Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025 Exécuté par Admin (administrateur) sur DANIEL (LENOVO 20EN0013CA) (25-01-2025 08:18:03) Exécuté depuis C:\Users\Admin\Desktop\FRST64.exe Profils chargés: Admin Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.4317 (X64) Langue: Français (Canada) Navigateur par défaut: "C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1" Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe (DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2409.25.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism\DismHost.exe <5> (Opera Norway AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe (services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe (services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24112.22.0_x64__cw5n1h2txyewy\CrossDeviceService.exe (svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_24348.802.3311.5092_x64__8wekyb3d8bbwe\msteamsupdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.127\Installer\setup.exe [6905896 2025-01-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [Opera Stable] => C:\Users\Admin\AppData\Local\Programs\Opera\opera.exe [1622424 2025-01-23] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3187660612-677162194-1757115519-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\132.0.6834.110\Installer\chrmstp.exe [2025-01-23] (Google LLC -> Google LLC) Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2025-01-13] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {CA972CAB-1F36-478E-9E62-0078142408D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {39678489-3393-460D-8EB9-40B0341CA200} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) Task: {E78359EE-79BE-4F1F-AA78-4F474F97133E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9499b11f-c041-437a-8725-5cf09398b67e" --version "6.31.11415" --silent Task: {231FA8DD-1DE5-4692-90B5-0082BCB0B957} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) Task: {4AE7E874-20E2-49E0-80E4-4B37E7366A27} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET) Task: {293012F3-7C0C-4EBF-BB73-D31194F471D5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-21] (ESET, spol. s r.o. -> ESET) Task: {E5326137-B782-4FFC-A16A-3D8D194B97D2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{382DD3B9-4E08-4BCD-AEF5-D98D38BF264B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC) Task: {E126FE1E-D0FB-4028-B015-8DBFDD1EB6AE} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {63BB2159-B2E7-4D5C-9A0D-61EA22C97766} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-27] (Lenovo -> Lenovo) Task: {7BFB9A3D-6A6C-4E4E-8973-D1ACA474799D} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-05] (Lenovo -> ) Task: {4183B3C7-00F4-4144-9B97-75E2C67FB75F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Pas de fichier) Task: {5A2A9260-8B6B-4CF3-81CA-C548150D187C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {75CA1E19-CDD3-49D7-AA8F-0C3E23BEC320} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {669ED19B-FC77-41B8-AFF5-41FC224D5975} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {30B42BA4-E223-4DA6-9B69-831CB8291A61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {38A4588F-0431-4A1C-96BB-E44143D90F13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DF588EF7-04B9-46E8-8FDA-CD9F68CDBAC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E526DBCC-FEF7-4342-BB76-4B39AAD572EF} - System32\Tasks\Opera scheduled Autoupdate 1698617315 => C:\Users\Admin\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-21] (Opera Norway AS -> Opera Software) Task: {FFFC40D7-E7C3-4047-9A2E-2CE9AA60F806} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {E7278A27-9E50-424D-B19C-E150A35B0C53} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {62DF8173-42A0-4BAD-B232-459BCCFEFFD9} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> ) Task: {7C83D10F-E1F7-46A2-8ED0-CE27EF4100B6} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> ) Task: {0B692027-3414-493D-ADC9-EBF63314FEAF} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001 => C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2025-01-19] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpNameServer] 192.168.2.1 207.164.234.129 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\2454C4C4231373: [DhcpDomain] home Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\348616C65647: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpNameServer] 192.168.1.8 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\34E40294E66796479E37: [DhcpDomain] home Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\355727563547169705C6573725F616E6F6B656251607964637: [DhcpNameServer] 1.1.1.1 