Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022 ([color=red]ATTENTION: ====> FRST la version date de 32 jours et est peut-être périmée[/color])
Exécuté par Laurent (administrateur) sur DESKTOP-Q8HLGCK (01-10-2022 10:26:02)
Exécuté depuis C:\Users\Laurent\Desktop
Profils chargés: Laurent
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2006 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\FormatFactory\FormatFactory.exe ->) (Bright Data Ltd -> Bright Data Ltd.) C:\Program Files (x86)\FormatFactory\luminati\brightdata.exe
(C:\Program Files (x86)\FormatFactory\FormatFactory.exe ->) (Free Time Software Technology Co., Ltd. -> ) C:\Program Files (x86)\FormatFactory\ffmpeg.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\dgnria_nmhost.exe
(DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atieclxx.exe
(explorer.exe ->) (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Mirillis Sp. z o.o. -> Mirillis) C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2022-01-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AgentConnectix64] => C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe [3468856 2022-04-07] (Druide informatique inc. -> Druide informatique inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\Run: [MicrosoftEdgeAutoLaunch_1BC3D76421F5877993FDFA43DEAABFFD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [359936 2021-11-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.91\Installer\chrmstp.exe [2022-10-01] (Google LLC -> Google LLC)
Startup: C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk [2022-08-22]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN46E171MJ05YR;CONNECTION=USB;MONITOR=1;
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {176C2104-52FE-46F7-B00A-D58D35EAF046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {282CD341-C91F-4F3E-982A-8CC95B312F3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30D7F2C0-9078-4386-8F9D-6A45CD915A0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-23] (Google LLC -> Google LLC)
Task: {508AB21E-C36A-4AC7-BE13-E7C13C606D8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FF746AD-39FC-4C1D-B6EC-BC037A7AB1D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E88DBA-7A29-41AD-BF72-3E83069CCF51} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116096 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7048107A-DAD2-49E6-9498-9B2AF8AAD838} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5744800 2021-12-01] (HP Inc. -> Hewlett-Packard Development Company, LP)
Task: {7A30B9AF-6AAB-49D1-AB3D-64BB8727A594} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116096 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {805F7FA3-2B11-46FD-B934-26387A53F057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81C6EF7E-0EB8-4EB8-B752-D8C64CABF640} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {9B4E5F8F-6DAA-4987-8BD8-8D364A6B5863} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6624232 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6A11025-770B-4BD4-86D5-55C631FD537F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6624232 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8E18FB4-CE93-4EB0-8CCB-4986A8787385} - System32\Tasks\ActionLauncher_Laurent => C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe [530096 2022-04-14] (Mirillis Sp. z o.o. -> Mirillis)
Task: {BAD6B256-C692-4EB2-90E5-2E151835B2D2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {C0161DB2-63BC-4A17-AF0E-014EB3AF8A84} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653088 2021-12-13] (HP Inc. -> HP Inc.)
Task: {D0B57DB0-3AAA-4E9C-A6E5-E65737C963F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9144480-D4F9-4771-AAF7-E175FA18A729} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-23] (Google LLC -> Google LLC)
Task: {E4EF0E5A-DE11-4EFD-A3CE-1EDD5A345E03} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-12-04] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1490d696-5fd6-4a15-9568-8305b14e3246}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{1490d696-5fd6-4a15-9568-8305b14e3246}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-01]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://www.google.fr/
Edge StartupUrls: Default -> "hxxp://google.fr/"
Edge Extension: (Extension Web Dragon) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2022-03-20]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-30]
Edge Extension: (Language Reactor) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hoombieeljmmljlkjmnheibnpciblicm [2022-03-20]
Edge Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iiclaphjclecagpkkaacljnpcppnoibi [2022-05-19]
Edge Extension: (ThiWeb Crypt/Decrypt) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jgcopilbhgndmjfbckfbfehjpeapcaed [2022-03-20]
Edge Extension: (IDM Integration Module) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2022-05-20]
Edge Extension: (Antidote) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2022-07-03]
