Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2023
Exécuté par xxxx (administrateur) sur DESKTOP-HM9PQ4E (ASUSTeK COMPUTER INC. X550JX) (23-08-2023 16:38:53)
Exécuté depuis C:\Users\xxxx\Desktop\FRST64.exe
Profils chargés: xxxx
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2130 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Discord Inc. -> Discord Inc.) C:\Users\xxxx\AppData\Local\Discord\app-1.0.9016\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2332.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3772416 2023-08-14] () [Fichier non signé]
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [UCheck] => C:\Program Files\UCheck\UCheck64.exe [30575656 2022-06-08] (ADLICE -> )
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [] => [X]
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262376 2023-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Discord] => C:\Users\xxxx\AppData\Local\Discord\Update.exe [1525016 2023-07-31] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7660496 2023-08-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --component-updater=url-source=hxxps://go-updater.brave.com/extensions --disable-client-side-phishing-detection --disable-domain-rel (l'élément de données a 382 caractères en plus). (Pas de fichier)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\MountPoints2: {fa885ca8-3bfc-11ec-8a89-80a5898f62d2} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\Windows\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {80ADEB91-B533-4E15-86BE-C93C88E5F943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {4B71AC66-C98D-4FE8-B73C-6E6E991D9027} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {17F3E232-FB02-4BC0-95F8-132EAF8658F7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "30ca65a5-3b84-4b7e-bae2-b70442f84666" --version "6.15.10623" --silent
Task: {653A7C2C-E523-4A34-B36C-7C238782FB8F} - System32\Tasks\CCleanerSkipUAC - xxxx => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {25B4D7CA-74A2-49B8-9B50-8D3B3AB4A555} - System32\Tasks\HPCustParticipation HP ENVY 5540 series => C:\Program Files\HP\HP ENVY 5540 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {C9979ED4-579F-4450-8FDF-2AA80F36F994} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F403D53-999A-4CFA-95C4-56A412363229} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {01E74137-A602-4554-8977-07CEF5425A44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBB97D4-118A-4D07-91D1-77B8D0AFC894} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [687008 2023-08-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {43522A44-536F-4A1B-B15C-90DC0E27D845} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {F565943F-29F9-45D2-942C-A3C24A72355F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {778DE1EA-9F5D-4B27-91D2-2E7E7C34BB44} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {77712766-BD35-467D-9567-2084209ECA35} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50B6FA5B-CAA9-48C0-AD83-8FA85209BF46} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D20FDA2-70A8-4C21-92D3-2CB9A721E278} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4567171A-F50A-41C4-8974-4A3AE3308103} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {634A9E2E-7A74-48A8-98C4-4BF669D975A1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FCA6099-6671-4150-B6AC-24D5B9C19395} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B0AAE2F-540A-4EC5-9376-4A72E0E18338} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4A5C387-3937-4B09-8646-256D1276E1C5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\..\Interfaces\{90e21a9e-3c94-4779-b8ce-99b3ab7d7bec}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{90e21a9e-3c94-4779-b8ce-99b3ab7d7bec}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{c1ea7924-5ba7-4158-a52a-e17d71358226}: [DhcpNameServer] 109.0.66.10 109.0.66.20
Tcpip\..\Interfaces\{fc01fcd5-2b9d-2fd8-78d8-cb78b313e2b2}: [NameServer] 103.86.96.100,103.86.99.100
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-08-14]
Edge Profile: C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-08-23]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-09]
Edge Extension: (Edge relevant text changes) - C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-09]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: nrwaqgso.default
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\nrwaqgso.default [2021-06-19]
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102 [2023-08-23]
FF Extension: (Decentraleyes) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2023-08-09]
