Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2021
Exécuté par alleur (administrateur) sur PC-CHRISTIAN (0) (10-11-2021 15:43:54)
Exécuté depuis C:\Users\alleu\Desktop
Profils chargés: alleur
Plate-forme: Windows 10 Pro Version 21H1 19043.1320 (X86) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Unlocker\UnlockerAssistant.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG -> devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files\AnyDesk\AnyDesk.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Tablet.exe <2>
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\TabUserW.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [586888 2018-09-20] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\ccleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [SideSync] => C:\Program Files\Samsung\SideSync4\SideSync.exe [12476064 2019-01-11] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [Samsung DeX] => C:\Program Files\Samsung\Samsung DeX\SamsungDeX.exe [10484392 2021-07-01] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Windows NT x86\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\W32X86\ActPrint.dll [37000 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows NT x86\Print Processors\Canon MG6400 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDBT.DLL [29184 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [59344 2019-12-17] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series: C:\WINDOWS\system32\CNMLMBT.DLL [317952 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series XPS: C:\WINDOWS\system32\CNMXLMBT.DLL [320000 2013-04-04] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMNPPM.DLL [366592 2013-01-24] (CANON INC.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-05-01]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-05-31]
ShortcutTarget: MEGAsync.lnk -> C:\Users\alleu\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {17CE2501-0C38-4283-828F-FB5FF2853B51} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-830559335-3594666128-338778366-1002 => C:\Users\alleu\AppData\Local\MEGAsync\MEGAupdater.exe [1306288 2021-05-13] (Mega Limited -> Mega Limited)
Task: {2805BFA5-7D2A-41F0-9177-A795F11B5812} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3808D5AC-D82E-4264-BB69-3FEC9069CC7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60F3960E-7374-428B-824A-63C65554293D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66C1CD6F-388D-4AED-9A98-00C1624BA141} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DDA1B57B-F740-49D1-9493-2A141D1D60B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{921b97e2-1255-44db-bf65-5c027bde36ad}: [DhcpNameServer] 192.168.49.1
Tcpip\..\Interfaces\{ff130cdc-710d-4751-8bfb-cfb2299dbeab}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Chargement
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-11-09]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2021-09-28]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2021-09-28]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2021-09-28]
FireFox:
========
FF DefaultProfile: s160f0al.1211bis-1617635838248
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 [2021-11-10]
FF DownloadDir: C:\Chargement
FF Homepage: Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 -> hxxps://webmail.sfr.fr/main.html#inbox
FF Notifications: Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 -> hxxps://fr.aliexpress.com; hxxps://mail.google.com; hxxps://community.lecrabeinfo.net
FF Extension: (Signal Spam) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\@addonsignalspam.xpi [2021-10-05]
FF Extension: (Decentraleyes) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-10-17]
FF Extension: (uBlock Origin) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (ClearURLs) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-10-17]
FF Extension: (QueChoisir - Oqif) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{7b259f2a-2c8f-4f65-a9d3-ee2b090f4f73}.xpi [2021-04-16]
FF Extension: (NCIS .....) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{be7b9ae4-d40c-4ab2-86f5-f09bfdc64176}.xpi [2021-04-05]
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\256zd35w.Utilisateur 1211 [2021-11-10]
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\p8itf0m1.Utilisateur par défaut [2021-11-10]
FF Extension: (uBlock Origin) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\p8itf0m1.Utilisateur par défaut\Extensions\uBlock0@raymondhill.net.xpi [2021-11-10]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-06-10]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signé]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin HKU\S-1-5-21-830559335-3594666128-338778366-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-11] (Adobe Inc. -> Adobe Systems)