Edge Extension: (Real-Debrid extension) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2022-06-11]
Edge Extension: (Reverso - Traduction, dictionnaire) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2022-03-20]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-09-26]
Edge HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
Edge HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ahetueci.default
FF ProfilePath: C:\Users\Laurent\AppData\Roaming\ParseHub\parsehub\Profiles\ahetueci.default [2022-03-09]
FF Extension: (ParseHub) - C:\Users\Laurent\AppData\Roaming\ParseHub\parsehub\Profiles\ahetueci.default\Extensions\parsehub2@parsehub.com.xpi [2022-03-09] [] [non signé]
FF Extension: (Pas de nom) - C:\Program Files (x86)\ParseHub\browser\extensions\install@parsehub.com.xpi [non trouvé(e)]
FF HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Laurent\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Laurent\AppData\Roaming\IDM\idmmzcc5 [2022-09-13] [] [non signé]
FF HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\x64\npDgnRia2_x64.dll [2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\npDgnRia2.dll [2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default [2022-10-01]
CHR Notifications: Default -> hxxps://tv-programme.com; hxxps://www.facebook.com; hxxps://www.lexpress.fr; hxxps://www.netflix.com; hxxps://www.nicematin.com
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://google.fr/"
CHR Extension: (Synapse Plugin Cordial) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfibkgilkekinlnjkfjikboapmpbajk [2021-12-26]
CHR Extension: (AdGuard AdBlocker) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-08-31]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-08-06]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (Extension Web Dragon) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2021-12-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-23]
CHR Extension: (Language Reactor) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoombieeljmmljlkjmnheibnpciblicm [2021-12-23]
CHR Extension: (IDM Integration Module) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-05-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-23]
CHR Extension: (ThiWeb Crypt/Decrypt) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\noadaplbhpacekfmbhojlbldckniffce [2021-12-23]
CHR Extension: (Real-Debrid extension) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2022-06-12]
CHR Extension: (Reverso - Traduction, dictionnaire) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2021-12-23]
CHR HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [acfibkgilkekinlnjkfjikboapmpbajk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [167992 2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-09-25] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-02] (Malwarebytes Inc. -> Malwarebytes)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 DCamUSBEMPIA; C:\Windows\system32\DRIVERS\emDevice64.sys [222592 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 emAudio; C:\Windows\system32\drivers\emAudio64.sys [33280 2013-07-04] (eMPIA Technology Corp.) [Fichier non signé]
S3 FiltUSBEMPIA; C:\Windows\system32\DRIVERS\emFilter64.sys [7552 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2022-01-23] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-05-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl25041e80; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{336C3C4F-B72A-4C1D-B7D5-2431ED02D27F}\MpKslDrv.sys [228600 2022-10-01] (Microsoft Windows -> Microsoft Corporation)
S3 ScanUSBEMPIA; C:\Windows\system32\DRIVERS\emScan64.sys [8064 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
R3 sshid; C:\Windows\system32\DRIVERS\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [453904 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3ca00d51; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BF85BF7-0F0A-4180-A604-E9150C3351D7}\MpKslDrv.sys [X]
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-01 09:52 - 2022-10-01 09:52 - 2136498177 _____ C:\Users\Laurent\Downloads\30 Jours de Nuit (2008) REPACK MULTi VFF 1080p 10bit HDLight BluRay x265 AC3 5.1-MM91.mkv
2022-10-01 09:48 - 2022-10-01 09:48 - 000020715 _____ C:\Users\Laurent\Downloads\30 Jours de Nuit (2008) REPACK MULTi VFF 1080p 10bit HDLight BluRay x265 AC3 5.1-MM91.mkv.torrent
2022-09-26 17:53 - 2022-09-26 17:53 - 000000754 _____ C:\Users\Laurent\Documents\Bureau - Raccourci.lnk
2022-09-25 17:35 - 2022-09-25 17:35 - 000374208 _____ C:\Users\Laurent\Documents\Adresse mail Lourdes_220925_123629.pdf
2022-09-15 13:02 - 2022-09-27 11:01 - 000000000 ____D C:\Users\Laurent\Desktop\whatishang-x64
2022-09-15 05:17 - 2022-09-27 10:57 - 000036867 _____ C:\Users\Laurent\Desktop\rapport.txt
2022-09-14 18:04 - 2022-09-14 18:04 - 000074605 _____ C:\Users\Laurent\Desktop\event.exe
2022-09-14 10:05 - 2022-09-14 09:55 - 000415524 __RSH C:\bootmgr
2022-09-14 10:05 - 2019-12-07 11:08 - 000000001 ___SH C:\BOOTNXT