FF Extension: (I don't care about cookies) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-08-11]
FF Extension: (AdBlocker for YouTube™) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2023-07-22]
FF Extension: (uBlock Origin) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\uBlock0@raymondhill.net.xpi [2023-08-04]
FF Extension: (Lilo Moteur et Solidaire) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{3004c9c0-ac9c-4ae2-9ac8-c59948bdd021}.xpi [2023-08-06]
FF Extension: (Block Site) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{54e2eb33-18eb-46ad-a4e4-1329c29f6e17}.xpi [2023-07-15]
FF Extension: (PDF Editor and Search by PDFtab) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{82c0173d-b61d-4cd3-8e01-ffc56211a71c}.xpi [2023-06-21] [UpdateUrl:hxxps://cdn.pdftab-cdn.com/xpi/pdftab/yhs/0721/search/updates.json]
FF Extension: (Popup Blocker (strict)) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2023-08-04]
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default [2023-08-14]
CHR Extension: (Slides) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-27]
CHR Extension: (Docs) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-27]
CHR Extension: (Google Drive) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-27]
CHR Extension: (YouTube) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-27]
CHR Extension: (Avira Password Manager) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-11-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-11-27]
CHR Extension: (Sheets) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-27]
CHR Extension: (Protection Web Avira) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-11-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-27]
CHR Extension: (Gmail) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-27]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-14]
BRA Extension: (Ad Avenger) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aabcnnmihfbpfblmeflmggaccdjlpfpp [2021-11-27]
BRA Extension: (Google Traduction) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
BRA Extension: (Avira Password Manager) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-09-02]
BRA Extension: (Avira Safe Shopping) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-09-04]
BRA Extension: (Protection Web Avira) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-04]
BRA Extension: (Dark theme for VK.COM | Night Mode for Vkontakte™) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gamlckmepdclkglolaedeigblmmpmfhf [2022-03-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-04]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-09-04]
BRA Extension: (Brave NTP background images) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-20]
BRA Extension: (Wallet Data Files Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-08-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-04]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-04]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-06-28]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave NTP sponsored images) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-09-04]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-09-04]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-06-22] (ADLICE -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\xxxx\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222672 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [199640 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
R3 mshield; C:\Windows\System32\DRIVERS\mshield.sys [43112 2023-06-01] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.11.3.0\Drivers\NDivert.sys [131472 2023-05-24] (nordvpn s.a. -> Nordvpn S.A.)
S3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2021-07-22] (TEFINCOM S.A. -> WireGuard LLC)
R4 NordDivert10; C:\Program Files\NordVPN\NordSec ThreatProtection\1.3.432.544\NordDivert1064.sys [101240 2023-06-01] (nordvpn s.a. -> NordVPN/Basil)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [46928 2023-08-23] (ADLICE (Julien ASCOET) -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [41920 2023-08-23] (ADLICE (Julien ASCOET) -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-10-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2069-10-05 01:01 - 2069-10-05 01:01 - 000000112 ___SH C:\bootTel.dat
2023-08-23 16:38 - 2023-08-23 16:39 - 000030086 _____ C:\Users\xxxx\Desktop\FRST.txt
2023-08-23 16:36 - 2023-08-23 16:38 - 000049854 _____ C:\Users\xxxx\Downloads\Addition.txt
2023-08-23 16:35 - 2023-08-23 16:38 - 000041201 _____ C:\Users\xxxx\Downloads\FRST.txt
2023-08-23 16:34 - 2023-08-23 16:35 - 002385408 _____ (Farbar) C:\Users\xxxx\Desktop\FRST64.exe