R2 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files\AnyDesk\AnyDesk.exe [3743984 2021-10-07] (philandro Software GmbH -> philandro Software GmbH)
S3 cloudidsvc; C:\WINDOWS\system32\cloudidsvc.dll [81408 2021-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [6108344 2021-07-13] (devolo AG -> devolo AG)
R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [110216 2015-10-01] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4726496 2021-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [160776 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TabletService; C:\WINDOWS\system32\Tablet.exe [1185328 2007-01-26] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 TechSmith Uploader Service; C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [283960 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [1869144 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [88664 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107760 2019-05-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [567064 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [35760 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [33200 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [132728 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [15720 2012-04-18] (Garmin International -> GARMIN Corp.)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [12088 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [14104 2013-12-03] (Kasherlab Technology Inc. -> )
R2 NPF_devolo; C:\WINDOWS\system32\drivers\npf_devolo.sys [36624 2021-07-13] (devolo AG -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [35320 2021-03-10] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [987712 2021-10-20] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [150024 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [41992 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [41992 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
R1 vrvd5; C:\WINDOWS\System32\drivers\vrvd5.sys [11296 2020-04-23] (Rsupport Co., Ltd. -> Rsupport Corporation)
S3 WacHidRouter; C:\WINDOWS\System32\drivers\wachidrouter.sys [85304 2014-08-06] (Wacom Technology Corp. -> Wacom Technology)
R3 wacommousefilter; C:\WINDOWS\System32\drivers\wacommousefilter.sys [5632 2006-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [13112 2014-08-06] (Wacom Technology Corp. -> Wacom Technology)
R3 wacomvhid; C:\WINDOWS\System32\drivers\wacomvhid.sys [6272 2006-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [39304 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [342240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60640 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-10 15:41 - 2021-11-10 15:44 - 000021968 _____ C:\Users\alleu\Desktop\FRST.txt
2021-11-10 15:37 - 2021-11-10 15:38 - 000000915 _____ C:\Users\alleu\Desktop\ZHPSuite.lnk
2021-11-10 12:32 - 2021-11-10 12:32 - 000000000 ___HD C:\$WinREAgent
2021-11-09 23:47 - 2021-11-10 15:44 - 000000000 ____D C:\FRST
2021-11-09 23:46 - 2021-11-10 12:32 - 002019840 _____ (Farbar) C:\Users\alleu\Desktop\FRST.exe
2021-11-09 09:49 - 2021-11-09 09:49 - 000001077 _____ C:\Users\alleu\Desktop\WhoCrashed.lnk
2021-11-09 09:49 - 2021-11-09 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2021-11-09 09:49 - 2021-11-09 09:49 - 000000000 ____D C:\Program Files\WhoCrashed
2021-11-09 01:00 - 2021-11-09 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Services d’impression Bonjour
2021-11-09 01:00 - 2021-11-09 01:00 - 000000000 ____D C:\Program Files\Bonjour Print Services
2021-11-09 00:59 - 2021-11-09 00:59 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Users\alleu\AppData\Local\Apple
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Program Files\Bonjour
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Program Files\Apple Software Update
2021-11-07 16:02 - 2021-11-07 16:03 - 000000000 ____D C:\AdwCleaner
2021-11-06 23:47 - 2021-11-07 16:50 - 000000000 ____D C:\Users\alleu\AppData\Local\D3DSCache
2021-11-06 23:43 - 2021-11-06 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
2021-11-06 23:43 - 2021-11-06 23:43 - 000000000 ____D C:\Users\alleu\AppData\Roaming\driveridentifier
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Neos Eureka S.r.l
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\Users\alleu\AppData\Roaming\DriverFix
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFix
2021-11-06 23:14 - 2021-10-20 03:45 - 000987712 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x86.sys
2021-11-06 23:13 - 2021-11-06 23:14 - 000000000 ____D C:\Program Files\Realtek
