Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2023
Exécuté par steph (administrateur) sur RND (Acer Aspire TC-780) (06-07-2023 09:24:41)
Exécuté depuis C:\Users\steph\AppData\Local\Temp\MicrosoftEdgeDownloads\121a0381-6bf7-4bad-afa4-ebace60b71f2\FRST64.exe
Profils chargés: defaultuser0 & steph & DevToolsUser
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3086 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe ->) (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\promecefpluginhost.exe <2>
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wps.exe
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe <2>
(Canva -> Canva Pty Ltd) C:\Users\steph\AppData\Local\Programs\Canva\Canva.exe <2>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.67\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\sshd.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [I16A] => C:\WINDOWS\twain_32\Brimi16a\Common\TwDsUiLaunch.exe [85992 2018-06-05] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [MicrosoftEdgeAutoLaunch_1F8F8450CAC46604C2DCB438C17C0920] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [BingSvc] => C:\Users\steph\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6638496 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\steph\AppData\Local\Programs\Canva\Canva.exe [158011528 2023-06-19] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\MountPoints2: {4b454fe6-1f66-11eb-b9ec-10f0053dd45b} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\MountPoints2: {80e073ca-0c73-11eb-b9e7-10f0053dd45b} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04E8B391-4646-4A57-A0EC-49BD2ED4E056} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {111524E7-670C-45BE-8A02-9F6B64DB76FD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1D19CE0D-3AD7-401B-8528-57A293E5BA48} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9364d91a-a4df-4ee6-ae48-d4687317836f" --version "6.13.10517" --silent
Task: {2B4D485C-8A53-4E65-88F8-65F26BA39E96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {32BA8FE2-EA29-4D4D-ACE8-D66EE5FDBD55} - System32\Tasks\WpsUpdateTask_steph => C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpsupdate.exe [174472 2023-04-27] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3997DCBF-1B19-4F08-9002-97AF114E33D5} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {3C3B5169-9F51-4CAF-A9EB-FF1EF8AF21EF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3C85C9D2-9065-4A3C-9C1D-37E467C20FAC} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier)
Task: {4E53AEF8-440B-4D90-BB74-224B985DA744} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F5093B0-81F0-42CB-B2F8-D64D400D19CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {5803DE54-01F9-4A52-B7D6-3EE84E9720EF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7836A4C5-BA99-4483-9276-26BBA0C92838} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {823779E0-E9D5-4A3A-A996-6F8ABE94423C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B3A6E82-E324-40E7-AAD2-DC8D64D5EE04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8CDE44EE-C6F9-4AA8-BF21-F0476C5DA61B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-25] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {93563DD7-EE80-4B22-82BC-45DABC434D58} - System32\Tasks\CCleanerSkipUAC - steph => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {94F25C12-8773-47FA-AFF3-F8BB9AF743D7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9612A064-19DB-47F6-BCB0-869A3B973882} - System32\Tasks\WpsExternal_steph_20230427103118 => C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe [1065864 2023-04-27] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {A6CEFD82-DF0E-4B54-BFCB-5F001AA26017} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {AB118C0D-1D53-4942-9DE5-FB9BDF00D3FE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {AB59FF5A-91D7-4AD3-ADB5-2275FA89EEA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BDFD04B0-F08C-40EB-8CD1-4350BDEFA32B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2022-05-06] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C010CB3B-C45F-4305-B1E1-FCE54B1D8E9F} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /task (Pas de fichier)
Task: {D26D63A7-ECE0-4486-8A23-1A5881A027AC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [685984 2023-07-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DE12ACCC-A07F-4109-AF37-E00DC315C3E4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-09-19] (Acer Incorporated -> Acer Incorporated)
Task: {ED716824-8042-44EE-BF82-1BA5322A29D8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22371afc-9473-4cd5-9964-3aa93108d179}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9cbf85e1-9859-4d5d-86d5-1ffaae9c9d81}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f4787733-015d-4a0a-b836-e7c8e96f6c0b}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\steph\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Profile 3