2023-08-23 16:32 - 2023-08-23 16:39 - 000000000 ____D C:\FRST
2023-08-22 15:41 - 2023-08-22 15:41 - 003343008 _____ (Nicolas Coolman) C:\Users\xxxx\ZHPCleaner.exe
2023-08-22 15:33 - 2023-08-22 15:33 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2023-08-22 12:32 - 2023-08-22 12:32 - 000000000 ___HD C:\$WinREAgent
2023-08-18 14:18 - 2023-08-18 14:18 - 000046855 _____ C:\Users\xxxx\Downloads\DownloadDocument.pdf
2023-08-17 23:48 - 2023-08-17 23:48 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-08-13 16:05 - 2023-08-13 16:06 - 005206948 _____ C:\Users\xxxx\Downloads\Les obligation de la Banque.pdf
2023-08-13 16:05 - 2023-08-13 16:05 - 004443349 _____ C:\Users\xxxx\Downloads\les obligations de la banque.pdf
2023-08-10 01:59 - 2023-08-23 02:03 - 000046928 _____ C:\Windows\system32\Drivers\rkflt.sys
2023-08-09 07:55 - 2023-08-09 07:55 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-08-09 07:50 - 2023-08-23 15:53 - 000000000 ____D C:\Users\xxxx\AppData\Local\Discord
2023-08-09 07:50 - 2023-08-09 09:06 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2023-08-09 07:25 - 2023-08-09 07:25 - 000000000 ____D C:\ProgramData\Piriform
2023-08-09 07:11 - 2023-08-23 14:59 - 000000000 ___RD C:\Users\xxxx\Desktop\clean
2023-08-09 01:04 - 2023-08-09 07:08 - 000000000 ____D C:\Users\xxxx\Documents\A imprimer
2023-08-06 22:00 - 2023-08-06 22:00 - 000006851 _____ C:\Users\xxxx\Downloads\9TWA3SWBP0-1-recapitulatif-cni.pdf
2023-08-05 23:09 - 2023-08-05 23:09 - 000157818 _____ C:\Users\xxxx\Downloads\COURRIER-POUR-Procureur-NICE-20-juillet-2023.pdf
2023-08-02 12:15 - 2023-06-01 14:39 - 000043112 _____ (Nordvpn S.A.) C:\Windows\system32\Drivers\mshield.sys
2023-08-02 00:52 - 2023-08-02 00:52 - 000148778 _____ C:\Users\xxxx\Downloads\6597592_fb2cca81.pdf
2023-08-01 19:26 - 2023-08-23 02:03 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\discord
2023-08-01 18:22 - 2023-08-01 18:22 - 000144126 _____ C:\Users\xxxx\Downloads\Releve_n_012_du_23_12_2022_541097261_KobYQdBn-1.pdf
2023-08-01 18:12 - 2023-08-01 18:12 - 000052397 _____ C:\Users\xxxx\Downloads\doc1702.pdf
2023-08-01 18:07 - 2023-08-01 18:07 - 000144126 _____ C:\Users\xxxx\Downloads\Releve_n_012_du_23_12_2022_541097261_KobYQdBn.pdf
2023-07-31 16:41 - 2023-07-31 16:41 - 000188297 _____ C:\Users\xxxx\Downloads\Statut de Commissaire de Justice.pdf
2023-07-31 15:50 - 2023-07-31 15:50 - 000164671 _____ C:\Users\xxxx\Downloads\img20230623_16564165.pdf
2023-07-28 01:22 - 2023-08-21 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2069-10-05 01:20 - 2022-06-29 19:55 - 000000000 ____D C:\Program Files\Avira
2069-10-05 01:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-23 15:33 - 2022-02-09 12:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-23 15:22 - 2022-04-07 01:13 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\ZHP
2023-08-23 15:16 - 2020-11-19 00:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-23 15:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-23 14:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-23 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-23 13:57 - 2020-11-19 01:44 - 001764910 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-23 13:57 - 2019-12-07 16:49 - 000790304 _____ C:\Windows\system32\perfh00C.dat
2023-08-23 13:57 - 2019-12-07 16:49 - 000149702 _____ C:\Windows\system32\perfc00C.dat
2023-08-23 13:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-23 13:53 - 2022-04-26 10:36 - 000000000 ____D C:\Program Files\TeamViewer
2023-08-23 02:05 - 2021-07-22 12:04 - 000000000 ____D C:\Users\xxxx\AppData\Local\NordVPN
2023-08-23 02:03 - 2023-05-03 04:10 - 000000000 ____D C:\Users\xxxx\AppData\Local\Malwarebytes
2023-08-23 02:03 - 2021-06-19 03:29 - 000000000 ____D C:\Program Files\CCleaner
2023-08-23 02:03 - 2021-06-16 10:30 - 000000000 __SHD C:\Users\xxxx\IntelGraphicsProfiles
2023-08-23 02:03 - 2021-06-15 20:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-23 02:02 - 2023-01-26 14:36 - 000041920 _____ C:\Windows\system32\Drivers\truesight.sys
2023-08-23 02:02 - 2022-03-12 14:11 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-08-23 02:02 - 2020-11-19 01:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-23 02:02 - 2020-11-19 01:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-22 23:19 - 2020-11-19 01:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-22 15:41 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx
2023-08-22 15:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-21 15:26 - 2022-01-15 05:59 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Word