1.0.0.1 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{c9f1591f-8c87-42b1-9804-ae91d8caeba1}\D4162736D214E6462756: [DhcpDomain] hsd1.fl.comcast.net Edge: ======= Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-20] Edge Extension: (Google Documents hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-27] Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25] Edge Extension: (Gestionnaire de mots de passe RoboForm) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljfpcifpgbbchoddpjefaipoiigpdmag [2024-12-27] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-01-20] CHR StartupUrls: Default -> "hxxps://www.google.ca/" CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?fr=mcafee&type=E210CA91166G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/gossip/gossip-ca-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (McAfee® WebAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-12-20] CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-14] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-3187660612-677162194-1757115519-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR DefaultProfile: Default ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-05] (Lenovo -> Lenovo Group Limited) S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2024-12-18] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-13] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_b72b32629cc698ac\NVWMI\nvWmi64.exe [4513312 2024-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R2 PCManager Service Store; C:\Program Files\WindowsApps\Microsoft.MicrosoftPCManager_3.15.5.0_x64__8wekyb3d8bbwe\PCManager\MSPCManagerService.exe [83504 2025-01-22] (Microsoft Corporation -> MSPCManagerService) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-03] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SynaHlp; C:\Windows\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.) R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2023-11-17] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKslb402295a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{576180D1-D18C-4CAF-A23F-FA705ED2E0E7}\MpKslDrv.sys [267552 2025-01-25] (Microsoft Windows -> Microsoft Corporation) R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-25 08:18 - 2025-01-25 08:19 - 000023323 _____ C:\Users\Admin\Desktop\FRST.txt 2025-01-25 08:17 - 2025-01-25 08:18 - 000000000 ____D C:\FRST 2025-01-25 08:16 - 2025-01-25 08:16 - 002403328 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2025-01-25 08:16 - 2025-01-25 08:16 - 000000000 ____D C:\Users\Admin\Desktop\Désinfection jan2024 2025-01-19 07:29 - 2025-01-19 07:29 - 000000000 ____D C:\Users\Admin\AppData\Local\Windows Master Store 2025-01-19 06:45 - 2025-01-19 06:45 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2025-01-09 10:41 - 2025-01-09 10:43 - 000000000 ____D C:\Users\Admin\Desktop\Test GPS USA 2025-01-04 17:40 - 2025-01-04 17:49 - 2436600032 ____R C:\Users\Admin\Desktop\[ Torrent911.eu ] Harold.And.The.Purple.Crayon.2024.French.Vfq.720P.WEBRIP.mkv 2024-12-31 14:32 - 2024-12-31 14:32 - 000000000 ____D C:\Users\Admin\Desktop\KIA GPS 2024-12-31 14:31 - 2025-01-19 06:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Navigation Updater 2024-12-31 14:31 - 2024-12-31 14:32 - 000000000 ____D C:\Program Files (x86)\Navigation Updater 2024-12-31 14:31 - 2024-12-31 14:31 - 000001322 _____ C:\Users\Admin\Desktop\Navigation Updater.lnk 2024-12-31 14:31 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation Updater 2024-12-31 14:30 - 2024-12-31 14:31 - 000000000 ____D C:\Users\Admin\AppData\Local\Temp.p19052 2024-12-31 14:20 - 2024-12-31 14:29 - 000000000 ____D C:\Users\Admin\Desktop\GPS et Radio Sorento 2024-12-31 09:26 - 2024-12-31 14:12 - 000000000 ____D C:\Users\Admin\Desktop\Sonic 2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA 2024-12-30 20:10 - 2024-12-30 20:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Avatarify 2024-12-30 19:56 - 2024-12-30 20:23 - 000000000 ____D C:\Users\Admin\.avatarify 2024-12-30 19:49 - 2024-12-30 19:49 - 103980269 _____ C:\Users\Admin\Downloads\Avatarify_Desktop_v0.10.exe.opdownload 2024-12-30 18:23 - 2024-12-30 19:35 - 000000000 ____D C:\Users\Admin\Desktop\Photo Famille Kelly 2024-12-29 09:59 - 2024-12-29 10:00 - 000000000 ____D C:\Users\Admin\Desktop\Karaoké 2024-12-29 09:53 - 2024-12-31 07:40 - 000000000 ____D C:\Users\Admin\Desktop\Innondation Chalet 2024-12-29 09:45 - 2024-12-29 09:45 - 001385379 _____ C:\Users\Admin\Desktop\Vérification Avant Départ 0808353.pdf 2024-12-28 10:21 - 2024-12-28 10:21 - 000769638 _____ C:\Windows\system32\perfh00C.dat 2024-12-28 10:21 - 2024-12-28 10:21 - 000146638 _____ C:\Windows\system32\perfc00C.dat 2024-12-28 10:10 - 2024-12-28 10:10 - 000022552 _____ C:\Users\Admin\Downloads\Long&McQuade.