Edge Profile: C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2023-07-06]
Edge Notifications: Profile 3 -> hxxps://calendar.google.com; hxxps://captchatotal.lm.r.appspot.com; hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.deezer.com; hxxps://www.facebook.com
Edge HomePage: Profile 3 -> hxxps://www.google.fr/
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-07-06]
Edge Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2023-06-15]
Edge Extension: (Google Docs hors connexion) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-29]
Edge Extension: (Dark Reader) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2023-06-22]
Edge Extension: (Edge relevant text changes) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-22]
Edge Extension: (Halo) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\npbihmhlfjhckkmiaogmjffkbibaonjb [2023-05-22]
Edge Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\pefhciejnkgdgoahgfeklebcbpmhnhhd [2023-06-16]
FireFox:
========
FF DefaultProfile: 6wko6hg9.default
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 [2023-07-06]
FF Homepage: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> moz-extension://ccf6b038-c67f-40c0-99fb-42217faed86f/index.html
FF Notifications: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.je-teste.fr; hxxps://mail.google.com; hxxps://www.marieclaire.fr; hxxps://www.deezer.com; hxxps://www.cartes-2-france.com
FF HomepageOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Disabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF Extension: (Signal Spam) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\@addonsignalspam.xpi [2023-07-05]
FF Extension: (Facebook Container) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\@contain-facebook.xpi [2022-12-23]
FF Extension: (Abstract – Soft) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\abstract-soft-colorway@mozilla.org.xpi [2023-07-05]
FF Extension: (Tabliss) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\extension@tabliss.io.xpi [2022-05-13]
FF Extension: (HTTPS partout) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (JavaScript Warning) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\JavaScriptWarning@example.com.xpi [2019-10-04]
FF Extension: (Privacy Badger) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-07-05]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-07-05]
FF Extension: (Avast Online Security & Privacy) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\wrc@avast.com.xpi [2023-07-05]
FF Extension: (ColorfulTabs) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2021-04-13]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-07-05]
FF Extension: (Dark Fox) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-04-25]
FF Extension: (Add-ons Restricted Domains) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\features\{f4ce64c6-050a-41fa-8de7-c57e7e7acf0a}\addons-restricted-domains@mozilla.com.xpi [2023-07-05]
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default [2023-07-06]
FF user.js: detected! => C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\user.js [2018-05-29]
FF Notifications: Mozilla\Firefox\Profiles\6wko6hg9.default -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF NewTabOverride: Mozilla\Firefox\Profiles\6wko6hg9.default -> Disabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\6wko6hg9.default -> Disabled: lilotab@lilo.org
FF Extension: (Tabliss) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\extension@tabliss.io.xpi [2019-07-14]
FF Extension: (French spelling dictionary) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2018-11-29]
FF Extension: (JavaScript Warning) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\JavaScriptWarning@example.com.xpi [2018-07-15]
FF Extension: (Français Language Pack) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-08]
FF Extension: (Lilo - Page d'accueil) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\lilotab@lilo.org.xpi [2019-05-02]
FF Extension: (S3.Traducteur) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (Avast Online Security) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (ColorfulTabs) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2019-09-17]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-24]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default [2023-07-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-01]
CHR Extension: (Digital-i's FR Research Support Tool) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgocfiimplclbnlamjiikcbhhbpgdin [2023-02-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-20]