2023-08-21 15:09 - 2021-06-16 10:30 - 000000000 ___SD C:\Users\xxxx\AppData\Roaming\Microsoft\Credentials
2023-08-19 20:26 - 2021-08-02 20:27 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\WhatsApp
2023-08-18 13:23 - 2021-06-19 02:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-18 12:04 - 2021-06-19 02:15 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-17 11:41 - 2022-09-21 10:10 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-08-17 09:53 - 2022-10-29 17:42 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-08-17 09:53 - 2021-06-19 03:29 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-08-16 12:26 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\Packages
2023-08-16 06:10 - 2022-01-23 23:33 - 000000000 ____D C:\Users\xxxx\Documents\truth
2023-08-16 05:28 - 2022-04-06 17:34 - 000000000 ____D C:\Users\xxxx\Desktop\Mina
2023-08-15 14:33 - 2021-06-29 10:34 - 000000000 ____D C:\Users\xxxx\AppData\Local\CrashDumps
2023-08-15 01:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-08-15 00:23 - 2021-08-02 18:04 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Telegram Desktop
2023-08-14 22:34 - 2021-12-15 16:22 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2192572283-2055701946-4279331031-1002
2023-08-14 22:34 - 2021-06-16 10:31 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2192572283-2055701946-4279331031-1002
2023-08-14 22:34 - 2021-06-16 10:30 - 000002418 _____ C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-14 14:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2023-08-11 22:08 - 2022-10-12 23:23 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-11 22:08 - 2021-06-26 17:53 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-08-10 01:58 - 2021-11-15 19:01 - 000000000 ____D C:\Program Files\7-Zip
2023-08-09 18:50 - 2021-06-15 20:40 - 000000000 ____D C:\Windows\system32\MRT
2023-08-09 18:46 - 2021-06-15 20:39 - 175983240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-08-09 11:06 - 2021-08-02 20:26 - 000000000 ____D C:\Users\xxxx\AppData\Local\SquirrelTemp
2023-08-09 08:43 - 2023-03-29 22:17 - 000000000 ___RD C:\Users\xxxx\Desktop\musique
2023-08-09 08:03 - 2022-02-19 00:34 - 000000000 ____D C:\Users\xxxx\Documents\complo
2023-08-09 08:00 - 2023-06-10 14:42 - 000017995 _____ C:\Users\xxxx\Desktop\Courrier au président du conseil Régional dt.odt
2023-08-09 07:55 - 2021-09-30 16:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-08-09 07:52 - 2022-01-28 14:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-09 07:51 - 2023-07-14 18:13 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-09 07:51 - 2023-07-14 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-08-09 07:48 - 2022-04-07 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-08-09 07:48 - 2022-04-07 00:10 - 000000000 ____D C:\Program Files\RogueKiller
2023-08-09 07:44 - 2022-01-28 14:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-09 07:44 - 2022-01-28 14:49 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-09 07:32 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\D3DSCache
2023-08-09 07:20 - 2022-04-03 14:00 - 000000000 ____D C:\Users\xxxx\Documents\santé
2023-08-09 07:20 - 2021-11-19 12:07 - 000000000 ____D C:\Users\xxxx\Documents\placements
2023-08-09 07:05 - 2021-09-27 17:06 - 000000000 ____D C:\Users\xxxx\Documents\mon dossier
2023-08-09 00:50 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-08-04 14:42 - 2021-06-16 10:37 - 000000000 ____D C:\Users\xxxx\AppData\Local\PlaceholderTileLogoFolder
2023-08-04 14:22 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\NVIDIA Corporation
2023-08-02 12:15 - 2022-08-17 18:08 - 000000000 ____D C:\Program Files\NordUpdater
2023-08-02 12:15 - 2021-07-22 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2023-08-02 12:15 - 2021-07-22 12:04 - 000000000 ____D C:\Program Files\NordVPN
2023-07-31 16:42 - 2022-01-20 00:42 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Excel
2023-07-27 15:26 - 2021-06-15 19:44 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-25 02:10 - 2020-11-19 01:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2023-08-22 15:41 - 2023-08-22 15:41 - 003343008 _____ (Nicolas Coolman) C:\Users\xxxx\ZHPCleaner.exe
2021-12-15 07:19 - 2021-12-15 07:19 - 000000000 _____ () C:\Users\xxxx\AppData\Local\{017C9806-BB96-437D-BCE4-9929666EB659}
2021-12-15 07:19 - 2021-12-15 07:19 - 000000000 _____ () C:\Users\xxxx\AppData\Local\{4377BB97-C8F0-4F23-9897-5109FD881868}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par xxxx (administrateur) sur DESKTOP-HM9PQ4E (ASUSTeK COMPUTER INC. X550JX) (23-08-2023 16:38:53)
Exécuté depuis C:\Users\xxxx\Desktop\FRST64.exe
Profils chargés: xxxx