2022-09-14 09:55 - 2022-09-14 09:55 - 000413696 _____ C:\Windows\system32\AzureCheck.dll
2022-09-14 09:55 - 2022-09-14 09:55 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-09-14 09:55 - 2022-09-14 09:55 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-09-14 09:55 - 2022-09-14 09:55 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-09-14 09:55 - 2022-09-14 09:55 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-09-14 09:51 - 2022-09-14 09:51 - 000000000 ___HD C:\$WinREAgent
2022-09-14 08:27 - 2022-09-14 08:27 - 000002857 _____ C:\Users\Public\Desktop\Dragon.lnk
2022-09-14 08:27 - 2022-09-14 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon
2022-09-14 08:11 - 2022-09-14 08:11 - 000000000 ____D C:\Users\Laurent\AppData\Local\Nuance
2022-09-13 16:56 - 2022-04-11 11:59 - 000245208 _____ (Kerish Products) C:\Windows\SysWOW64\LargeNumbers.dll
2022-09-13 16:56 - 2022-04-11 11:59 - 000245208 _____ (Kerish Products) C:\Windows\system32\LargeNumbers.dll
2022-09-13 16:42 - 2022-09-13 16:42 - 000001144 _____ C:\Users\Laurent\Desktop\Format Factory.lnk
2022-09-13 16:42 - 2022-09-13 16:42 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2022-09-13 16:41 - 2022-10-01 09:52 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2022-09-13 16:36 - 2022-09-13 16:36 - 000003660 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-09-13 16:19 - 2022-09-13 16:19 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-09-13 16:19 - 2022-09-13 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-09-13 16:19 - 2022-09-13 16:19 - 000000000 ____D C:\Program Files\VS Revo Group
2022-09-13 16:19 - 2022-08-10 10:07 - 007521232 _____ (VS Revo Group ) C:\Users\Laurent\Downloads\revosetup.exe
2022-09-13 14:11 - 2022-09-13 14:11 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-09-13 14:04 - 2022-09-15 13:11 - 000160221 _____ C:\Users\Laurent\Desktop\Fixlog.txt
2022-09-13 09:56 - 2022-09-13 09:57 - 000048787 _____ C:\Users\Laurent\Desktop\Addition.txt
2022-09-13 09:55 - 2022-10-01 10:26 - 000022921 _____ C:\Users\Laurent\Desktop\FRST.txt
2022-09-13 09:55 - 2022-10-01 10:26 - 000000000 ____D C:\FRST
2022-09-13 09:53 - 2022-09-13 09:53 - 002371072 _____ (Farbar) C:\Users\Laurent\Desktop\FRST64.exe
2022-09-13 08:42 - 2022-09-13 09:55 - 000326754 _____ C:\Users\Laurent\Desktop\speccy.txt
2022-09-13 08:42 - 2022-09-13 08:42 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-09-13 08:42 - 2022-09-13 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-13 08:42 - 2022-09-13 08:42 - 000000000 ____D C:\Program Files\Speccy
2022-09-11 20:29 - 2022-09-11 20:29 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Macromedia
2022-09-11 20:29 - 2022-09-11 20:29 - 000000000 ____D C:\ProgramData\PopCap Games
2022-09-11 20:26 - 2022-09-11 20:26 - 000000000 ____D C:\ProgramData\com.gamehouse.acid
2022-09-11 20:25 - 2022-09-11 20:38 - 000000000 ____D C:\Users\Laurent\AppData\Local\com.gamehouse.acid
2022-09-11 20:10 - 2022-09-11 20:10 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-09-11 20:10 - 2022-09-11 20:10 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\WeatherZero
2022-09-11 20:10 - 2022-09-11 20:10 - 000000000 ____D C:\Users\Laurent\AppData\Local\Gh
2022-09-09 18:41 - 2022-09-09 18:41 - 000000410 ____H C:\Users\Laurent\MJKJRegInfo_U5E664P45VMUH7KFFLV36NSWUTVWJHRR
2022-09-09 18:21 - 2022-09-10 07:15 - 000000000 ____D C:\Users\Laurent\Documents\TunePat Netflix Video Downloader
2022-09-09 18:20 - 2022-09-09 18:20 - 000000036 _____ C:\Users\Laurent\MJKJDeviceGUID
2022-09-09 18:19 - 2022-09-13 08:37 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunePat
2022-09-09 18:18 - 2022-09-13 08:37 - 000000000 ____D C:\Program Files (x86)\TunePat
2022-09-05 06:05 - 2022-09-05 06:05 - 000339567 _____ C:\Users\Laurent\Documents\Service de retours.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-01 10:24 - 2021-12-23 07:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-01 10:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-01 10:14 - 2021-12-23 07:36 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-01 09:53 - 2022-04-02 18:36 - 000000000 ____D C:\FFOutput
2022-10-01 08:53 - 2021-12-23 07:38 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-01 08:53 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2022-10-01 08:53 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2022-10-01 08:53 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-01 08:52 - 2021-12-23 09:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-10-01 08:52 - 2021-12-23 07:36 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-01 08:52 - 2021-12-23 07:36 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-01 08:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-01 08:47 - 2021-12-27 19:12 - 000000000 ____D C:\Program Files\TeamViewer