CHR HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ddojnmkongaimkdddgmcccldlfhokcfb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Fichier non signé]
S3 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated -> Acer Incorporated)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-07-03] (Malwarebytes Inc. -> Malwarebytes)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R4 EUDCPEPM; C:\WINDOWS\system32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-04] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6c3ea8db; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1ADF6E0-1C58-43BC-8CB9-FD5DDA718FBB}\MpKslDrv.sys [213288 2023-07-06] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 optousb; C:\WINDOWS\system32\DRIVERS\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\WINDOWS\system32\DRIVERS\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-06 09:23 - 2023-07-06 09:26 - 000000000 ____D C:\FRST
2023-07-05 17:17 - 2023-07-06 08:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-05 11:42 - 2023-07-05 11:42 - 000000000 ____D C:\WINDOWS\LastGood
2023-07-05 11:39 - 2023-05-12 12:34 - 001859744 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001859744 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001479176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001439912 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001439912 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001217520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001098920 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001098920 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 000952992 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 000952992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-07-05 11:39 - 2023-05-12 12:30 - 000719392 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-07-05 11:39 - 2023-05-12 12:30 - 000578528 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 001523184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 001172440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000711152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-07-05 11:39 - 2023-05-12 12:29 - 000678368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000649224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000566752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 008857120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 007920648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 002928656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 002114016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 001597408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000922120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000753696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000451608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-07-05 11:39 - 2023-05-12 12:27 - 005692384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-07-05 11:39 - 2023-05-12 12:27 - 004990992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 007283688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 006219160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 000853528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-07-05 11:39 - 2023-05-11 18:45 - 000084074 _____ C:\WINDOWS\system32\nvinfo.pb
2023-07-04 14:08 - 2023-07-04 14:11 - 000000000 ____D C:\ProgramData\F-Secure
2023-07-04 14:08 - 2023-07-04 14:08 - 000000000 ____D C:\Users\steph\AppData\Local\F-Secure
2023-07-04 14:08 - 2023-07-04 14:08 - 000000000 ____D C:\Users\steph\AppData\Local\FSDART
2023-07-04 14:07 - 2023-07-04 14:07 - 000000036 _____ C:\Users\steph\AppData\Local\housecall.guid.cache
2023-07-03 16:37 - 2023-07-03 16:37 - 000000000 ____D C:\Users\steph\AppData\Local\EPMUI
2023-07-03 16:37 - 2023-07-03 16:37 - 000000000 ____D C:\Users\steph\AppData\Local\cache
2023-07-03 16:32 - 2023-07-03 16:38 - 000000000 ____D C:\Program Files (x86)\EaseUS
2023-07-03 16:32 - 2023-07-03 16:32 - 000000000 ____D C:\ProgramData\SystemAcCrux
2023-07-03 16:31 - 2023-07-03 16:38 - 000000000 ____D C:\Program Files\EaseUS
2023-07-03 16:31 - 2022-12-29 13:34 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl0.sys
2023-06-30 14:46 - 2023-06-30 14:46 - 000000342 _____ C:\WINDOWS\PAGa4.dat
2023-06-30 14:42 - 2023-06-30 14:45 - 000000000 ____D C:\ProgramData\AOMEIPA
2023-06-30 14:42 - 2023-06-30 14:44 - 000001024 ____H C:\AMTAG.BIN
2023-06-30 14:42 - 2023-06-30 14:42 - 000000000 ____D C:\ProgramData\AomeiBR
2023-06-30 14:42 - 2017-02-28 14:20 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2023-06-30 14:41 - 2023-06-30 14:41 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-06-17 15:18 - 2023-06-17 15:18 - 000000000 ____D C:\Users\steph\AppData\Roaming\connect_update
2023-06-17 15:17 - 2023-06-17 15:17 - 000001926 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citroen Update.lnk