2021-11-06 23:10 - 2021-11-06 23:10 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Cybelsoft
2021-11-06 23:10 - 2021-11-06 23:10 - 000000000 ____D C:\Program Files\Cybelsoft
2021-11-06 16:44 - 2021-11-06 16:44 - 000000000 ___HD C:\$SysReset
2021-11-06 12:09 - 2021-11-10 15:39 - 000000000 ____D C:\Users\alleu\AppData\Roaming\ZHP
2021-11-06 01:21 - 2021-11-06 01:21 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-PC-CHRISTIAN-Windows-10-Pro-(32-bit).dat
2021-11-06 01:21 - 2021-11-06 01:21 - 000000000 ____D C:\RegBackup
2021-11-04 15:44 - 2021-11-04 15:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-04 11:15 - 2021-11-07 00:07 - 000764634 _____ C:\WINDOWS\ntbtlog.txt
2021-11-04 11:15 - 2021-11-06 22:35 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-10-17 00:29 - 2021-10-17 00:29 - 000000000 ____D C:\Users\alleu\AppData\Local\IsolatedStorage
2021-10-17 00:29 - 2021-10-17 00:29 - 000000000 ____D C:\Users\alleu\AppData\Local\
2021-10-17 00:08 - 2021-10-17 00:08 - 000000000 ____D C:\Users\alleu\AppData\Local\Hawaii_Beach
2021-10-14 10:23 - 2021-11-06 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2021-10-13 17:00 - 2021-10-13 17:00 - 000611960 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-12 18:08 - 2021-10-12 18:08 - 000001942 _____ C:\Users\Public\Desktop\Garmin Express.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-10 15:39 - 2019-12-07 07:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-10 15:37 - 2019-01-30 14:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-10 15:37 - 2018-10-17 14:22 - 000000000 ____D C:\Users\alleu\AppData\LocalLow\Mozilla
2021-11-10 14:49 - 2020-06-23 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-10 14:49 - 2020-06-23 17:19 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-10 14:49 - 2019-04-06 18:32 - 000000000 ____D C:\Users\alleu\AppData\Roaming\WTablet
2021-11-10 14:48 - 2019-12-07 07:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-10 13:03 - 2019-12-07 07:12 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-10 13:03 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-10 12:59 - 2019-12-07 07:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 12:36 - 2021-10-09 10:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-10 12:36 - 2020-06-23 17:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HardDiskSentinel
2021-11-10 12:36 - 2020-06-23 16:22 - 000000000 ____D C:\Users\alleu
2021-11-10 12:36 - 2018-10-17 16:12 - 000000000 ____D C:\Users\PC-Christian
2021-11-10 12:29 - 2019-12-07 07:10 - 000000000 ____D C:\WINDOWS\INF
2021-11-10 12:28 - 2018-10-17 15:51 - 000000000 ____D C:\Program Files\CCleaner
2021-11-09 21:09 - 2019-10-04 16:02 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-09 18:26 - 2018-10-17 18:32 - 000000000 ___RD C:\Chargement
2021-11-09 14:50 - 2020-06-23 17:19 - 003896752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-09 14:47 - 2019-12-07 13:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-09 14:47 - 2019-12-07 13:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-09 14:47 - 2019-12-07 07:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-09 13:41 - 2021-10-07 12:37 - 000000000 ____D C:\Users\alleu\AppData\Local\ZHP
2021-11-09 09:50 - 2018-10-25 08:25 - 000000000 ____D C:\Users\alleu\AppData\Local\DBG
2021-11-09 01:05 - 2019-12-23 23:52 - 000000000 ____D C:\ProgramData\TEMP
2021-11-08 23:33 - 2018-11-21 16:03 - 000000000 ____D C:\Users\alleu\AppData\Roaming\vlc
2021-11-08 23:33 - 2018-10-24 17:44 - 000000000 ____D C:\Users\alleu\AppData\Local\ElevatedDiagnostics
2021-11-08 23:27 - 2018-10-17 16:08 - 000001043 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-08 00:45 - 2020-01-17 11:11 - 000001946 _____ C:\Users\Public\Desktop\SFM 2400 B1.lnk
2021-11-08 00:39 - 2018-11-02 14:55 - 000000000 ____D C:\Users\alleu\AppData\Local\CrashDumps
2021-11-08 00:15 - 2020-07-04 09:57 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-08 00:15 - 2020-07-04 09:57 - 000002235 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-07 21:28 - 2020-06-23 17:33 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-830559335-3594666128-338778366-1002
2021-11-07 21:28 - 2020-06-23 16:22 - 000002451 _____ C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-07 19:00 - 2020-06-23 17:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-07 15:50 - 2021-07-20 12:05 - 000000000 ____D C:\Users\alleu\AppData\Roaming\KC Softwares
2021-11-07 15:40 - 2021-07-20 12:04 - 000000000 ____D C:\Program Files\KC Softwares
