Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Exécuté par Geralex (administrateur) sur DELL-GERALEX (Dell Inc. Latitude E6320) (19-10-2023 19:56:18)
Exécuté depuis C:\Users\Geralex\Desktop\FRST64.exe
Profils chargés: Geralex
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.2428 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Priyo Hutomo -> ) C:\Users\Geralex\AppData\Local\Programs\TweakNow WinSecret Plus!\TransTaskbar.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2875.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2875.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKLM\Software\Policies\...\system: [DisableLogonBackgroundImage] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: []
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SX110 Series 64MonitorBE: C:\Windows\system32\E_ILMFBE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat 11.0\Esl\Aiod.dll",CreateAcroUserSettings
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {812B0A89-364F-4D7A-8070-30719E143949} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1003 -> Pas de fichier <==== ATTENTION
Task: {CB4630F8-3A02-454C-A7C5-4ABE0249F7B6} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1004 -> Pas de fichier <==== ATTENTION
Task: {D79BE8A6-7FD1-4448-86D5-DFE002FC9331} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1002 -> Pas de fichier <==== ATTENTION
Task: {DFE08992-96CC-4172-8CAC-6DB44C082CD7} - System32\Tasks\CCleanerSkipUAC - user => C:\Softs'Ium\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E56E7B7B-25D8-42EA-A90E-E2B19760A2FE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5261576 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {3B9C2CC0-6DEE-4666-BBBE-D70A1B18D55B} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe" /UA 11.6 /DDV 0x0800 (Pas de fichier)
Task: {62EBD2EE-101B-420D-A327-8B250EFBCEFE} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => "C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe" /UA 17.6 (Pas de fichier)
Task: {ACB45367-39BE-4A36-8E71-217D27887169} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {3689DCC0-91CF-4CEB-8E4F-3486DFCA2495} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5251E7B0-6EB9-49E9-9812-A260C7CE1054} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B46FC45-4B70-4397-A288-4B5A5F175ECE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CAA79B8-FA58-4B06-9896-A0AC015E8D3B} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\Windows\system32\UCPDMgr.exe [58880 2023-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {0A1E8E80-324E-4D36-B006-5D776AE5FD5D} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [491520 2023-09-27] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {E9A76C9A-CD2D-4347-A30D-41208A51FE0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8BE5436-8C41-45B0-8A00-0E911A190284} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67AA1934-C029-4BFA-A562-D3607239CE1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {415AFFFD-1DD3-495D-8976-15EB278A71C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {676194B5-276E-4542-BD21-AA3D84B3A034} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {16402100-5ADB-4CBB-B4FC-2E52F973EFD4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {6FC7493F-3233-4963-9340-2CAFDF7963C5} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [491520 2023-09-27] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\Geralex\AppData\Roaming\Winsoft\core.ps1
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{0007069b-4053-4667-be8d-58c668a7c1be}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e06645dd-ddcd-4bb1-9a37-f5611e2597d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-19]
Edge Extension: (Avira Safe Shopping) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-09-22]
Edge Extension: (Avira Password Manager) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-09-22]
Edge Extension: (Google Docs hors connexion) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: jra62g57.default
FF ProfilePath: C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\jra62g57.default [2023-03-03]
FF ProfilePath: C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release [2023-10-19]
FF DownloadDir: C:\Users\Geralex\Desktop
FF Homepage: Mozilla\Firefox\Profiles\18ochptm.default-release -> chrome://browser/content/blanktab.html
FF Extension: (Forecastfox (fix version)) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\forecastfox@s3_fix_version.xpi [2023-04-21]
FF Extension: (PDF Mage) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2023-03-03]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-04-19]
FF Extension: (Podcasts - un lecteur, un téléchargeur et un outil de transcription pour les podcasts) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\tqtifnypmb@gmail.com.xpi [2023-10-01]
FF Extension: (Pinned WhatsApp Web) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2023-05-03]