2023-06-17 15:17 - 2023-06-17 15:17 - 000001896 _____ C:\Users\Public\Desktop\Citroen Update.lnk
2023-06-15 11:09 - 2023-06-30 14:24 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-15 11:09 - 2023-06-15 11:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-15 11:09 - 2023-06-15 11:09 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-13 21:20 - 2023-06-13 21:20 - 000000000 ___HD C:\$WinREAgent
2023-06-09 14:09 - 2023-06-13 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-06 09:24 - 2017-11-24 22:55 - 000000000 ____D C:\Users\steph\AppData\LocalLow\Mozilla
2023-07-06 09:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-06 08:59 - 2023-06-03 22:53 - 000000000 ____D C:\Users\steph\AppData\Local\Malwarebytes
2023-07-06 08:54 - 2022-02-09 10:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-06 08:52 - 2020-10-19 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-06 08:17 - 2020-10-19 16:33 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 08:17 - 2020-10-19 16:33 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-06 08:17 - 2017-11-25 14:15 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-06 08:15 - 2019-10-04 10:12 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-06 08:15 - 2017-03-13 21:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-06 08:12 - 2023-01-04 15:12 - 000000000 ____D C:\Users\steph\AppData\Roaming\Canva
2023-07-06 08:12 - 2018-05-12 00:46 - 000000000 ____D C:\Program Files\CCleaner
2023-07-05 20:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-05 20:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-05 17:16 - 2017-12-30 14:46 - 000000000 ____D C:\Users\steph\AppData\Local\Packages
2023-07-05 17:15 - 2017-11-24 22:53 - 000000000 ___RD C:\Users\steph\OneDrive
2023-07-05 17:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-05 17:05 - 2017-11-24 22:55 - 000000000 ____D C:\Users\steph\AppData\Local\CrashDumps
2023-07-05 16:42 - 2017-11-25 12:30 - 000040186 _____ C:\WINDOWS\BRRBCOM.INI
2023-07-05 11:43 - 2017-11-24 22:48 - 000000000 ____D C:\Users\steph\AppData\Local\NVIDIA
2023-07-04 16:56 - 2021-06-23 17:05 - 000000000 ____D C:\Users\steph\AppData\Local\Deployment
2023-07-03 16:40 - 2018-04-27 15:29 - 000000000 ____D C:\Users\steph\AppData\Roaming\Foxit Software
2023-07-03 16:40 - 2018-04-27 15:29 - 000000000 ____D C:\ProgramData\Foxit Software
2023-07-03 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-07-03 16:34 - 2017-11-25 00:47 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\MMC
2023-07-01 19:23 - 2020-07-03 09:05 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-30 14:24 - 2022-01-13 16:18 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-30 14:24 - 2020-10-19 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 14:24 - 2020-10-19 12:16 - 000000000 ____D C:\ProgramData\ssh
2023-06-30 14:23 - 2019-12-07 11:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 18:42 - 2017-11-27 10:22 - 000000000 ____D C:\Program Files\paint.net
2023-06-17 17:15 - 2020-12-10 14:01 - 000000000 ____D C:\Users\steph\AppData\Roaming\Citroen Update
2023-06-17 16:24 - 2022-04-12 18:15 - 000000000 ____D C:\Users\steph\Downloads\Citroen Update
2023-06-13 22:12 - 2018-05-17 15:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-13 22:06 - 2020-10-19 16:26 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-13 22:06 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2023-06-13 22:06 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2023-06-13 21:59 - 2020-10-19 16:04 - 000625328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-13 21:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-13 21:46 - 2020-10-19 16:07 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 20:53 - 2017-11-25 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-13 20:52 - 2017-11-25 16:54 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-10 09:56 - 2017-11-24 23:16 - 000001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
==================== Fichiers à la racine de certains dossiers ========
2023-07-04 14:07 - 2023-07-04 14:07 - 000000036 _____ () C:\Users\steph\AppData\Local\housecall.guid.cache
2020-03-27 00:03 - 2020-03-27 00:03 - 000000017 _____ () C:\Users\steph\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par steph (administrateur) sur RND (Acer Aspire TC-780) (06-07-2023 09:24:41)
Exécuté depuis C:\Users\steph\AppData\Local\Temp\MicrosoftEdgeDownloads\121a0381-6bf7-4bad-afa4-ebace60b71f2\FRST64.exe
Profils chargés: defaultuser0 & steph & DevToolsUser
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3086 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe ->) (QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\promecefpluginhost.exe <2>
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wps.exe
(C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscenter.exe <2>