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-01-25 08:11 - 2022-05-07 00:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-01-25 07:58 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\SystemTemp 2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ___HD C:\Program Files\WindowsApps 2025-01-25 07:31 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\AppReadiness 2025-01-25 07:30 - 2023-10-14 15:44 - 000000000 ____D C:\Windows\system32\SleepStudy 2025-01-23 09:21 - 2023-10-29 17:08 - 000004238 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1698617315 2025-01-23 09:21 - 2023-10-29 17:08 - 000001386 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2025-01-23 09:20 - 2023-10-14 18:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-01-22 08:06 - 2023-10-29 17:50 - 000000000 ____D C:\Users\Admin\Desktop\Raccourcis du Bureau 2025-01-21 11:36 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache 2025-01-20 07:42 - 2023-11-19 15:37 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes 2025-01-20 07:34 - 2023-11-30 08:02 - 000000000 ____D C:\Program Files\CCleaner 2025-01-20 07:33 - 2023-11-21 16:21 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps 2025-01-20 07:33 - 2023-10-30 07:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\utorrent 2025-01-19 16:38 - 2024-11-14 12:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Zoom 2025-01-19 11:19 - 2022-05-07 00:22 - 000000000 ____D C:\Windows\INF 2025-01-19 11:12 - 2024-12-21 12:30 - 000003840 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2025-01-19 11:12 - 2024-12-21 12:30 - 000003398 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2025-01-19 11:12 - 2024-12-21 09:00 - 000001378 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2025-01-19 11:10 - 2024-12-21 09:00 - 000001272 _____ C:\Users\Admin\Desktop\ESET Online Scanner.lnk 2025-01-19 07:25 - 2023-10-14 15:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-01-19 07:24 - 2024-11-11 10:01 - 000000000 ____D C:\ProgramData\Windows Master Store 2025-01-19 06:45 - 2024-11-14 12:11 - 000004250 _____ C:\Windows\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-3187660612-677162194-1757115519-1001 2025-01-16 06:38 - 2023-10-14 16:59 - 000000000 ____D C:\Windows\system32\MRT 2025-01-16 06:18 - 2023-10-14 16:59 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2025-01-13 12:06 - 2024-05-27 06:49 - 000000000 ____D C:\Users\Admin\Desktop\A vendre 2025-01-11 09:38 - 2023-10-14 15:47 - 000000000 ____D C:\ProgramData\Packages 2025-01-09 07:41 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\system32\SecurityHealth 2025-01-04 21:04 - 2023-11-21 09:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc 2025-01-04 17:38 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\LiveKernelReports 2025-01-01 12:21 - 2023-10-30 07:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper 2025-01-01 06:39 - 2023-10-14 16:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2024-12-31 07:40 - 2023-10-14 16:54 - 000000000 ____D C:\Users\Admin 2024-12-30 20:10 - 2024-01-08 15:45 - 000000000 ____D C:\Users\Admin\AppData\Local\cache 2024-12-29 09:49 - 2024-02-23 07:04 - 000000000 ____D C:\Users\Admin\Desktop\IPTV 2024-12-29 09:46 - 2023-10-31 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word 2024-12-29 09:45 - 2023-12-04 06:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel 2024-12-28 10:21 - 2023-10-14 15:54 - 001710106 _____ C:\Windows\system32\PerfStringBackup.INI 2024-12-28 10:14 - 2023-10-14 17:03 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles 2024-12-28 10:14 - 2023-10-14 15:55 - 000000000 ____D C:\ProgramData\NVIDIA 2024-12-28 10:14 - 2023-10-14 15:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-12-28 10:14 - 2022-05-07 00:24 - 000000000 ____D C:\Windows\ServiceState 2024-12-28 10:13 - 2023-10-14 15:44 - 000012288 ___SH C:\DumpStack.log.tmp 2024-12-28 10:13 - 2022-05-07 00:17 - 000786432 _____ C:\Windows\system32\config\BBI 2024-12-27 16:59 - 2024-02-29 21:34 - 000013774 _____ C:\Users\Admin\Documents\settings.dat 2024-12-27 16:59 - 2024-02-29 21:34 - 000001064 _____ C:\Users\Admin\Documents\Playlist.spl 2024-12-27 16:59 - 2024-02-29 21:34 - 000000060 _____ C:\Users\Admin\Documents\SingerPlaylist.spl 2024-12-27 16:55 - 2024-02-29 21:33 - 000000808 _____ C:\Users\Admin\Documents\updates.dat ==================== Fichiers à la racine de certains dossiers ======== 2024-04-13 18:29 - 2024-04-13 18:29 - 000001926 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================