2021-11-07 13:40 - 2018-10-19 09:55 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-06 23:13 - 2018-11-08 02:06 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2021-11-06 18:20 - 2021-10-08 16:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-11-06 18:20 - 2021-10-08 16:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-11-06 18:20 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\Help
2021-11-06 16:54 - 2020-06-22 06:33 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-06 06:43 - 2018-10-17 00:49 - 000000000 ____D C:\WINDOWS\CSC
2021-11-06 01:49 - 2020-06-23 17:27 - 001761484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-06 01:49 - 2019-12-07 13:20 - 000774544 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-06 01:49 - 2019-12-07 13:20 - 000144692 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-04 15:47 - 2018-11-12 18:06 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-04 15:47 - 2018-10-18 09:26 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2021-11-04 11:07 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nextbase
2021-11-04 11:07 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Local\nextbase-replay-4
2021-11-04 11:07 - 2018-11-21 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-11-04 11:07 - 2018-11-21 11:28 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-11-04 10:57 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Roaming\MyNextbase Player
2021-11-04 10:57 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\registration
2021-11-03 15:21 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Local\SquirrelTemp
2021-11-03 14:33 - 2018-10-17 00:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-01 16:30 - 2018-10-17 01:08 - 000000000 ____D C:\Users\alleu\AppData\Local\Packages
2021-10-26 22:14 - 2020-04-15 22:13 - 000000000 ____D C:\WTablet
2021-10-23 16:59 - 2018-11-21 16:02 - 000001106 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-10-12 18:14 - 2018-10-19 09:58 - 000000000 ____D C:\ProgramData\Garmin
2021-10-12 18:08 - 2018-12-15 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-10-12 17:58 - 2018-10-17 01:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-12 17:49 - 2018-10-17 01:32 - 136459696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par alleur (administrateur) sur PC-CHRISTIAN (0) (10-11-2021 15:43:54)
Exécuté depuis C:\Users\alleu\Desktop
Profils chargés: alleur
Plate-forme: Windows 10 Pro Version 21H1 19043.1320 (X86) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files\Unlocker\UnlockerAssistant.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG -> devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files\AnyDesk\AnyDesk.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Tablet.exe <2>
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\TabUserW.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [586888 2018-09-20] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\ccleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [SideSync] => C:\Program Files\Samsung\SideSync4\SideSync.exe [12476064 2019-01-11] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-21-830559335-3594666128-338778366-1002\...\Run: [Samsung DeX] => C:\Program Files\Samsung\Samsung DeX\SamsungDeX.exe [10484392 2021-07-01] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM\...\Windows NT x86\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\W32X86\ActPrint.dll [37000 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows NT x86\Print Processors\Canon MG6400 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDBT.DLL [29184 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [59344 2019-12-17] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series: C:\WINDOWS\system32\CNMLMBT.DLL [317952 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6400 series XPS: C:\WINDOWS\system32\CNMXLMBT.DLL [320000 2013-04-04] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMNPPM.DLL [366592 2013-01-24] (CANON INC.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-05-01]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-05-31]
ShortcutTarget: MEGAsync.lnk -> C:\Users\alleu\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {17CE2501-0C38-4283-828F-FB5FF2853B51} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-830559335-3594666128-338778366-1002 => C:\Users\alleu\AppData\Local\MEGAsync\MEGAupdater.exe [1306288 2021-05-13] (Mega Limited -> Mega Limited)
Task: {2805BFA5-7D2A-41F0-9177-A795F11B5812} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3808D5AC-D82E-4264-BB69-3FEC9069CC7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60F3960E-7374-428B-824A-63C65554293D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66C1CD6F-388D-4AED-9A98-00C1624BA141} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [737992 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DDA1B57B-F740-49D1-9493-2A141D1D60B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{921b97e2-1255-44db-bf65-5c027bde36ad}: [DhcpNameServer] 192.168.49.1
