FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2023
Exécuté par Vincent (administrateur) sur HP-HP (Hewlett-Packard HP ProDesk 400 G2 MT (TPM DP)) (12-09-2023 16:27:31)
Exécuté depuis C:\Users\Vincent\Desktop\FRST64.exe
Profils chargés: Vincent
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Scanner\FileUtility\SFUSVC.exe ->) (KYOCERA MITA Corporation) [Fichier non signé] C:\Program Files (x86)\Scanner\FileUtility\NsCatCom.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (CACAOWEB Ltd -> ) C:\Users\Vincent\AppData\Roaming\cacaoweb\cacaoweb.exe
(explorer.exe ->) (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <46>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(services.exe ->) (KYOCERA MITA CORPORATION) [Fichier non signé] C:\Program Files (x86)\Scanner\FileUtility\SFUSVC.exe
(services.exe ->) (Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [HotKeysCmds] => "C:\windows\system32\hkcmd.exe" (Pas de fichier)
HKLM\...\Run: [Persistence] => "C:\windows\system32\igfxpers.exe" (Pas de fichier)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-05-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1805530572-2772888774-1281152250-1002\...\Run: [cacaoweb] => C:\Users\Vincent\AppData\Roaming\cacaoweb\cacaoweb.exe [567192 2023-02-23] (CACAOWEB Ltd -> )
HKU\S-1-5-21-1805530572-2772888774-1281152250-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\windows\system32\hpbprtmon.dll [423936 2014-06-11] (Hewlett-Packard) [Fichier non signé]
HKLM\...\Print\Monitors\KX Language Monitor: C:\windows\system32\KXPLM64.DLL [177512 2020-02-19] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [181248 2022-08-29] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner File Utility.lnk [2020-04-06]
ShortcutTarget: Scanner File Utility.lnk -> C:\Program Files (x86)\Scanner\FileUtility\NsCatCom.exe (KYOCERA MITA Corporation) [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {E0E4C158-2CE1-4353-98E7-5BE58E4A5032} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {0FED26D0-B943-4907-BE1C-8973B76FA26D} - System32\Tasks\AdobeAAMUpdater-1.0-HP-HP-Vincent => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9042E82D-B0CE-41F2-A6A7-22648DA8ACFF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B4F5A49F-765E-4D95-895D-28A32272FA25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {44B473E4-7D07-4F65-A743-F7B79DD50765} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1ebe3d6a-7f83-483e-961f-07b0769fb3ff" --version "6.13.10517" --silent
Task: {92A365E4-7927-48DE-87B1-F8B1E62F5551} - System32\Tasks\CCleanerSkipUAC - Vincent => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C1EA3661-BDA5-471E-BBC8-B336370142DB} - System32\Tasks\Messagerie thunderbird => C:\Program Files\Mozilla Thunderbird\thunderbird.exe [412576 2023-05-31] (Mozilla Corporation -> Mozilla Corporation)
Task: {B0230486-FD18-4A04-B149-0ACFA80CB584} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F555E1FD-F40B-45B4-9001-1C492C768CDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {21C9D4A5-BD95-4D2F-8F63-995FE27D3F34} - System32\Tasks\Mozilla Thunderbird => C:\Program Files\Mozilla Thunderbird\thunderbird.exe [412576 2023-05-31] (Mozilla Corporation -> Mozilla Corporation)
Task: {AEA6C2F2-4DBB-4935-A06D-6CB81754F0C0} - System32\Tasks\Mozilla\FIREFOX => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-31] (Mozilla Corporation -> Mozilla Corporation) <==== ATTENTION
Task: {5BD707CB-2F51-4855-BEAE-DB587F2ACB8F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => Command(1): "C:\Program Files\Mozilla Firefox\firefox.exe" -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5BD707CB-2F51-4855-BEAE-DB587F2ACB8F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => Command(2): C:\Program Files\Mozilla Firefox\firefox.exe [686496 [686496 2023-08-31]] (Mozilla Corporation -> Mozilla Corporation)
Task: {F1FC3C0C-CD6A-4970-9924-2893047A7FBA} - System32\Tasks\Orange Mail => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-31] (Mozilla Corporation -> Mozilla Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{48B04637-907A-4DD7-B3AA-FD710F28FBD2}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{4D26C369-B740-44D0-958E-FCA600936838}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8F09D7B6-30D4-43DD-B88F-F96287061A39}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C5191757-204F-4188-90E1-47DBA9E0DB4E}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C5191757-204F-4188-90E1-47DBA9E0DB4E}: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF DefaultProfile: 6abo0w77.default-1674841324645
FF ProfilePath: C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6abo0w77.default-1674841324645 [2023-09-12]
FF Homepage: Mozilla\Firefox\Profiles\6abo0w77.default-1674841324645 -> hxxps://messageriepro3.orange.fr/OFX#mail/SF_INBOX
FF Notifications: Mozilla\Firefox\Profiles\6abo0w77.default-1674841324645 -> hxxps://assiste.com
FF Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6abo0w77.default-1674841324645\Extensions\appledev@soarinfotech.com.xpi [2023-08-28] [UpdateUrl:hxxps://www.coupert.com/api/v2/extension/ffupdate]
FF Extension: (cacaoweb) - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\6abo0w77.default-1674841324645\Extensions\cacaoweb@cacaoweb.org [2023-09-12] [] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default [2023-09-08]
CHR Notifications: Default -> hxxps://web.snapchat.com
CHR HomePage: Default -> hxxp://google.fr/
CHR StartupUrls: Default -> "hxxp://www.orange.fr/portail"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-09-08]
CHR Extension: (Recherche Google) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Snake) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnokdamcoialeigjbjapbmehhomjehhk [2018-03-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-26]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]