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2130 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Discord Inc. -> Discord Inc.) C:\Users\xxxx\AppData\Local\Discord\app-1.0.9016\Discord.exe <6>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2332.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3772416 2023-08-14] () [Fichier non signé]
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [UCheck] => C:\Program Files\UCheck\UCheck64.exe [30575656 2022-06-08] (ADLICE -> )
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [] => [X]
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262376 2023-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Discord] => C:\Users\xxxx\AppData\Local\Discord\Update.exe [1525016 2023-07-31] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7660496 2023-08-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --component-updater=url-source=hxxps://go-updater.brave.com/extensions --disable-client-side-phishing-detection --disable-domain-rel (l'élément de données a 382 caractères en plus). (Pas de fichier)
HKU\S-1-5-21-2192572283-2055701946-4279331031-1002\...\MountPoints2: {fa885ca8-3bfc-11ec-8a89-80a5898f62d2} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\Windows\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {80ADEB91-B533-4E15-86BE-C93C88E5F943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {4B71AC66-C98D-4FE8-B73C-6E6E991D9027} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {17F3E232-FB02-4BC0-95F8-132EAF8658F7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "30ca65a5-3b84-4b7e-bae2-b70442f84666" --version "6.15.10623" --silent
Task: {653A7C2C-E523-4A34-B36C-7C238782FB8F} - System32\Tasks\CCleanerSkipUAC - xxxx => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {25B4D7CA-74A2-49B8-9B50-8D3B3AB4A555} - System32\Tasks\HPCustParticipation HP ENVY 5540 series => C:\Program Files\HP\HP ENVY 5540 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {C9979ED4-579F-4450-8FDF-2AA80F36F994} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F403D53-999A-4CFA-95C4-56A412363229} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {01E74137-A602-4554-8977-07CEF5425A44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBB97D4-118A-4D07-91D1-77B8D0AFC894} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [687008 2023-08-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {43522A44-536F-4A1B-B15C-90DC0E27D845} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {F565943F-29F9-45D2-942C-A3C24A72355F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {778DE1EA-9F5D-4B27-91D2-2E7E7C34BB44} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {77712766-BD35-467D-9567-2084209ECA35} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50B6FA5B-CAA9-48C0-AD83-8FA85209BF46} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D20FDA2-70A8-4C21-92D3-2CB9A721E278} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4567171A-F50A-41C4-8974-4A3AE3308103} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {634A9E2E-7A74-48A8-98C4-4BF669D975A1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FCA6099-6671-4150-B6AC-24D5B9C19395} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B0AAE2F-540A-4EC5-9376-4A72E0E18338} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4A5C387-3937-4B09-8646-256D1276E1C5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\..\Interfaces\{90e21a9e-3c94-4779-b8ce-99b3ab7d7bec}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{90e21a9e-3c94-4779-b8ce-99b3ab7d7bec}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{c1ea7924-5ba7-4158-a52a-e17d71358226}: [DhcpNameServer] 109.0.66.10 109.0.66.20
Tcpip\..\Interfaces\{fc01fcd5-2b9d-2fd8-78d8-cb78b313e2b2}: [NameServer] 103.86.96.100,103.86.99.100
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-08-14]
Edge Profile: C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-08-23]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-09]
Edge Extension: (Edge relevant text changes) - C:\Users\xxxx\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-09]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: nrwaqgso.default
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\nrwaqgso.default [2021-06-19]
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102 [2023-08-23]
FF Extension: (Decentraleyes) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2023-08-09]
FF Extension: (I don't care about cookies) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-08-11]
FF Extension: (AdBlocker for YouTube™) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2023-07-22]