2022-10-01 08:47 - 2021-12-23 07:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-01 08:47 - 2021-12-23 07:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-30 10:57 - 2021-12-23 07:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-09-30 10:57 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-09-29 13:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-29 12:22 - 2021-12-23 07:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-29 12:22 - 2021-12-23 07:22 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-28 08:53 - 2021-12-23 07:37 - 000000000 ____D C:\Users\Laurent\AppData\Local\D3DSCache
2022-09-27 17:14 - 2021-12-23 07:25 - 000000000 ____D C:\Users\Laurent
2022-09-27 17:10 - 2021-12-23 09:05 - 000000000 ____D C:\Users\Laurent\AppData\Local\Mirillis
2022-09-25 18:15 - 2022-05-26 03:16 - 000000000 ____D C:\Users\Laurent\Desktop\Captvty
2022-09-25 14:07 - 2022-07-20 15:28 - 000000000 ____D C:\Windows\system32\Tasks\HP
2022-09-25 14:07 - 2022-07-20 15:28 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-09-14 10:05 - 2022-01-23 07:30 - 000536800 _____ C:\Windows\system32\FNTCACHE.DAT
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-09-14 09:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-09-14 09:55 - 2021-12-23 07:26 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-09-14 09:49 - 2021-12-23 07:48 - 000000000 ____D C:\Windows\system32\MRT
2022-09-14 09:47 - 2021-12-23 07:48 - 141646296 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-09-13 16:42 - 2022-03-25 09:19 - 000000000 ____D C:\Users\Laurent\AppData\Local\luminati
2022-09-13 16:41 - 2022-02-16 14:25 - 000000000 ____D C:\Users\Laurent\AppData\Local\_
2022-09-13 16:35 - 2022-04-19 16:41 - 000000000 ____D C:\Program Files (x86)\Pinnacle
2022-09-13 16:32 - 2022-04-19 16:41 - 000000000 ____D C:\ProgramData\Pinnacle
2022-09-13 16:31 - 2022-01-25 13:40 - 000000000 ____D C:\Program Files (x86)\OpenCloner
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Nuance
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\ProgramData\Nuance
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\Program Files (x86)\Nuance
2022-09-13 16:29 - 2021-12-26 10:01 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\IDM
2022-09-13 16:29 - 2021-12-26 10:01 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\DMCache
2022-09-13 16:28 - 2022-03-09 15:03 - 000000000 ____D C:\Program Files (x86)\Goto
2022-09-13 16:28 - 2021-12-23 07:34 - 000000000 ___RD C:\Users\Laurent\OneDrive
2022-09-13 16:22 - 2022-01-25 13:56 - 000000000 ____D C:\Program Files (x86)\IObit
2022-09-13 14:05 - 2022-03-19 07:13 - 000000000 ____D C:\Users\Laurent\AppData\LocalLow\Temp
2022-09-13 14:04 - 2021-12-26 10:01 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2022-09-13 14:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-09-13 14:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\WhatsApp
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Local\WhatsApp
2022-09-13 08:37 - 2021-12-23 08:50 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-13 08:35 - 2022-04-06 12:03 - 000000000 ____D C:\Users\Laurent\AppData\Local\BlueStacks
2022-09-13 08:35 - 2022-03-11 11:54 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-09-13 08:35 - 2022-03-11 11:53 - 000000000 ____D C:\Program Files\Adobe
2022-09-13 08:35 - 2022-03-11 10:10 - 000000000 ____D C:\ProgramData\BorisFX
2022-09-13 08:34 - 2022-03-11 11:52 - 000000000 ____D C:\ProgramData\Adobe
2022-09-13 07:38 - 2022-03-09 15:03 - 000001381 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Aspirer le Web.lnk
2022-09-12 10:34 - 2022-04-11 11:55 - 000000000 ____D C:\KPRM
2022-09-12 10:31 - 2022-04-11 06:36 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2022-09-12 10:13 - 2021-12-23 07:25 - 000000000 ____D C:\Users\Laurent\AppData\Local\Packages
2022-09-12 08:22 - 2022-04-11 11:12 - 000000000 ____D C:\Users\Laurent\AppData\LocalLow\IGDump
2022-09-11 20:45 - 2022-01-23 02:00 - 000000000 ____D C:\Program Files (x86)\Kerish Doctor
2022-09-10 07:17 - 2022-07-20 13:15 - 000000000 ____D C:\Users\Laurent\AppData\Local\Free_Time_Co.,_Ltd
2022-09-09 15:51 - 2022-07-20 15:38 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\HpUpdate
2022-09-06 18:02 - 2022-04-10 16:35 - 000000000 ____D C:\Users\Laurent\AppData\Local\CrashDumps
2022-09-06 18:02 - 2021-12-24 06:53 - 000000000 ____D C:\Users\Laurent\AppData\Local\Downloaded Installations
==================== Fichiers à la racine de certains dossiers ========
2022-04-19 16:56 - 2022-05-01 15:24 - 000000362 _____ () C:\Users\Laurent\AppData\Roaming\DESKTOP-Q8HLGCK.MTBF.txt
2021-12-23 08:44 - 2022-01-19 12:57 - 000001235 _____ () C:\Users\Laurent\AppData\Roaming\SAS7_000.DAT
2022-05-01 15:25 - 2022-05-01 15:35 - 000002016 _____ () C:\Users\Laurent\AppData\Roaming\__AvidCloudManager.log
2022-04-19 17:27 - 2022-04-19 17:27 - 000000681 _____ () C:\Users\Laurent\AppData\Roaming\__AvidCloudManagerPrevious.log
2022-04-19 16:57 - 2022-04-19 16:57 - 000003584 _____ () C:\Users\Laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Laurent (administrateur) sur DESKTOP-Q8HLGCK (01-10-2022 10:26:02)
Exécuté depuis C:\Users\Laurent\Desktop
Profils chargés: Laurent