FF Extension: (RevEye Reverse Image Search) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{1526fba1-ac33-4dfc-99d8-163e6129f7b9}.xpi [2023-10-01]
FF Extension: (Search by Image on Google) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{1d6267dd-4b37-459a-84da-a5d2580daa6a}.xpi [2023-06-06]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2023-08-28]
FF Extension: (ChatGPT for Google) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{4b726fbc-aba9-4fa7-97fd-a42c2511ddf7}.xpi [2023-07-21]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2023-04-15] [] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [15772680 2023-06-14] (Autodesk, Inc. -> Autodesk)
S4 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1261568 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
S4 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [182336 2023-08-22] (eVenture Limited -> eVenture Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-23] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1300352 2023-04-21] (Windscribe Limited -> Windscribe Limited)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AdAppMgrSvc; pas de ImagePath
S2 adsk_dssp_job_server; pas de ImagePath
S2 Autodesk Access Service Host; pas de ImagePath
S2 WsDrvInst; pas de ImagePath
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-10-19] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 hideFirewall; C:\Windows\System32\drivers\hideFirewall.sys [102928 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsla7d0da39; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6566D06E-67BD-41CD-BD15-A920019F1F54}\MpKslDrv.sys [263560 2023-10-19] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslede65c54; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [212264 2023-05-21] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [57768 2023-04-21] (Windscribe Limited -> The OpenVPN Project)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-08-23] (Microsoft Windows -> Microsoft Corporation)
S0 vmci; C:\Windows\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2023-04-21] (Windscribe Limited -> )
R3 windtun420; C:\Windows\System32\drivers\windtun420.sys [47544 2023-04-21] (Windscribe Limited -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U4 DiagTrack; pas de ImagePath
S3 IT9135BDA; \SystemRoot\System32\Drivers\IT9135BDA.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Exécuté par Geralex (administrateur) sur DELL-GERALEX (Dell Inc. Latitude E6320) (19-10-2023 19:56:18)
Exécuté depuis C:\Users\Geralex\Desktop\FRST64.exe
Profils chargés: Geralex
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.2428 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Priyo Hutomo -> ) C:\Users\Geralex\AppData\Local\Programs\TweakNow WinSecret Plus!\TransTaskbar.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2875.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2875.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKLM\Software\Policies\...\system: [DisableLogonBackgroundImage] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\...\Policies\Explorer: []
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SX110 Series 64MonitorBE: C:\Windows\system32\E_ILMFBE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat 11.0\Esl\Aiod.dll",CreateAcroUserSettings
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {812B0A89-364F-4D7A-8070-30719E143949} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1003 -> Pas de fichier <==== ATTENTION
Task: {CB4630F8-3A02-454C-A7C5-4ABE0249F7B6} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1004 -> Pas de fichier <==== ATTENTION
Task: {D79BE8A6-7FD1-4448-86D5-DFE002FC9331} - \OneDrive Standalone Update Task-S-1-5-21-2468335770-3642458589-78257044-1002 -> Pas de fichier <==== ATTENTION
Task: {DFE08992-96CC-4172-8CAC-6DB44C082CD7} - System32\Tasks\CCleanerSkipUAC - user => C:\Softs'Ium\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E56E7B7B-25D8-42EA-A90E-E2B19760A2FE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5261576 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {3B9C2CC0-6DEE-4666-BBBE-D70A1B18D55B} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe" /UA 11.6 /DDV 0x0800 (Pas de fichier)
Task: {62EBD2EE-101B-420D-A327-8B250EFBCEFE} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => "C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe" /UA 17.6 (Pas de fichier)