Tcpip\..\Interfaces\{ff130cdc-710d-4751-8bfb-cfb2299dbeab}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Chargement
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-11-09]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2021-09-28]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2021-09-28]
Edge Profile: C:\Users\alleu\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2021-09-28]
FireFox:
========
FF DefaultProfile: s160f0al.1211bis-1617635838248
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 [2021-11-10]
FF DownloadDir: C:\Chargement
FF Homepage: Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 -> hxxps://webmail.sfr.fr/main.html#inbox
FF Notifications: Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248 -> hxxps://fr.aliexpress.com; hxxps://mail.google.com; hxxps://community.lecrabeinfo.net
FF Extension: (Signal Spam) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\@addonsignalspam.xpi [2021-10-05]
FF Extension: (Decentraleyes) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-10-17]
FF Extension: (uBlock Origin) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\uBlock0@raymondhill.net.xpi [2021-10-16]
FF Extension: (ClearURLs) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-10-17]
FF Extension: (QueChoisir - Oqif) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{7b259f2a-2c8f-4f65-a9d3-ee2b090f4f73}.xpi [2021-04-16]
FF Extension: (NCIS .....) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\s160f0al.1211bis-1617635838248\Extensions\{be7b9ae4-d40c-4ab2-86f5-f09bfdc64176}.xpi [2021-04-05]
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\256zd35w.Utilisateur 1211 [2021-11-10]
FF ProfilePath: C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\p8itf0m1.Utilisateur par défaut [2021-11-10]
FF Extension: (uBlock Origin) - C:\Users\alleu\AppData\Roaming\Mozilla\Firefox\Profiles\p8itf0m1.Utilisateur par défaut\Extensions\uBlock0@raymondhill.net.xpi [2021-11-10]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-06-10]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signé]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin HKU\S-1-5-21-830559335-3594666128-338778366-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-11] (Adobe Inc. -> Adobe Systems)
R2 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files\AnyDesk\AnyDesk.exe [3743984 2021-10-07] (philandro Software GmbH -> philandro Software GmbH)
S3 cloudidsvc; C:\WINDOWS\system32\cloudidsvc.dll [81408 2021-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [6108344 2021-07-13] (devolo AG -> devolo AG)
R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [110216 2015-10-01] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4726496 2021-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [160776 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TabletService; C:\WINDOWS\system32\Tablet.exe [1185328 2007-01-26] (Wacom Technology Corp. -> Wacom Technology, Corp.)
R2 TechSmith Uploader Service; C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [283960 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [1869144 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [88664 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107760 2019-05-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [567064 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [35760 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [33200 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [132728 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [15720 2012-04-18] (Garmin International -> GARMIN Corp.)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [12088 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [14104 2013-12-03] (Kasherlab Technology Inc. -> )
R2 NPF_devolo; C:\WINDOWS\system32\drivers\npf_devolo.sys [36624 2021-07-13] (devolo AG -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [35320 2021-03-10] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [13064 2019-11-08] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [987712 2021-10-20] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [150024 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [41992 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [41992 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Fichier non signé]
R1 vrvd5; C:\WINDOWS\System32\drivers\vrvd5.sys [11296 2020-04-23] (Rsupport Co., Ltd. -> Rsupport Corporation)
S3 WacHidRouter; C:\WINDOWS\System32\drivers\wachidrouter.sys [85304 2014-08-06] (Wacom Technology Corp. -> Wacom Technology)