(Canva -> Canva Pty Ltd) C:\Users\steph\AppData\Local\Programs\Canva\Canva.exe <2>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\114.0.1823.67\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(QFX Software Corporation -> QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\sshd.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [I16A] => C:\WINDOWS\twain_32\Brimi16a\Common\TwDsUiLaunch.exe [85992 2018-06-05] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation -> QFX Software Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [MicrosoftEdgeAutoLaunch_1F8F8450CAC46604C2DCB438C17C0920] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [BingSvc] => C:\Users\steph\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6638496 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\steph\AppData\Local\Programs\Canva\Canva.exe [158011528 2023-06-19] (Canva -> Canva Pty Ltd)
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\MountPoints2: {4b454fe6-1f66-11eb-b9ec-10f0053dd45b} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\...\MountPoints2: {80e073ca-0c73-11eb-b9e7-10f0053dd45b} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04E8B391-4646-4A57-A0EC-49BD2ED4E056} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {111524E7-670C-45BE-8A02-9F6B64DB76FD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1D19CE0D-3AD7-401B-8528-57A293E5BA48} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9364d91a-a4df-4ee6-ae48-d4687317836f" --version "6.13.10517" --silent
Task: {2B4D485C-8A53-4E65-88F8-65F26BA39E96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905984 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {32BA8FE2-EA29-4D4D-ACE8-D66EE5FDBD55} - System32\Tasks\WpsUpdateTask_steph => C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpsupdate.exe [174472 2023-04-27] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3997DCBF-1B19-4F08-9002-97AF114E33D5} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {3C3B5169-9F51-4CAF-A9EB-FF1EF8AF21EF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3C85C9D2-9065-4A3C-9C1D-37E467C20FAC} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Pas de fichier)
Task: {4E53AEF8-440B-4D90-BB74-224B985DA744} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F5093B0-81F0-42CB-B2F8-D64D400D19CA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {5803DE54-01F9-4A52-B7D6-3EE84E9720EF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7836A4C5-BA99-4483-9276-26BBA0C92838} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {823779E0-E9D5-4A3A-A996-6F8ABE94423C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B3A6E82-E324-40E7-AAD2-DC8D64D5EE04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8CDE44EE-C6F9-4AA8-BF21-F0476C5DA61B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-25] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {93563DD7-EE80-4B22-82BC-45DABC434D58} - System32\Tasks\CCleanerSkipUAC - steph => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {94F25C12-8773-47FA-AFF3-F8BB9AF743D7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647424 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9612A064-19DB-47F6-BCB0-869A3B973882} - System32\Tasks\WpsExternal_steph_20230427103118 => C:\Users\steph\AppData\Local\Kingsoft\WPS Office\11.2.0.11537\office6\wpscloudsvr.exe [1065864 2023-04-27] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {A6CEFD82-DF0E-4B54-BFCB-5F001AA26017} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {AB118C0D-1D53-4942-9DE5-FB9BDF00D3FE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {AB59FF5A-91D7-4AD3-ADB5-2275FA89EEA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BDFD04B0-F08C-40EB-8CD1-4350BDEFA32B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341432 2022-05-06] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C010CB3B-C45F-4305-B1E1-FCE54B1D8E9F} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /task (Pas de fichier)
Task: {D26D63A7-ECE0-4486-8A23-1A5881A027AC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [685984 2023-07-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DE12ACCC-A07F-4109-AF37-E00DC315C3E4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2016-09-19] (Acer Incorporated -> Acer Incorporated)
Task: {ED716824-8042-44EE-BF82-1BA5322A29D8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1649920 2022-05-04] (Nvidia Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22371afc-9473-4cd5-9964-3aa93108d179}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9cbf85e1-9859-4d5d-86d5-1ffaae9c9d81}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f4787733-015d-4a0a-b836-e7c8e96f6c0b}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\steph\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Profile 3