Opera:
=======
OPR Profile: C:\Users\Vincent\AppData\Roaming\Opera Software\Opera Stable [2023-05-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Vincent\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-24]
OPR Extension: (Opera Wallet) - C:\Users\Vincent\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Vincent\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-25]

Brave:
=======
BRA Profile: C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-27]
BRA Extension: (Avast Online Security) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-17]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-03-17]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-17]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-03-17]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Vincent\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-17]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [Fichier non signé]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [Fichier non signé]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-11] (Malwarebytes Inc. -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S4 NMSAccess; C:\windows\SysWOW64\NMSAccessU.exe [71096 2009-01-12] (Numedia Soft, Inc. -> )
S4 NVWMI; C:\windows\system32\nvwmi64.exe [3171632 2015-10-28] (NVIDIA Corporation -> )
S4 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (NETGEAR -> Realtek Semiconductor Corp.)
R2 SFUSVC; C:\Program Files (x86)\Scanner\FileUtility\SFUSVC.exe [53248 2012-10-29] (KYOCERA MITA CORPORATION) [Fichier non signé]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14865896 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Windows -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 A6100; C:\windows\System32\DRIVERS\A6100.sys [4863752 2016-02-17] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet, Inc. -> SafeNet Inc.)
S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet, Inc. -> SafeNet Inc.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [222272 2023-09-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239544 2023-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NVHDA; C:\windows\System32\drivers\nvhda64v.sys [129960 2021-05-15] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WIBUKEY; C:\windows\System32\DRIVERS\WibuKey64.sys [107008 2007-06-18] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-09-12 16:27 - 2023-09-12 16:28 - 000022344 _____ C:\Users\Vincent\Desktop\FRST.txt
2023-09-12 16:26 - 2023-09-12 16:28 - 000000000 ____D C:\FRST
2023-09-12 16:19 - 2023-09-12 16:19 - 002382848 _____ (Farbar) C:\Users\Vincent\Desktop\FRST64.exe
2023-09-12 15:48 - 2023-09-12 15:49 - 000000498 _____ C:\Users\Vincent\Desktop\DiskInfo.ini
2023-09-12 15:48 - 2023-09-12 15:48 - 000000000 ____D C:\Users\Vincent\Desktop\Smart
2023-09-12 15:47 - 2023-09-12 15:47 - 000000000 ____D C:\Users\Vincent\Desktop\CrystalDiskInfo9_1_1
2023-09-12 15:47 - 2023-07-11 23:22 - 002851864 _____ (Crystal Dew World) C:\Users\Vincent\Desktop\DiskInfo64.exe
2023-09-12 15:47 - 2023-07-11 23:22 - 002638360 _____ (Crystal Dew World) C:\Users\Vincent\Desktop\DiskInfo32.exe
2023-09-12 15:47 - 2023-03-04 10:45 - 000000849 _____ C:\Users\Vincent\Desktop\ReadMe.txt