R3 wacommousefilter; C:\WINDOWS\System32\drivers\wacommousefilter.sys [5632 2006-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [13112 2014-08-06] (Wacom Technology Corp. -> Wacom Technology)
R3 wacomvhid; C:\WINDOWS\System32\drivers\wacomvhid.sys [6272 2006-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [39304 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [342240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60640 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [213504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-10 15:41 - 2021-11-10 15:44 - 000021968 _____ C:\Users\alleu\Desktop\FRST.txt
2021-11-10 15:37 - 2021-11-10 15:38 - 000000915 _____ C:\Users\alleu\Desktop\ZHPSuite.lnk
2021-11-10 12:32 - 2021-11-10 12:32 - 000000000 ___HD C:\$WinREAgent
2021-11-09 23:47 - 2021-11-10 15:44 - 000000000 ____D C:\FRST
2021-11-09 23:46 - 2021-11-10 12:32 - 002019840 _____ (Farbar) C:\Users\alleu\Desktop\FRST.exe
2021-11-09 09:49 - 2021-11-09 09:49 - 000001077 _____ C:\Users\alleu\Desktop\WhoCrashed.lnk
2021-11-09 09:49 - 2021-11-09 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2021-11-09 09:49 - 2021-11-09 09:49 - 000000000 ____D C:\Program Files\WhoCrashed
2021-11-09 01:00 - 2021-11-09 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Services d’impression Bonjour
2021-11-09 01:00 - 2021-11-09 01:00 - 000000000 ____D C:\Program Files\Bonjour Print Services
2021-11-09 00:59 - 2021-11-09 00:59 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Users\alleu\AppData\Local\Apple
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Program Files\Bonjour
2021-11-09 00:59 - 2021-11-09 00:59 - 000000000 ____D C:\Program Files\Apple Software Update
2021-11-07 16:02 - 2021-11-07 16:03 - 000000000 ____D C:\AdwCleaner
2021-11-06 23:47 - 2021-11-07 16:50 - 000000000 ____D C:\Users\alleu\AppData\Local\D3DSCache
2021-11-06 23:43 - 2021-11-06 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
2021-11-06 23:43 - 2021-11-06 23:43 - 000000000 ____D C:\Users\alleu\AppData\Roaming\driveridentifier
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Neos Eureka S.r.l
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\Users\alleu\AppData\Roaming\DriverFix
2021-11-06 23:30 - 2021-11-06 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFix
2021-11-06 23:14 - 2021-10-20 03:45 - 000987712 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x86.sys
2021-11-06 23:13 - 2021-11-06 23:14 - 000000000 ____D C:\Program Files\Realtek
2021-11-06 23:10 - 2021-11-06 23:10 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Cybelsoft
2021-11-06 23:10 - 2021-11-06 23:10 - 000000000 ____D C:\Program Files\Cybelsoft
2021-11-06 16:44 - 2021-11-06 16:44 - 000000000 ___HD C:\$SysReset
2021-11-06 12:09 - 2021-11-10 15:39 - 000000000 ____D C:\Users\alleu\AppData\Roaming\ZHP
2021-11-06 01:21 - 2021-11-06 01:21 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-PC-CHRISTIAN-Windows-10-Pro-(32-bit).dat
2021-11-06 01:21 - 2021-11-06 01:21 - 000000000 ____D C:\RegBackup
2021-11-04 15:44 - 2021-11-04 15:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-04 11:15 - 2021-11-07 00:07 - 000764634 _____ C:\WINDOWS\ntbtlog.txt
2021-11-04 11:15 - 2021-11-06 22:35 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-10-17 00:29 - 2021-10-17 00:29 - 000000000 ____D C:\Users\alleu\AppData\Local\IsolatedStorage
2021-10-17 00:29 - 2021-10-17 00:29 - 000000000 ____D C:\Users\alleu\AppData\Local\
2021-10-17 00:08 - 2021-10-17 00:08 - 000000000 ____D C:\Users\alleu\AppData\Local\Hawaii_Beach
2021-10-14 10:23 - 2021-11-06 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2021-10-13 17:00 - 2021-10-13 17:00 - 000611960 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-12 18:08 - 2021-10-12 18:08 - 000001942 _____ C:\Users\Public\Desktop\Garmin Express.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-10 15:39 - 2019-12-07 07:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-10 15:37 - 2019-01-30 14:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-10 15:37 - 2018-10-17 14:22 - 000000000 ____D C:\Users\alleu\AppData\LocalLow\Mozilla
2021-11-10 14:49 - 2020-06-23 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-10 14:49 - 2020-06-23 17:19 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-10 14:49 - 2019-04-06 18:32 - 000000000 ____D C:\Users\alleu\AppData\Roaming\WTablet
2021-11-10 14:48 - 2019-12-07 07:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-10 13:03 - 2019-12-07 07:12 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-10 13:03 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-10 12:59 - 2019-12-07 07:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-10 12:36 - 2021-10-09 10:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-10 12:36 - 2020-06-23 17:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HardDiskSentinel