FF Extension: (uBlock Origin) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\uBlock0@raymondhill.net.xpi [2023-08-04]
FF Extension: (Lilo Moteur et Solidaire) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{3004c9c0-ac9c-4ae2-9ac8-c59948bdd021}.xpi [2023-08-06]
FF Extension: (Block Site) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{54e2eb33-18eb-46ad-a4e4-1329c29f6e17}.xpi [2023-07-15]
FF Extension: (PDF Editor and Search by PDFtab) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{82c0173d-b61d-4cd3-8e01-ffc56211a71c}.xpi [2023-06-21] [UpdateUrl:hxxps://cdn.pdftab-cdn.com/xpi/pdftab/yhs/0721/search/updates.json]
FF Extension: (Popup Blocker (strict)) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\5uywl3bi.default-release-2827176210102\Extensions\{de22fd49-c9ab-4359-b722-b3febdc3a0b0}.xpi [2023-08-04]
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default [2023-08-14]
CHR Extension: (Slides) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-27]
CHR Extension: (Docs) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-27]
CHR Extension: (Google Drive) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-27]
CHR Extension: (YouTube) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-27]
CHR Extension: (Avira Password Manager) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-11-27]
CHR Extension: (Avira Safe Shopping) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-11-27]
CHR Extension: (Sheets) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-27]
CHR Extension: (Protection Web Avira) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-11-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-27]
CHR Extension: (Gmail) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-27]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-08-14]
BRA Extension: (Ad Avenger) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aabcnnmihfbpfblmeflmggaccdjlpfpp [2021-11-27]
BRA Extension: (Google Traduction) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-10]
BRA Extension: (Avira Password Manager) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-09-02]
BRA Extension: (Avira Safe Shopping) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-09-04]
BRA Extension: (Protection Web Avira) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-04]
BRA Extension: (Dark theme for VK.COM | Night Mode for Vkontakte™) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gamlckmepdclkglolaedeigblmmpmfhf [2022-03-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-04]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-09-04]
BRA Extension: (Brave NTP background images) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-20]
BRA Extension: (Wallet Data Files Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-08-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-04]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-09-04]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-06-28]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave NTP sponsored images) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-09-04]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\xxxx\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-09-04]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-06-22] (ADLICE -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_a37bb30871dac4a6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\xxxx\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222672 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [199640 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-08-17] (Malwarebytes Inc. -> Malwarebytes)
R3 mshield; C:\Windows\System32\DRIVERS\mshield.sys [43112 2023-06-01] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.11.3.0\Drivers\NDivert.sys [131472 2023-05-24] (nordvpn s.a. -> Nordvpn S.A.)
S3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2021-07-22] (TEFINCOM S.A. -> WireGuard LLC)
R4 NordDivert10; C:\Program Files\NordVPN\NordSec ThreatProtection\1.3.432.544\NordDivert1064.sys [101240 2023-06-01] (nordvpn s.a. -> NordVPN/Basil)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [46928 2023-08-23] (ADLICE (Julien ASCOET) -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [41920 2023-08-23] (ADLICE (Julien ASCOET) -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-10-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2069-10-05 01:01 - 2069-10-05 01:01 - 000000112 ___SH C:\bootTel.dat
2023-08-23 16:38 - 2023-08-23 16:39 - 000030086 _____ C:\Users\xxxx\Desktop\FRST.txt
2023-08-23 16:36 - 2023-08-23 16:38 - 000049854 _____ C:\Users\xxxx\Downloads\Addition.txt