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2006 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\FormatFactory\FormatFactory.exe ->) (Bright Data Ltd -> Bright Data Ltd.) C:\Program Files (x86)\FormatFactory\luminati\brightdata.exe
(C:\Program Files (x86)\FormatFactory\FormatFactory.exe ->) (Free Time Software Technology Co., Ltd. -> ) C:\Program Files (x86)\FormatFactory\ffmpeg.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\dgnria_nmhost.exe
(DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atieclxx.exe
(explorer.exe ->) (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Mirillis Sp. z o.o. -> Mirillis) C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2022-01-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AgentConnectix64] => C:\Program Files\Druide\Connectix 11\Application\Bin64\AgentConnectix.exe [3468856 2022-04-07] (Druide informatique inc. -> Druide informatique inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\Run: [MicrosoftEdgeAutoLaunch_1BC3D76421F5877993FDFA43DEAABFFD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [359936 2021-11-26] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.91\Installer\chrmstp.exe [2022-10-01] (Google LLC -> Google LLC)
Startup: C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk [2022-08-22]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 1510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN46E171MJ05YR;CONNECTION=USB;MONITOR=1;
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {176C2104-52FE-46F7-B00A-D58D35EAF046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {282CD341-C91F-4F3E-982A-8CC95B312F3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30D7F2C0-9078-4386-8F9D-6A45CD915A0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-23] (Google LLC -> Google LLC)
Task: {508AB21E-C36A-4AC7-BE13-E7C13C606D8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FF746AD-39FC-4C1D-B6EC-BC037A7AB1D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E88DBA-7A29-41AD-BF72-3E83069CCF51} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116096 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7048107A-DAD2-49E6-9498-9B2AF8AAD838} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5744800 2021-12-01] (HP Inc. -> Hewlett-Packard Development Company, LP)
Task: {7A30B9AF-6AAB-49D1-AB3D-64BB8727A594} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116096 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {805F7FA3-2B11-46FD-B934-26387A53F057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81C6EF7E-0EB8-4EB8-B752-D8C64CABF640} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {9B4E5F8F-6DAA-4987-8BD8-8D364A6B5863} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6624232 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6A11025-770B-4BD4-86D5-55C631FD537F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6624232 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8E18FB4-CE93-4EB0-8CCB-4986A8787385} - System32\Tasks\ActionLauncher_Laurent => C:\Program Files (x86)\Mirillis\Action!\ActionLauncher.exe [530096 2022-04-14] (Mirillis Sp. z o.o. -> Mirillis)
Task: {BAD6B256-C692-4EB2-90E5-2E151835B2D2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {C0161DB2-63BC-4A17-AF0E-014EB3AF8A84} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653088 2021-12-13] (HP Inc. -> HP Inc.)
Task: {D0B57DB0-3AAA-4E9C-A6E5-E65737C963F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9144480-D4F9-4771-AAF7-E175FA18A729} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-23] (Google LLC -> Google LLC)
Task: {E4EF0E5A-DE11-4EFD-A3CE-1EDD5A345E03} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-12-04] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1490d696-5fd6-4a15-9568-8305b14e3246}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{1490d696-5fd6-4a15-9568-8305b14e3246}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-01]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://www.google.fr/
Edge StartupUrls: Default -> "hxxp://google.fr/"
Edge Extension: (Extension Web Dragon) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2022-03-20]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-30]
Edge Extension: (Language Reactor) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hoombieeljmmljlkjmnheibnpciblicm [2022-03-20]
Edge Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iiclaphjclecagpkkaacljnpcppnoibi [2022-05-19]
Edge Extension: (ThiWeb Crypt/Decrypt) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jgcopilbhgndmjfbckfbfehjpeapcaed [2022-03-20]
Edge Extension: (IDM Integration Module) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2022-05-20]
Edge Extension: (Antidote) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2022-07-03]
Edge Extension: (Real-Debrid extension) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2022-06-11]
Edge Extension: (Reverso - Traduction, dictionnaire) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2022-03-20]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Laurent\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-09-26]