2021-11-10 12:36 - 2020-06-23 16:22 - 000000000 ____D C:\Users\alleu
2021-11-10 12:36 - 2018-10-17 16:12 - 000000000 ____D C:\Users\PC-Christian
2021-11-10 12:29 - 2019-12-07 07:10 - 000000000 ____D C:\WINDOWS\INF
2021-11-10 12:28 - 2018-10-17 15:51 - 000000000 ____D C:\Program Files\CCleaner
2021-11-09 21:09 - 2019-10-04 16:02 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-09 18:26 - 2018-10-17 18:32 - 000000000 ___RD C:\Chargement
2021-11-09 14:50 - 2020-06-23 17:19 - 003896752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-09 14:47 - 2019-12-07 13:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-09 14:47 - 2019-12-07 13:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-09 14:47 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-09 14:47 - 2019-12-07 07:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-09 13:41 - 2021-10-07 12:37 - 000000000 ____D C:\Users\alleu\AppData\Local\ZHP
2021-11-09 09:50 - 2018-10-25 08:25 - 000000000 ____D C:\Users\alleu\AppData\Local\DBG
2021-11-09 01:05 - 2019-12-23 23:52 - 000000000 ____D C:\ProgramData\TEMP
2021-11-08 23:33 - 2018-11-21 16:03 - 000000000 ____D C:\Users\alleu\AppData\Roaming\vlc
2021-11-08 23:33 - 2018-10-24 17:44 - 000000000 ____D C:\Users\alleu\AppData\Local\ElevatedDiagnostics
2021-11-08 23:27 - 2018-10-17 16:08 - 000001043 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-08 00:45 - 2020-01-17 11:11 - 000001946 _____ C:\Users\Public\Desktop\SFM 2400 B1.lnk
2021-11-08 00:39 - 2018-11-02 14:55 - 000000000 ____D C:\Users\alleu\AppData\Local\CrashDumps
2021-11-08 00:15 - 2020-07-04 09:57 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-08 00:15 - 2020-07-04 09:57 - 000002235 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-07 21:28 - 2020-06-23 17:33 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-830559335-3594666128-338778366-1002
2021-11-07 21:28 - 2020-06-23 16:22 - 000002451 _____ C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-07 19:00 - 2020-06-23 17:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-07 15:50 - 2021-07-20 12:05 - 000000000 ____D C:\Users\alleu\AppData\Roaming\KC Softwares
2021-11-07 15:40 - 2021-07-20 12:04 - 000000000 ____D C:\Program Files\KC Softwares
2021-11-07 13:40 - 2018-10-19 09:55 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-06 23:13 - 2018-11-08 02:06 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2021-11-06 18:20 - 2021-10-08 16:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-11-06 18:20 - 2021-10-08 16:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-11-06 18:20 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\Help
2021-11-06 16:54 - 2020-06-22 06:33 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-06 06:43 - 2018-10-17 00:49 - 000000000 ____D C:\WINDOWS\CSC
2021-11-06 01:49 - 2020-06-23 17:27 - 001761484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-06 01:49 - 2019-12-07 13:20 - 000774544 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-06 01:49 - 2019-12-07 13:20 - 000144692 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-04 15:47 - 2018-11-12 18:06 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-04 15:47 - 2018-10-18 09:26 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2021-11-04 11:07 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nextbase
2021-11-04 11:07 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Local\nextbase-replay-4
2021-11-04 11:07 - 2018-11-21 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-11-04 11:07 - 2018-11-21 11:28 - 000000000 ___HD C:\ProgramData\CanonIJScan
2021-11-04 10:57 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Roaming\MyNextbase Player
2021-11-04 10:57 - 2019-12-07 07:12 - 000000000 ____D C:\WINDOWS\registration
2021-11-03 15:21 - 2021-09-13 15:45 - 000000000 ____D C:\Users\alleu\AppData\Local\SquirrelTemp
2021-11-03 14:33 - 2018-10-17 00:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-01 16:30 - 2018-10-17 01:08 - 000000000 ____D C:\Users\alleu\AppData\Local\Packages
2021-10-26 22:14 - 2020-04-15 22:13 - 000000000 ____D C:\WTablet
2021-10-23 16:59 - 2018-11-21 16:02 - 000001106 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-10-12 18:14 - 2018-10-19 09:58 - 000000000 ____D C:\ProgramData\Garmin
2021-10-12 18:08 - 2018-12-15 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-10-12 17:58 - 2018-10-17 01:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-12 17:49 - 2018-10-17 01:32 - 136459696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================