Task: {ACB45367-39BE-4A36-8E71-217D27887169} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {3689DCC0-91CF-4CEB-8E4F-3486DFCA2495} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5251E7B0-6EB9-49E9-9812-A260C7CE1054} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B46FC45-4B70-4397-A288-4B5A5F175ECE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CAA79B8-FA58-4B06-9896-A0AC015E8D3B} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\Windows\system32\UCPDMgr.exe [58880 2023-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {0A1E8E80-324E-4D36-B006-5D776AE5FD5D} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [491520 2023-09-27] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {E9A76C9A-CD2D-4347-A30D-41208A51FE0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8BE5436-8C41-45B0-8A00-0E911A190284} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67AA1934-C029-4BFA-A562-D3607239CE1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {415AFFFD-1DD3-495D-8976-15EB278A71C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {676194B5-276E-4542-BD21-AA3D84B3A034} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {16402100-5ADB-4CBB-B4FC-2E52F973EFD4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {6FC7493F-3233-4963-9340-2CAFDF7963C5} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [491520 2023-09-27] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\Geralex\AppData\Roaming\Winsoft\core.ps1
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{0007069b-4053-4667-be8d-58c668a7c1be}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e06645dd-ddcd-4bb1-9a37-f5611e2597d5}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKU\S-1-5-21-2468335770-3642458589-78257044-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-19]
Edge Extension: (Avira Safe Shopping) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-09-22]
Edge Extension: (Avira Password Manager) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-09-22]
Edge Extension: (Google Docs hors connexion) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Geralex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: jra62g57.default
FF ProfilePath: C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\jra62g57.default [2023-03-03]
FF ProfilePath: C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release [2023-10-19]
FF DownloadDir: C:\Users\Geralex\Desktop
FF Homepage: Mozilla\Firefox\Profiles\18ochptm.default-release -> chrome://browser/content/blanktab.html
FF Extension: (Forecastfox (fix version)) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\forecastfox@s3_fix_version.xpi [2023-04-21]
FF Extension: (PDF Mage) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2023-03-03]
FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-04-19]
FF Extension: (Podcasts - un lecteur, un téléchargeur et un outil de transcription pour les podcasts) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\tqtifnypmb@gmail.com.xpi [2023-10-01]
FF Extension: (Pinned WhatsApp Web) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2023-05-03]
FF Extension: (RevEye Reverse Image Search) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{1526fba1-ac33-4dfc-99d8-163e6129f7b9}.xpi [2023-10-01]
FF Extension: (Search by Image on Google) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{1d6267dd-4b37-459a-84da-a5d2580daa6a}.xpi [2023-06-06]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2023-08-28]
FF Extension: (ChatGPT for Google) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{4b726fbc-aba9-4fa7-97fd-a42c2511ddf7}.xpi [2023-07-21]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Geralex\AppData\Roaming\Mozilla\Firefox\Profiles\18ochptm.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-08-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2023-04-15] [] [non signé]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [15772680 2023-06-14] (Autodesk, Inc. -> Autodesk)
S4 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1261568 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
S4 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [182336 2023-08-22] (eVenture Limited -> eVenture Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-23] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1300352 2023-04-21] (Windscribe Limited -> Windscribe Limited)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AdAppMgrSvc; pas de ImagePath
S2 adsk_dssp_job_server; pas de ImagePath
S2 Autodesk Access Service Host; pas de ImagePath
S2 WsDrvInst; pas de ImagePath
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-10-19] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 hideFirewall; C:\Windows\System32\drivers\hideFirewall.sys [102928 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsla7d0da39; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6566D06E-67BD-41CD-BD15-A920019F1F54}\MpKslDrv.sys [263560 2023-10-19] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslede65c54; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [212264 2023-05-21] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [57768 2023-04-21] (Windscribe Limited -> The OpenVPN Project)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-08-23] (Microsoft Windows -> Microsoft Corporation)
S0 vmci; C:\Windows\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2023-04-21] (Windscribe Limited -> )
R3 windtun420; C:\Windows\System32\drivers\windtun420.sys [47544 2023-04-21] (Windscribe Limited -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U4 DiagTrack; pas de ImagePath
S3 IT9135BDA; \SystemRoot\System32\Drivers\IT9135BDA.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)