Edge HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx
Edge HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ahetueci.default
FF ProfilePath: C:\Users\Laurent\AppData\Roaming\ParseHub\parsehub\Profiles\ahetueci.default [2022-03-09]
FF Extension: (ParseHub) - C:\Users\Laurent\AppData\Roaming\ParseHub\parsehub\Profiles\ahetueci.default\Extensions\parsehub2@parsehub.com.xpi [2022-03-09] [] [non signé]
FF Extension: (Pas de nom) - C:\Program Files (x86)\ParseHub\browser\extensions\install@parsehub.com.xpi [non trouvé(e)]
FF HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Laurent\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Laurent\AppData\Roaming\IDM\idmmzcc5 [2022-09-13] [] [non signé]
FF HKU\S-1-5-21-1703464107-373058557-1341469512-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\x64\npDgnRia2_x64.dll [2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\npDgnRia2.dll [2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default [2022-10-01]
CHR Notifications: Default -> hxxps://tv-programme.com; hxxps://www.facebook.com; hxxps://www.lexpress.fr; hxxps://www.netflix.com; hxxps://www.nicematin.com
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://google.fr/"
CHR Extension: (Synapse Plugin Cordial) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfibkgilkekinlnjkfjikboapmpbajk [2021-12-26]
CHR Extension: (AdGuard AdBlocker) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-08-31]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-08-06]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (Extension Web Dragon) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2021-12-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-23]
CHR Extension: (Language Reactor) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoombieeljmmljlkjmnheibnpciblicm [2021-12-23]
CHR Extension: (IDM Integration Module) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-05-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-23]
CHR Extension: (ThiWeb Crypt/Decrypt) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\noadaplbhpacekfmbhojlbldckniffce [2021-12-23]
CHR Extension: (Real-Debrid extension) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2022-06-12]
CHR Extension: (Reverso - Traduction, dictionnaire) - C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2021-12-23]
CHR HKU\S-1-5-21-1703464107-373058557-1341469512-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [acfibkgilkekinlnjkfjikboapmpbajk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-10-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [167992 2020-11-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-09-25] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-02] (Malwarebytes Inc. -> Malwarebytes)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 DCamUSBEMPIA; C:\Windows\system32\DRIVERS\emDevice64.sys [222592 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 emAudio; C:\Windows\system32\drivers\emAudio64.sys [33280 2013-07-04] (eMPIA Technology Corp.) [Fichier non signé]
S3 FiltUSBEMPIA; C:\Windows\system32\DRIVERS\emFilter64.sys [7552 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2022-01-23] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-05-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl25041e80; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{336C3C4F-B72A-4C1D-B7D5-2431ED02D27F}\MpKslDrv.sys [228600 2022-10-01] (Microsoft Windows -> Microsoft Corporation)
S3 ScanUSBEMPIA; C:\Windows\system32\DRIVERS\emScan64.sys [8064 2013-04-16] (eMPIA Technology Corp.) [Fichier non signé]
R3 sshid; C:\Windows\system32\DRIVERS\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [453904 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3ca00d51; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BF85BF7-0F0A-4180-A604-E9150C3351D7}\MpKslDrv.sys [X]
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-01 09:52 - 2022-10-01 09:52 - 2136498177 _____ C:\Users\Laurent\Downloads\30 Jours de Nuit (2008) REPACK MULTi VFF 1080p 10bit HDLight BluRay x265 AC3 5.1-MM91.mkv
2022-10-01 09:48 - 2022-10-01 09:48 - 000020715 _____ C:\Users\Laurent\Downloads\30 Jours de Nuit (2008) REPACK MULTi VFF 1080p 10bit HDLight BluRay x265 AC3 5.1-MM91.mkv.torrent
2022-09-26 17:53 - 2022-09-26 17:53 - 000000754 _____ C:\Users\Laurent\Documents\Bureau - Raccourci.lnk
2022-09-25 17:35 - 2022-09-25 17:35 - 000374208 _____ C:\Users\Laurent\Documents\Adresse mail Lourdes_220925_123629.pdf
2022-09-15 13:02 - 2022-09-27 11:01 - 000000000 ____D C:\Users\Laurent\Desktop\whatishang-x64
2022-09-15 05:17 - 2022-09-27 10:57 - 000036867 _____ C:\Users\Laurent\Desktop\rapport.txt
2022-09-14 18:04 - 2022-09-14 18:04 - 000074605 _____ C:\Users\Laurent\Desktop\event.exe
2022-09-14 10:05 - 2022-09-14 09:55 - 000415524 __RSH C:\bootmgr
2022-09-14 10:05 - 2019-12-07 11:08 - 000000001 ___SH C:\BOOTNXT
2022-09-14 09:55 - 2022-09-14 09:55 - 000413696 _____ C:\Windows\system32\AzureCheck.dll