Edge Profile: C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2023-07-06]
Edge Notifications: Profile 3 -> hxxps://calendar.google.com; hxxps://captchatotal.lm.r.appspot.com; hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.deezer.com; hxxps://www.facebook.com
Edge HomePage: Profile 3 -> hxxps://www.google.fr/
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-07-06]
Edge Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2023-06-15]
Edge Extension: (Google Docs hors connexion) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-29]
Edge Extension: (Dark Reader) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2023-06-22]
Edge Extension: (Edge relevant text changes) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-22]
Edge Extension: (Halo) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\npbihmhlfjhckkmiaogmjffkbibaonjb [2023-05-22]
Edge Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\steph\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\pefhciejnkgdgoahgfeklebcbpmhnhhd [2023-06-16]
FireFox:
========
FF DefaultProfile: 6wko6hg9.default
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 [2023-07-06]
FF Homepage: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> moz-extension://ccf6b038-c67f-40c0-99fb-42217faed86f/index.html
FF Notifications: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.je-teste.fr; hxxps://mail.google.com; hxxps://www.marieclaire.fr; hxxps://www.deezer.com; hxxps://www.cartes-2-france.com
FF HomepageOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Disabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF Extension: (Signal Spam) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\@addonsignalspam.xpi [2023-07-05]
FF Extension: (Facebook Container) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\@contain-facebook.xpi [2022-12-23]
FF Extension: (Abstract – Soft) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\abstract-soft-colorway@mozilla.org.xpi [2023-07-05]
FF Extension: (Tabliss) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\extension@tabliss.io.xpi [2022-05-13]
FF Extension: (HTTPS partout) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (JavaScript Warning) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\JavaScriptWarning@example.com.xpi [2019-10-04]
FF Extension: (Privacy Badger) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-07-05]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-07-05]
FF Extension: (Avast Online Security & Privacy) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\wrc@avast.com.xpi [2023-07-05]
FF Extension: (ColorfulTabs) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2021-04-13]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-07-05]
FF Extension: (Dark Fox) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-04-25]
FF Extension: (Add-ons Restricted Domains) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\buw8dsry.default-release-1570177079339\features\{f4ce64c6-050a-41fa-8de7-c57e7e7acf0a}\addons-restricted-domains@mozilla.com.xpi [2023-07-05]
FF ProfilePath: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default [2023-07-06]
FF user.js: detected! => C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\user.js [2018-05-29]
FF Notifications: Mozilla\Firefox\Profiles\6wko6hg9.default -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF NewTabOverride: Mozilla\Firefox\Profiles\6wko6hg9.default -> Disabled: extension@tabliss.io
FF NewTabOverride: Mozilla\Firefox\Profiles\6wko6hg9.default -> Disabled: lilotab@lilo.org
FF Extension: (Tabliss) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\extension@tabliss.io.xpi [2019-07-14]
FF Extension: (French spelling dictionary) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2018-11-29]
FF Extension: (JavaScript Warning) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\JavaScriptWarning@example.com.xpi [2018-07-15]
FF Extension: (Français Language Pack) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-08]
FF Extension: (Lilo - Page d'accueil) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\lilotab@lilo.org.xpi [2019-05-02]
FF Extension: (S3.Traducteur) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\s3google@translator.xpi [2018-10-10]
FF Extension: (Avast Online Security) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (ColorfulTabs) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2019-09-17]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\6wko6hg9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-24]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default [2023-07-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-01]
CHR Extension: (Digital-i's FR Research Support Tool) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgocfiimplclbnlamjiikcbhhbpgdin [2023-02-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-20]
