FD6-4F9F-9CD5-5F87F8085B70} - System32\Tasks\CCleanerSkipUAC - admin => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {8CCF750F-4BA8-41DD-9AF0-933C148F6F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{D6D92BAC-FF36-4377-825A-791CF74C0887} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {40BD0481-C365-4221-B7DD-1769A7C9E1FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FBC0776-8828-46B0-9D9C-B2DC46042C13} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [58600 2025-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA0B2B82-FEEA-4289-B393-0EBBEBAA0B71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28707056 2025-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1EAB15C-EDDD-470A-8980-11C64FC779E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222840 2025-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F4F0983-06DA-4AB2-83BA-F22D7131A326} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222840 2025-01-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {333E9903-9EC6-4923-9405-BCCACD355580} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1394E49F-DC04-4FE7-83F7-A62CD3078375} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F91C1F30-73C8-4B41-8A9D-D8D24663FA00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5B072EC-08E1-4A1D-BD85-B575C52BE9D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E8F472E-B16B-4484-A914-E54AE673448F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675744 2024-10-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'Ã©lÃ©ment de donnÃ©es a 6 caractÃ¨res en plus).
Task: {A67AE7E1-A6EA-4896-B024-4833D9175AD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-10-22] (Mozilla Corporation -> Mozilla Foundation)

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier tÃ¢che (.job) sera dÃ©placÃ©. Le fichier exÃ©cutÃ© par la tÃ¢che ne sera pas dÃ©placÃ©.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\14962726F687F563034353: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\14962726F687F563034353: [DhcpDomain] home
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\2426F687D22423244463641443: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\2426F687D22423244463641443: [DhcpDomain] lan
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\2426F687D26313144454038314: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\2426F687D26313144454038314: [DhcpDomain] lan
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\255646D696021323: [DhcpNameServer] 192.168.106.51
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\25F4554554552502142505: [DhcpNameServer] 10.10.10.254
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\3564256696262756537484A5F55374548545: [DhcpNameServer] 192.168.1.21
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\3564256696262756537484A5F55374548545: [DhcpDomain] EX6110
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\356425F514036464: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\356425F514831464: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\356425F524341483F5537484A5: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\356425F524349383: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\6627565626F687F5757515A4F4B4: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\942594353616E60224F6F6B6D243561383: [DhcpNameServer] 10.10.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\942594353616E60224F6F6B6D243561383: [DhcpDomain] DIRECTSCAN
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\960586F6E656024656023456C696E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C456370234C6563702465602C6160225565737379647560223: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D213436354: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D213436354: [DhcpDomain] home
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D214233403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D214233403: [DhcpDomain] home
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D214736403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C496675626F687D214736403: [DhcpDomain] home
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\C6E65647D61647: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{40a7a8ac-8520-4f8a-a1a6-084f64663278}\F4E65607C6573702E4F627460223: [DhcpNameServer] 192.168.243.113
Tcpip\..\Interfaces\{8d8c28ab-cc33-4d11-9c70-b23e885f4b35}: [DhcpNameServer] 172.23.64.3 172.23.64.1
Tcpip\..\Interfaces\{8d8c28ab-cc33-4d11-9c70-b23e885f4b35}: [DhcpDomain] sambaedu3.lyc-buisson-elbeuf.ac-rouen.fr