2023-09-12 14:41 - 2023-09-12 14:41 - 000206075 _____ C:\Users\Vincent\Desktop\ZHPDiag.txt
2023-09-12 14:30 - 2023-09-12 14:30 - 000000000 ____D C:\Users\Vincent\AppData\Local\ZHP
2023-09-12 14:29 - 2023-09-12 14:29 - 003511456 _____ (Nicolas Coolman) C:\Users\Vincent\Desktop\ZHPSuite.exe
2023-09-05 14:39 - 2023-09-05 14:39 - 017455257 _____ C:\Users\Vincent\Downloads\PDFsam_merge-1.pdf
2023-08-29 10:23 - 2023-08-29 10:23 - 000651897 _____ C:\Users\Vincent\Downloads\insertion tuile 1.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-09-12 15:18 - 2020-12-01 18:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-12 14:41 - 2022-05-13 11:14 - 000000000 ____D C:\Users\Vincent\AppData\Roaming\ZHP
2023-09-12 12:52 - 2022-02-10 10:35 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-12 11:32 - 2019-10-30 18:10 - 000000000 ____D C:\Users\Vincent\AppData\Local\CrashDumps
2023-09-12 09:47 - 2009-07-14 06:45 - 000031088 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-09-12 09:47 - 2009-07-14 06:45 - 000031088 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-09-12 09:19 - 2023-05-15 09:10 - 000000000 ____D C:\Users\Vincent\AppData\Local\Malwarebytes
2023-09-12 09:17 - 2022-04-14 14:17 - 000000000 ____D C:\Program Files\TeamViewer
2023-09-12 09:17 - 2020-03-17 17:56 - 000000432 _____ C:\windows\system32\Drivers\etc\hosts.ics
2023-09-12 09:17 - 2018-03-02 10:11 - 000000000 __SHD C:\Users\Vincent\IntelGraphicsProfiles
2023-09-12 09:16 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2023-09-11 09:41 - 2022-11-17 12:51 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-08 09:42 - 2015-11-20 09:48 - 000000000 ____D C:\Users\Vincent\AppData\Roaming\Microsoft\Excel
2023-09-08 09:36 - 2015-11-20 09:48 - 000000000 ____D C:\Users\Vincent\AppData\Roaming\Microsoft\Word
2023-09-04 18:56 - 2022-09-07 15:44 - 000000000 ____D C:\Program Files (x86)\Free Tarot
2023-09-04 10:00 - 2021-11-03 11:43 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2023-09-01 09:35 - 2022-07-27 02:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-28 09:39 - 2022-11-17 12:50 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk

==================== Fichiers à la racine de certains dossiers ========

2019-10-24 18:37 - 2019-10-25 09:28 - 001617920 _____ (Farbar) C:\Users\Vincent\FRST64.exe
2019-10-24 17:18 - 2019-10-24 17:18 - 003234688 _____ (Nicolas Coolman) C:\Users\Vincent\ZHPDiag3.exe
2020-12-22 12:26 - 2020-12-22 12:26 - 000027764 _____ () C:\Users\Vincent\AppData\Roaming\UserTile.png
2018-04-05 10:11 - 2020-10-15 17:29 - 000001456 _____ () C:\Users\Vincent\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
2020-12-02 19:50 - 2023-03-30 15:25 - 000001456 _____ () C:\Users\Vincent\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2023-01-30 11:57 - 2023-01-30 11:57 - 000000000 _____ () C:\Users\Vincent\AppData\Local\oobelibMkey.log
2018-09-17 17:06 - 2018-09-17 17:06 - 000000017 _____ () C:\Users\Vincent\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

LastRegBack: 2023-09-11 14:01
==================== Fin de FRST.txt ========================

Signaler le contenu de ce document