2023-08-23 16:35 - 2023-08-23 16:38 - 000041201 _____ C:\Users\xxxx\Downloads\FRST.txt
2023-08-23 16:34 - 2023-08-23 16:35 - 002385408 _____ (Farbar) C:\Users\xxxx\Desktop\FRST64.exe
2023-08-23 16:32 - 2023-08-23 16:39 - 000000000 ____D C:\FRST
2023-08-22 15:41 - 2023-08-22 15:41 - 003343008 _____ (Nicolas Coolman) C:\Users\xxxx\ZHPCleaner.exe
2023-08-22 15:33 - 2023-08-22 15:33 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2023-08-22 12:32 - 2023-08-22 12:32 - 000000000 ___HD C:\$WinREAgent
2023-08-18 14:18 - 2023-08-18 14:18 - 000046855 _____ C:\Users\xxxx\Downloads\DownloadDocument.pdf
2023-08-17 23:48 - 2023-08-17 23:48 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-08-13 16:05 - 2023-08-13 16:06 - 005206948 _____ C:\Users\xxxx\Downloads\Les obligation de la Banque.pdf
2023-08-13 16:05 - 2023-08-13 16:05 - 004443349 _____ C:\Users\xxxx\Downloads\les obligations de la banque.pdf
2023-08-10 01:59 - 2023-08-23 02:03 - 000046928 _____ C:\Windows\system32\Drivers\rkflt.sys
2023-08-09 07:55 - 2023-08-09 07:55 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-08-09 07:50 - 2023-08-23 15:53 - 000000000 ____D C:\Users\xxxx\AppData\Local\Discord
2023-08-09 07:50 - 2023-08-09 09:06 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2023-08-09 07:25 - 2023-08-09 07:25 - 000000000 ____D C:\ProgramData\Piriform
2023-08-09 07:11 - 2023-08-23 14:59 - 000000000 ___RD C:\Users\xxxx\Desktop\clean
2023-08-09 01:04 - 2023-08-09 07:08 - 000000000 ____D C:\Users\xxxx\Documents\A imprimer
2023-08-06 22:00 - 2023-08-06 22:00 - 000006851 _____ C:\Users\xxxx\Downloads\9TWA3SWBP0-1-recapitulatif-cni.pdf
2023-08-05 23:09 - 2023-08-05 23:09 - 000157818 _____ C:\Users\xxxx\Downloads\COURRIER-POUR-Procureur-NICE-20-juillet-2023.pdf
2023-08-02 12:15 - 2023-06-01 14:39 - 000043112 _____ (Nordvpn S.A.) C:\Windows\system32\Drivers\mshield.sys
2023-08-02 00:52 - 2023-08-02 00:52 - 000148778 _____ C:\Users\xxxx\Downloads\6597592_fb2cca81.pdf
2023-08-01 19:26 - 2023-08-23 02:03 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\discord
2023-08-01 18:22 - 2023-08-01 18:22 - 000144126 _____ C:\Users\xxxx\Downloads\Releve_n_012_du_23_12_2022_541097261_KobYQdBn-1.pdf
2023-08-01 18:12 - 2023-08-01 18:12 - 000052397 _____ C:\Users\xxxx\Downloads\doc1702.pdf
2023-08-01 18:07 - 2023-08-01 18:07 - 000144126 _____ C:\Users\xxxx\Downloads\Releve_n_012_du_23_12_2022_541097261_KobYQdBn.pdf
2023-07-31 16:41 - 2023-07-31 16:41 - 000188297 _____ C:\Users\xxxx\Downloads\Statut de Commissaire de Justice.pdf
2023-07-31 15:50 - 2023-07-31 15:50 - 000164671 _____ C:\Users\xxxx\Downloads\img20230623_16564165.pdf
2023-07-28 01:22 - 2023-08-21 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2069-10-05 01:20 - 2022-06-29 19:55 - 000000000 ____D C:\Program Files\Avira
2069-10-05 01:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-23 15:33 - 2022-02-09 12:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-23 15:22 - 2022-04-07 01:13 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\ZHP
2023-08-23 15:16 - 2020-11-19 00:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-23 15:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-23 14:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-23 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-23 13:57 - 2020-11-19 01:44 - 001764910 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-23 13:57 - 2019-12-07 16:49 - 000790304 _____ C:\Windows\system32\perfh00C.dat
2023-08-23 13:57 - 2019-12-07 16:49 - 000149702 _____ C:\Windows\system32\perfc00C.dat
2023-08-23 13:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-23 13:53 - 2022-04-26 10:36 - 000000000 ____D C:\Program Files\TeamViewer
2023-08-23 02:05 - 2021-07-22 12:04 - 000000000 ____D C:\Users\xxxx\AppData\Local\NordVPN
2023-08-23 02:03 - 2023-05-03 04:10 - 000000000 ____D C:\Users\xxxx\AppData\Local\Malwarebytes
2023-08-23 02:03 - 2021-06-19 03:29 - 000000000 ____D C:\Program Files\CCleaner
2023-08-23 02:03 - 2021-06-16 10:30 - 000000000 __SHD C:\Users\xxxx\IntelGraphicsProfiles
2023-08-23 02:03 - 2021-06-15 20:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-23 02:02 - 2023-01-26 14:36 - 000041920 _____ C:\Windows\system32\Drivers\truesight.sys
2023-08-23 02:02 - 2022-03-12 14:11 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-08-23 02:02 - 2020-11-19 01:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-23 02:02 - 2020-11-19 01:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-22 23:19 - 2020-11-19 01:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-22 15:41 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx
2023-08-22 15:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-21 15:26 - 2022-01-15 05:59 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Word
2023-08-21 15:09 - 2021-06-16 10:30 - 000000000 ___SD C:\Users\xxxx\AppData\Roaming\Microsoft\Credentials
2023-08-19 20:26 - 2021-08-02 20:27 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\WhatsApp
2023-08-18 13:23 - 2021-06-19 02:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-18 12:04 - 2021-06-19 02:15 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-17 11:41 - 2022-09-21 10:10 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-08-17 09:53 - 2022-10-29 17:42 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-08-17 09:53 - 2021-06-19 03:29 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-08-16 12:26 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\Packages
2023-08-16 06:10 - 2022-01-23 23:33 - 000000000 ____D C:\Users\xxxx\Documents\truth
2023-08-16 05:28 - 2022-04-06 17:34 - 000000000 ____D C:\Users\xxxx\Desktop\Mina
2023-08-15 14:33 - 2021-06-29 10:34 - 000000000 ____D C:\Users\xxxx\AppData\Local\CrashDumps
2023-08-15 01:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-08-15 00:23 - 2021-08-02 18:04 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Telegram Desktop
2023-08-14 22:34 - 2021-12-15 16:22 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2192572283-2055701946-4279331031-1002
2023-08-14 22:34 - 2021-06-16 10:31 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2192572283-2055701946-4279331031-1002
2023-08-14 22:34 - 2021-06-16 10:30 - 000002418 _____ C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-14 14:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2023-08-11 22:08 - 2022-10-12 23:23 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-11 22:08 - 2021-06-26 17:53 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-08-10 01:58 - 2021-11-15 19:01 - 000000000 ____D C:\Program Files\7-Zip
2023-08-09 18:50 - 2021-06-15 20:40 - 000000000 ____D C:\Windows\system32\MRT
2023-08-09 18:46 - 2021-06-15 20:39 - 175983240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-08-09 11:06 - 2021-08-02 20:26 - 000000000 ____D C:\Users\xxxx\AppData\Local\SquirrelTemp
2023-08-09 08:43 - 2023-03-29 22:17 - 000000000 ___RD C:\Users\xxxx\Desktop\musique
2023-08-09 08:03 - 2022-02-19 00:34 - 000000000 ____D C:\Users\xxxx\Documents\complo
2023-08-09 08:00 - 2023-06-10 14:42 - 000017995 _____ C:\Users\xxxx\Desktop\Courrier au président du conseil Régional dt.odt
2023-08-09 07:55 - 2021-09-30 16:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-08-09 07:52 - 2022-01-28 14:52 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-09 07:51 - 2023-07-14 18:13 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-09 07:51 - 2023-07-14 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-08-09 07:48 - 2022-04-07 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-08-09 07:48 - 2022-04-07 00:10 - 000000000 ____D C:\Program Files\RogueKiller
2023-08-09 07:44 - 2022-01-28 14:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-09 07:44 - 2022-01-28 14:49 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-09 07:32 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\D3DSCache
2023-08-09 07:20 - 2022-04-03 14:00 - 000000000 ____D C:\Users\xxxx\Documents\santé
2023-08-09 07:20 - 2021-11-19 12:07 - 000000000 ____D C:\Users\xxxx\Documents\placements
2023-08-09 07:05 - 2021-09-27 17:06 - 000000000 ____D C:\Users\xxxx\Documents\mon dossier
2023-08-09 00:50 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-08-04 14:42 - 2021-06-16 10:37 - 000000000 ____D C:\Users\xxxx\AppData\Local\PlaceholderTileLogoFolder
2023-08-04 14:22 - 2021-06-16 10:30 - 000000000 ____D C:\Users\xxxx\AppData\Local\NVIDIA Corporation
2023-08-02 12:15 - 2022-08-17 18:08 - 000000000 ____D C:\Program Files\NordUpdater
2023-08-02 12:15 - 2021-07-22 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2023-08-02 12:15 - 2021-07-22 12:04 - 000000000 ____D C:\Program Files\NordVPN
2023-07-31 16:42 - 2022-01-20 00:42 - 000000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Excel
2023-07-27 15:26 - 2021-06-15 19:44 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-25 02:10 - 2020-11-19 01:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2023-08-22 15:41 - 2023-08-22 15:41 - 003343008 _____ (Nicolas Coolman) C:\Users\xxxx\ZHPCleaner.exe
2021-12-15 07:19 - 2021-12-15 07:19 - 000000000 _____ () C:\Users\xxxx\AppData\Local\{017C9806-BB96-437D-BCE4-9929666EB659}
2021-12-15 07:19 - 2021-12-15 07:19 - 000000000 _____ () C:\Users\xxxx\AppData\Local\{4377BB97-C8F0-4F23-9897-5109FD881868}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================