CHR HKU\S-1-5-21-1686056440-3441562365-1559230115-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ddojnmkongaimkdddgmcccldlfhokcfb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Fichier non signé]
S3 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated -> Acer Incorporated)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-07-03] (Malwarebytes Inc. -> Malwarebytes)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2018-09-12] (QFX Software Corporation -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_350000a63d302298\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R4 EUDCPEPM; C:\WINDOWS\system32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-04] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6c3ea8db; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1ADF6E0-1C58-43BC-8CB9-FD5DDA718FBB}\MpKslDrv.sys [213288 2023-07-06] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 optousb; C:\WINDOWS\system32\DRIVERS\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 optovcm; C:\WINDOWS\system32\DRIVERS\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-06 09:23 - 2023-07-06 09:26 - 000000000 ____D C:\FRST
2023-07-05 17:17 - 2023-07-06 08:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-05 11:42 - 2023-07-05 11:42 - 000000000 ____D C:\WINDOWS\LastGood
2023-07-05 11:39 - 2023-05-12 12:34 - 001859744 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001859744 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001479176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001439912 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001439912 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-07-05 11:39 - 2023-05-12 12:34 - 001217520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001098920 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 001098920 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 000952992 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-07-05 11:39 - 2023-05-12 12:34 - 000952992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-07-05 11:39 - 2023-05-12 12:30 - 000719392 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-07-05 11:39 - 2023-05-12 12:30 - 000578528 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 001523184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 001172440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000711152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-07-05 11:39 - 2023-05-12 12:29 - 000678368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000649224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-07-05 11:39 - 2023-05-12 12:29 - 000566752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 008857120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 007920648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 002928656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 002114016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 001597408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000922120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000753696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-07-05 11:39 - 2023-05-12 12:28 - 000451608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-07-05 11:39 - 2023-05-12 12:27 - 005692384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-07-05 11:39 - 2023-05-12 12:27 - 004990992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 007283688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 006219160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-07-05 11:39 - 2023-05-12 12:26 - 000853528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-07-05 11:39 - 2023-05-11 18:45 - 000084074 _____ C:\WINDOWS\system32\nvinfo.pb
2023-07-04 14:08 - 2023-07-04 14:11 - 000000000 ____D C:\ProgramData\F-Secure
2023-07-04 14:08 - 2023-07-04 14:08 - 000000000 ____D C:\Users\steph\AppData\Local\F-Secure
2023-07-04 14:08 - 2023-07-04 14:08 - 000000000 ____D C:\Users\steph\AppData\Local\FSDART
2023-07-04 14:07 - 2023-07-04 14:07 - 000000036 _____ C:\Users\steph\AppData\Local\housecall.guid.cache
2023-07-03 16:37 - 2023-07-03 16:37 - 000000000 ____D C:\Users\steph\AppData\Local\EPMUI
2023-07-03 16:37 - 2023-07-03 16:37 - 000000000 ____D C:\Users\steph\AppData\Local\cache
2023-07-03 16:32 - 2023-07-03 16:38 - 000000000 ____D C:\Program Files (x86)\EaseUS
2023-07-03 16:32 - 2023-07-03 16:32 - 000000000 ____D C:\ProgramData\SystemAcCrux
2023-07-03 16:31 - 2023-07-03 16:38 - 000000000 ____D C:\Program Files\EaseUS
2023-07-03 16:31 - 2022-12-29 13:34 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl0.sys
2023-06-30 14:46 - 2023-06-30 14:46 - 000000342 _____ C:\WINDOWS\PAGa4.dat
2023-06-30 14:42 - 2023-06-30 14:45 - 000000000 ____D C:\ProgramData\AOMEIPA
2023-06-30 14:42 - 2023-06-30 14:44 - 000001024 ____H C:\AMTAG.BIN