Edge: 
=======
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-12]
Edge Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-17]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: t17i5hqk.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\t17i5hqk.default [2020-03-26]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\mmlnj5y2.default-release-1729628663721 [2025-01-18]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signÃ©]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Kofax\Power PDF 31\Bin\nppdf.dll [Pas de fichier]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2025-01-18]
CHR Notifications: Default -> hxxps://saymineapp.com; hxxps://www.but.fr
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.fr/?pli=1"
CHR Extension: (Pearltrees Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa [2024-11-19]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-11]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-18]
CHR Extension: (ySense Addon) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjnhcgkngeeahimbfhejeaiijecekhba [2025-01-15]
CHR Extension: (Google Play Music) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-03-02]
CHR Extension: (CPX Log Version 2.2) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifkljhpjfghjeofndeoiapodnlbokljn [2024-06-24]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-21]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Convertisseur Audio) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2020-03-02]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-11-27]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 10 [2024-07-29]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-28]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-19]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-19]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 11 [2024-07-29]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-17]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-19]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-19]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 12 [2024-07-29]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-03-08]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-08]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 13 [2024-07-29]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-21]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-05-21]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-21]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 14 [2024-09-21]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-08]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-08]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-06-18]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-18]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 8 [2025-01-15]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-15]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-19]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-11]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-11]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 9 [2024-12-18]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-12-18]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-23]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-24]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-24]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-18]
CHR HKU\S-1-5-21-161172763-3884771791-2718854412-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-161172763-3884771791-2718854412-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13572312 2025-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2022-02-09] (MIXBYTE, INC. -> Freemake)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 MajIndexEducationService; C:\program files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe [5137520 2024-07-24] (INDEX EDUCATION SAS -> Index Education)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL12.EBP\MSSQL\Binn\sqlservr.exe [372408 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.2.800_x64__rb9pth70m6nz6\Muse.Service.exe [188928 2023-06-06] (Musecy SM Ltd. -> Muse.Service)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signÃ©]
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [682192 2024-12-07] (Ascensio System SIA -> Ascensio System SIA)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL12.EBP\MSSQL\Binn\SQLAGENT.EXE [613056 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371848 2021-08-03] (Synology Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [11776 2023-11-08] () [Fichier non signÃ©]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [18944 2023-11-08] () [Fichier non signÃ©]

===================== Pilotes (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-04-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-04-25] (Disc Soft Ltd -> Disc Soft Ltd)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [610496 2018-02-07] (Kaspersky Lab -> AO Kaspersky Lab)
R3 MpKsl8cfcb819; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7B10284-D09E-4CD0-A105-2A658E2F5320}\MpKslDrv.sys [267552 2025-01-18] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\7.32.2.0\Drivers\NDivert.sys [131472 2024-10-31] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [103528 2024-09-12] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-09-12] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-25] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 AppleKmdfFilter; \SystemRoot\System32\drivers\AppleKmdfFilter.sys [X]
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois (crÃ©Ã©s) (Avec liste blanche) =========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2025-01-18 10:06 - 2025-01-18 10:07 - 000039652 _____ C:\Users\admin\Desktop\FRST.txt
2025-01-18 10:04 - 2025-01-18 10:04 - 002403328 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2025-01-16 22:11 - 2025-01-16 22:11 - 000000000 ____D C:\Users\admin\AppData\Local\PCHealthCheck
2025-01-16 22:10 - 2025-01-16 22:10 - 000000000 ___HD C:\$WinREAgent
2025-01-15 17:41 - 2025-01-15 17:43 - 000000000 ____D C:\Users\admin\Desktop\devoir CAP Excel 1
2025-01-15 17:13 - 2025-01-15 17:13 - 000011761 _____ C:\Users\admin\Downloads\CA magasin informatique prÃ©nom.xlsx
2025-01-15 17:12 - 2025-01-15 17:12 - 000040203 _____ C:\Users\admin\Downloads\EduConnect_CourrierEleve-LOUIS_Julien.pdf
2025-01-15 17:11 - 2025-01-15 17:11 - 000040211 _____ C:\Users\admin\Downloads\EduConnect_CourrierEleve-LEMERCIER_Emmy (1).pdf
2025-01-15 17:10 - 2025-01-15 17:10 - 000040206 _____ C:\Users\admin\Downloads\EduConnect_CourrierEleve-LAPOTRE_Mathis (1).pdf
2025-01-15 17:08 - 2025-01-15 17:08 - 000040208 _____ C:\Users\admin\Downloads\EduConnect_CourrierEleve-LEROY_Thibaut (1).pdf
2025-01-15 17:07 - 2025-01-15 17:07 - 000040204 _____ C:\Users\admin\Downloads\EduConnect_CourrierEleve-GOMMEAU_Johann.pdf
2025-01-15 16:57 - 2025-01-15 16:57 - 000004003 _____ C:\Users\admin\Downloads\Opposition sur prÃ©lÃ¨vement - 93D3C0A5CFF10AF11CDE09A468B027D6 - FR77ZZZ653665.pdf
2025-01-11 15:08 - 2025-01-11 15:09 - 000000000 ____D C:\Users\admin\Desktop\ilovepdf_split
2025-01-11 12:15 - 2025-01-11 12:36 - 000000000 ____D C:\Users\admin\Desktop\oral 1 MDA