2022-09-14 09:55 - 2022-09-14 09:55 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-09-14 09:55 - 2022-09-14 09:55 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-09-14 09:55 - 2022-09-14 09:55 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-09-14 09:55 - 2022-09-14 09:55 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-09-14 09:51 - 2022-09-14 09:51 - 000000000 ___HD C:\$WinREAgent
2022-09-14 08:27 - 2022-09-14 08:27 - 000002857 _____ C:\Users\Public\Desktop\Dragon.lnk
2022-09-14 08:27 - 2022-09-14 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon
2022-09-14 08:11 - 2022-09-14 08:11 - 000000000 ____D C:\Users\Laurent\AppData\Local\Nuance
2022-09-13 16:56 - 2022-04-11 11:59 - 000245208 _____ (Kerish Products) C:\Windows\SysWOW64\LargeNumbers.dll
2022-09-13 16:56 - 2022-04-11 11:59 - 000245208 _____ (Kerish Products) C:\Windows\system32\LargeNumbers.dll
2022-09-13 16:42 - 2022-09-13 16:42 - 000001144 _____ C:\Users\Laurent\Desktop\Format Factory.lnk
2022-09-13 16:42 - 2022-09-13 16:42 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2022-09-13 16:41 - 2022-10-01 09:52 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2022-09-13 16:36 - 2022-09-13 16:36 - 000003660 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-09-13 16:19 - 2022-09-13 16:19 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-09-13 16:19 - 2022-09-13 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-09-13 16:19 - 2022-09-13 16:19 - 000000000 ____D C:\Program Files\VS Revo Group
2022-09-13 16:19 - 2022-08-10 10:07 - 007521232 _____ (VS Revo Group ) C:\Users\Laurent\Downloads\revosetup.exe
2022-09-13 14:11 - 2022-09-13 14:11 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-09-13 14:04 - 2022-09-15 13:11 - 000160221 _____ C:\Users\Laurent\Desktop\Fixlog.txt
2022-09-13 09:56 - 2022-09-13 09:57 - 000048787 _____ C:\Users\Laurent\Desktop\Addition.txt
2022-09-13 09:55 - 2022-10-01 10:26 - 000022921 _____ C:\Users\Laurent\Desktop\FRST.txt
2022-09-13 09:55 - 2022-10-01 10:26 - 000000000 ____D C:\FRST
2022-09-13 09:53 - 2022-09-13 09:53 - 002371072 _____ (Farbar) C:\Users\Laurent\Desktop\FRST64.exe
2022-09-13 08:42 - 2022-09-13 09:55 - 000326754 _____ C:\Users\Laurent\Desktop\speccy.txt
2022-09-13 08:42 - 2022-09-13 08:42 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-09-13 08:42 - 2022-09-13 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2022-09-13 08:42 - 2022-09-13 08:42 - 000000000 ____D C:\Program Files\Speccy
2022-09-11 20:29 - 2022-09-11 20:29 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Macromedia
2022-09-11 20:29 - 2022-09-11 20:29 - 000000000 ____D C:\ProgramData\PopCap Games
2022-09-11 20:26 - 2022-09-11 20:26 - 000000000 ____D C:\ProgramData\com.gamehouse.acid
2022-09-11 20:25 - 2022-09-11 20:38 - 000000000 ____D C:\Users\Laurent\AppData\Local\com.gamehouse.acid
2022-09-11 20:10 - 2022-09-11 20:10 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-09-11 20:10 - 2022-09-11 20:10 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\WeatherZero
2022-09-11 20:10 - 2022-09-11 20:10 - 000000000 ____D C:\Users\Laurent\AppData\Local\Gh
2022-09-09 18:41 - 2022-09-09 18:41 - 000000410 ____H C:\Users\Laurent\MJKJRegInfo_U5E664P45VMUH7KFFLV36NSWUTVWJHRR
2022-09-09 18:21 - 2022-09-10 07:15 - 000000000 ____D C:\Users\Laurent\Documents\TunePat Netflix Video Downloader
2022-09-09 18:20 - 2022-09-09 18:20 - 000000036 _____ C:\Users\Laurent\MJKJDeviceGUID
2022-09-09 18:19 - 2022-09-13 08:37 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunePat
2022-09-09 18:18 - 2022-09-13 08:37 - 000000000 ____D C:\Program Files (x86)\TunePat
2022-09-05 06:05 - 2022-09-05 06:05 - 000339567 _____ C:\Users\Laurent\Documents\Service de retours.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-01 10:24 - 2021-12-23 07:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-01 10:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-01 10:14 - 2021-12-23 07:36 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-01 09:53 - 2022-04-02 18:36 - 000000000 ____D C:\FFOutput
2022-10-01 08:53 - 2021-12-23 07:38 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-01 08:53 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2022-10-01 08:53 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2022-10-01 08:53 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-01 08:52 - 2021-12-23 09:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-10-01 08:52 - 2021-12-23 07:36 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-01 08:52 - 2021-12-23 07:36 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-01 08:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-01 08:47 - 2021-12-27 19:12 - 000000000 ____D C:\Program Files\TeamViewer