2023-06-30 14:42 - 2023-06-30 14:42 - 000000000 ____D C:\ProgramData\AomeiBR
2023-06-30 14:42 - 2017-02-28 14:20 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2023-06-30 14:41 - 2023-06-30 14:41 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-06-17 15:18 - 2023-06-17 15:18 - 000000000 ____D C:\Users\steph\AppData\Roaming\connect_update
2023-06-17 15:17 - 2023-06-17 15:17 - 000001926 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citroen Update.lnk
2023-06-17 15:17 - 2023-06-17 15:17 - 000001896 _____ C:\Users\Public\Desktop\Citroen Update.lnk
2023-06-15 11:09 - 2023-06-30 14:24 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-15 11:09 - 2023-06-15 11:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-15 11:09 - 2023-06-15 11:09 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-13 21:20 - 2023-06-13 21:20 - 000000000 ___HD C:\$WinREAgent
2023-06-09 14:09 - 2023-06-13 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-06 09:24 - 2017-11-24 22:55 - 000000000 ____D C:\Users\steph\AppData\LocalLow\Mozilla
2023-07-06 09:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-06 08:59 - 2023-06-03 22:53 - 000000000 ____D C:\Users\steph\AppData\Local\Malwarebytes
2023-07-06 08:54 - 2022-02-09 10:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-06 08:52 - 2020-10-19 16:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-06 08:17 - 2020-10-19 16:33 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 08:17 - 2020-10-19 16:33 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-06 08:17 - 2017-11-25 14:15 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-06 08:15 - 2019-10-04 10:12 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-06 08:15 - 2017-03-13 21:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-06 08:12 - 2023-01-04 15:12 - 000000000 ____D C:\Users\steph\AppData\Roaming\Canva
2023-07-06 08:12 - 2018-05-12 00:46 - 000000000 ____D C:\Program Files\CCleaner
2023-07-05 20:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-05 20:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-05 17:16 - 2017-12-30 14:46 - 000000000 ____D C:\Users\steph\AppData\Local\Packages
2023-07-05 17:15 - 2017-11-24 22:53 - 000000000 ___RD C:\Users\steph\OneDrive
2023-07-05 17:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-05 17:05 - 2017-11-24 22:55 - 000000000 ____D C:\Users\steph\AppData\Local\CrashDumps
2023-07-05 16:42 - 2017-11-25 12:30 - 000040186 _____ C:\WINDOWS\BRRBCOM.INI
2023-07-05 11:43 - 2017-11-24 22:48 - 000000000 ____D C:\Users\steph\AppData\Local\NVIDIA
2023-07-04 16:56 - 2021-06-23 17:05 - 000000000 ____D C:\Users\steph\AppData\Local\Deployment
2023-07-03 16:40 - 2018-04-27 15:29 - 000000000 ____D C:\Users\steph\AppData\Roaming\Foxit Software
2023-07-03 16:40 - 2018-04-27 15:29 - 000000000 ____D C:\ProgramData\Foxit Software
2023-07-03 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-07-03 16:34 - 2017-11-25 00:47 - 000000000 ____D C:\Users\steph\AppData\Roaming\Microsoft\MMC
2023-07-01 19:23 - 2020-07-03 09:05 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-30 14:24 - 2022-01-13 16:18 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-30 14:24 - 2020-10-19 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 14:24 - 2020-10-19 12:16 - 000000000 ____D C:\ProgramData\ssh
2023-06-30 14:23 - 2019-12-07 11:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2023-06-26 18:42 - 2017-11-27 10:22 - 000000000 ____D C:\Program Files\paint.net
2023-06-17 17:15 - 2020-12-10 14:01 - 000000000 ____D C:\Users\steph\AppData\Roaming\Citroen Update
2023-06-17 16:24 - 2022-04-12 18:15 - 000000000 ____D C:\Users\steph\Downloads\Citroen Update
2023-06-13 22:12 - 2018-05-17 15:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-13 22:06 - 2020-10-19 16:26 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-13 22:06 - 2019-12-07 16:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2023-06-13 22:06 - 2019-12-07 16:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2023-06-13 21:59 - 2020-10-19 16:04 - 000625328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-13 21:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-13 21:46 - 2020-10-19 16:07 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 20:53 - 2017-11-25 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-13 20:52 - 2017-11-25 16:54 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-10 09:56 - 2017-11-24 23:16 - 000001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
==================== Fichiers à la racine de certains dossiers ========
2023-07-04 14:07 - 2023-07-04 14:07 - 000000036 _____ () C:\Users\steph\AppData\Local\housecall.guid.cache
2020-03-27 00:03 - 2020-03-27 00:03 - 000000017 _____ () C:\Users\steph\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================