==================== Un mois (modifiÃ©s) ==================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2025-01-18 10:06 - 2022-04-29 17:43 - 000000000 ____D C:\FRST
2025-01-18 09:25 - 2021-11-24 13:56 - 000000000 ____D C:\Users\admin\AppData\Local\WebEx
2025-01-18 09:21 - 2020-03-02 20:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-01-18 09:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-18 09:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-18 09:18 - 2020-12-07 16:02 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{88F11362-13D9-4483-8FBF-FA644B2B0661}
2025-01-18 09:16 - 2020-03-02 21:04 - 000000000 ____D C:\ProgramData\IndexEducation
2025-01-18 09:15 - 2021-12-12 10:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-161172763-3884771791-2718854412-1001
2025-01-18 09:15 - 2020-12-07 17:27 - 000006328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-18 09:15 - 2020-12-07 16:02 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-161172763-3884771791-2718854412-1001
2025-01-18 09:15 - 2020-12-07 14:54 - 000002462 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-18 09:15 - 2020-06-09 10:54 - 000000000 ____D C:\Program Files\CCleaner
2025-01-18 09:15 - 2019-12-07 15:50 - 005712908 _____ C:\WINDOWS\system32\perfh00C.dat
2025-01-18 09:15 - 2019-12-07 15:50 - 001591428 _____ C:\WINDOWS\system32\perfc00C.dat
2025-01-18 09:15 - 2018-04-24 07:50 - 000000000 ___RD C:\Users\admin\OneDrive
2025-01-18 09:14 - 2020-03-02 20:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2025-01-18 09:14 - 2018-04-24 07:51 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2025-01-16 22:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-16 22:22 - 2020-03-02 23:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2025-01-16 22:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-01-16 22:21 - 2021-12-20 16:56 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-16 22:21 - 2020-12-07 16:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-16 22:21 - 2020-12-07 15:55 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-16 22:21 - 2020-12-07 14:54 - 000000000 ____D C:\Users\MSSQL$EBP
2025-01-16 22:21 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-01-16 22:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-16 22:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-16 22:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-16 22:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-16 22:19 - 2021-11-21 21:05 - 005585920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gppref.dll
2025-01-16 22:19 - 2021-11-21 21:05 - 003456512 _____ (Microsoft Corporation) C:\WINDOWS\system32\propshts.dll
2025-01-16 22:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-16 22:17 - 2020-12-07 15:57 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-16 22:11 - 2024-10-13 11:54 - 000001390 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2025-01-15 16:50 - 2020-03-02 23:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 16:45 - 2020-03-02 23:54 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-15 16:26 - 2020-03-05 01:35 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Excel
2025-01-15 16:26 - 2020-03-02 21:03 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Word
2025-01-15 15:37 - 2021-09-01 19:58 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-01-15 15:37 - 2021-09-01 19:58 - 000002008 _____ C:\Users\Default\Desktop\Google Slides.lnk
2025-01-15 15:37 - 2021-09-01 19:58 - 000002008 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2025-01-15 15:37 - 2021-09-01 19:58 - 000001996 _____ C:\Users\Default\Desktop\Google Docs.lnk
2025-01-14 21:02 - 2020-06-22 08:19 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-14 20:58 - 2022-11-07 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2025-01-14 20:58 - 2022-11-07 21:42 - 000000000 ____D C:\Program Files\NordVPN
2025-01-14 20:56 - 2020-12-07 15:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-12 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2025-01-11 12:13 - 2020-03-02 20:52 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2025-01-11 12:06 - 2020-03-02 20:52 - 000000000 ____D C:\ProgramData\Packages
2025-01-11 11:56 - 2020-09-04 13:53 - 000000000 ____D C:\Program Files\Recuva
2025-01-11 11:54 - 2020-06-08 17:49 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-08 16:50 - 2022-11-07 21:42 - 000000000 ____D C:\Program Files\NordUpdater
2024-12-22 14:46 - 2020-12-07 16:02 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-22 14:46 - 2020-12-07 16:02 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Fichiers Ã  la racine de certains dossiers ========

2022-12-24 16:00 - 2022-12-24 16:00 - 001042082 _____ () C:\Users\admin\AppData\Roaming\TI Connect CE-6.0.0.2688-Installation.log
2020-03-31 09:11 - 2024-10-19 17:45 - 000000128 _____ () C:\Users\admin\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

==================== Fin de FRST.txt ========================