2022-10-01 08:47 - 2021-12-23 07:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-01 08:47 - 2021-12-23 07:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-30 10:57 - 2021-12-23 07:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-09-30 10:57 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-09-29 13:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-29 12:22 - 2021-12-23 07:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-29 12:22 - 2021-12-23 07:22 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-28 08:53 - 2021-12-23 07:37 - 000000000 ____D C:\Users\Laurent\AppData\Local\D3DSCache
2022-09-27 17:14 - 2021-12-23 07:25 - 000000000 ____D C:\Users\Laurent
2022-09-27 17:10 - 2021-12-23 09:05 - 000000000 ____D C:\Users\Laurent\AppData\Local\Mirillis
2022-09-25 18:15 - 2022-05-26 03:16 - 000000000 ____D C:\Users\Laurent\Desktop\Captvty
2022-09-25 14:07 - 2022-07-20 15:28 - 000000000 ____D C:\Windows\system32\Tasks\HP
2022-09-25 14:07 - 2022-07-20 15:28 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-09-14 10:05 - 2022-01-23 07:30 - 000536800 _____ C:\Windows\system32\FNTCACHE.DAT
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-09-14 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-09-14 09:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-09-14 09:55 - 2021-12-23 07:26 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-09-14 09:49 - 2021-12-23 07:48 - 000000000 ____D C:\Windows\system32\MRT
2022-09-14 09:47 - 2021-12-23 07:48 - 141646296 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-09-13 16:42 - 2022-03-25 09:19 - 000000000 ____D C:\Users\Laurent\AppData\Local\luminati
2022-09-13 16:41 - 2022-02-16 14:25 - 000000000 ____D C:\Users\Laurent\AppData\Local\_
2022-09-13 16:35 - 2022-04-19 16:41 - 000000000 ____D C:\Program Files (x86)\Pinnacle
2022-09-13 16:32 - 2022-04-19 16:41 - 000000000 ____D C:\ProgramData\Pinnacle
2022-09-13 16:31 - 2022-01-25 13:40 - 000000000 ____D C:\Program Files (x86)\OpenCloner
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Nuance
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\ProgramData\Nuance
2022-09-13 16:29 - 2022-01-19 13:20 - 000000000 ____D C:\Program Files (x86)\Nuance
2022-09-13 16:29 - 2021-12-26 10:01 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\IDM
2022-09-13 16:29 - 2021-12-26 10:01 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\DMCache
2022-09-13 16:28 - 2022-03-09 15:03 - 000000000 ____D C:\Program Files (x86)\Goto
2022-09-13 16:28 - 2021-12-23 07:34 - 000000000 ___RD C:\Users\Laurent\OneDrive
2022-09-13 16:22 - 2022-01-25 13:56 - 000000000 ____D C:\Program Files (x86)\IObit
2022-09-13 14:05 - 2022-03-19 07:13 - 000000000 ____D C:\Users\Laurent\AppData\LocalLow\Temp
2022-09-13 14:04 - 2021-12-26 10:01 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2022-09-13 14:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-09-13 14:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\WhatsApp
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2022-09-13 08:37 - 2022-05-01 16:04 - 000000000 ____D C:\Users\Laurent\AppData\Local\WhatsApp
2022-09-13 08:37 - 2021-12-23 08:50 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-13 08:35 - 2022-04-06 12:03 - 000000000 ____D C:\Users\Laurent\AppData\Local\BlueStacks
2022-09-13 08:35 - 2022-03-11 11:54 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-09-13 08:35 - 2022-03-11 11:53 - 000000000 ____D C:\Program Files\Adobe
2022-09-13 08:35 - 2022-03-11 10:10 - 000000000 ____D C:\ProgramData\BorisFX
2022-09-13 08:34 - 2022-03-11 11:52 - 000000000 ____D C:\ProgramData\Adobe
2022-09-13 07:38 - 2022-03-09 15:03 - 000001381 _____ C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Aspirer le Web.lnk
2022-09-12 10:34 - 2022-04-11 11:55 - 000000000 ____D C:\KPRM
2022-09-12 10:31 - 2022-04-11 06:36 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\ZHP
2022-09-12 10:13 - 2021-12-23 07:25 - 000000000 ____D C:\Users\Laurent\AppData\Local\Packages
2022-09-12 08:22 - 2022-04-11 11:12 - 000000000 ____D C:\Users\Laurent\AppData\LocalLow\IGDump
2022-09-11 20:45 - 2022-01-23 02:00 - 000000000 ____D C:\Program Files (x86)\Kerish Doctor
2022-09-10 07:17 - 2022-07-20 13:15 - 000000000 ____D C:\Users\Laurent\AppData\Local\Free_Time_Co.,_Ltd
2022-09-09 15:51 - 2022-07-20 15:38 - 000000000 ____D C:\Users\Laurent\AppData\Roaming\HpUpdate
2022-09-06 18:02 - 2022-04-10 16:35 - 000000000 ____D C:\Users\Laurent\AppData\Local\CrashDumps
2022-09-06 18:02 - 2021-12-24 06:53 - 000000000 ____D C:\Users\Laurent\AppData\Local\Downloaded Installations
==================== Fichiers à la racine de certains dossiers ========
2022-04-19 16:56 - 2022-05-01 15:24 - 000000362 _____ () C:\Users\Laurent\AppData\Roaming\DESKTOP-Q8HLGCK.MTBF.txt
2021-12-23 08:44 - 2022-01-19 12:57 - 000001235 _____ () C:\Users\Laurent\AppData\Roaming\SAS7_000.DAT
2022-05-01 15:25 - 2022-05-01 15:35 - 000002016 _____ () C:\Users\Laurent\AppData\Roaming\__AvidCloudManager.log
2022-04-19 17:27 - 2022-04-19 17:27 - 000000681 _____ () C:\Users\Laurent\AppData\Roaming\__AvidCloudManagerPrevious.log
2022-04-19 16:57 - 2022-04-19 16:57 - 000003584 _____ () C:\Users\Laurent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================