Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Exécuté par Ali (administrateur) sur DESKTOP-RLFQFF4 (Acer Aspire VN7-793G) (19-01-2024 23:13:40)
Exécuté depuis C:\Users\Ali\Desktop\FRST64.exe
Profils chargés: Ali
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Scarlet.Crush Productions) [Fichier non signé] C:\ScpServer\bin\ScpService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384864 2017-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1492960 2017-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [Discord] => C:\Users\Ali\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37105616 2023-10-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ali\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-05-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2729576 2024-01-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [MicrosoftEdgeAutoLaunch_5849BF807E016217A11F1D6C1C6FB425] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {82450D04-39C7-4726-91B8-877C3B3DFE5A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8DE9E53B-08C6-4D93-BFCD-DAFA396287F4} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6b8120fe-362a-4f72-95ed-b2dde10338d5" --version "6.20.10897" --silent
Task: {1CC6B6C4-F6CA-418F-BD0E-2A2B57C21966} - System32\Tasks\CCleanerSkipUAC - Ali => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {150ED5C7-C864-45F9-85D6-27D72CF465E4} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{D4C0E7A8-A39D-4E86-8793-CD31C89DCE6A} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {1526FA11-374B-43B1-A79B-9FB85302557B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23542704 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {91C633EC-784B-4A91-A453-4576D67CEBB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23542704 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {978695C1-4E7D-4787-AD3E-D7EDF93A34FA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe (Pas de fichier)
Task: {2192C83A-7801-4DC2-A454-0D36B4C1AAD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (Pas de fichier)
Task: {AC868DF8-A384-4A34-A3CD-9585DE1235D4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208144 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F5B2DED-2373-46B1-B2DD-16A40B99FA82} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208144 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6C63317-CC76-4FBA-BFC9-EA7B19E6F989} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3506568 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD6F3049-C208-4B56-94AE-0E5A29726779} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3506568 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF68B64-8010-4C8B-B6C8-9D50A731D21F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1529E5BF-684A-465F-A8BC-DF6B12BD612C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5AE3283-23FF-47F2-8496-263EA634D0DF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {F924A35D-BFF6-4D8C-9BBA-C496DF037565} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {63BD6C74-AFE2-4F3B-81DA-E927C353CF8D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {15222729-F6F3-4D57-8939-60E738710BEA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6607D18-F260-42F9-B117-9F63BF1B3C6B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {EDEACB98-6589-47F5-9953-66C83CBDEC64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FDAE2B6C-2074-4D5E-9F74-0F5C044FAB65} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB3FDA13-C9D1-420A-AF0F-EDF83B588089} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9020F89B-A6EC-4BA1-BAF1-B5FD5DB48D6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7C020B1-7F0F-4B3E-8019-9E888822302B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D67133A6-FBCC-42B9-AAB3-8B80E1530116} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29D93269-33DD-4391-A4E0-0DFC38D09FC2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8D4978D-9DA3-45A1-BDE0-439F7F5F7E42} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED1E31C1-C8F0-41AB-B571-E68B2D794DB6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-2158282799-3516595556-4141620104-1001] => 89.140.125.17:80
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\1646D696E6: [DhcpNameServer] 10.255.255.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\25F637560246275616D602: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\25F637560246275616D6025374: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\C6160266F6E6471696E656: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\F42716E67656D224545464: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\F42716E67656D224545464: [DhcpDomain] .home
Tcpip\..\Interfaces\{8cc07abb-3e24-4771-a1cd-90a7f8850364}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{9ddef280-d344-4c76-8091-c31a9be77a83}: [DhcpNameServer] 8.8.8.8 212.217.0.1
Tcpip\..\Interfaces\{9ef97b6b-d7ca-472c-bd36-4fdcf358fdb3}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{9ef97b6b-d7ca-472c-bd36-4fdcf358fdb3}\84745333136513D2855374846434: [DhcpNameServer] 192.168.1.1 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-19]
Edge HomePage: Default -> hxxp://www.index-ma.com/
Edge StartupUrls: Default -> "hxxp://www.index-ma.com/"
Edge DefaultSearchURL: Default -> hxxp://www.index-ma.com/search?q={searchTerms}
Edge DefaultSearchKeyword: Default -> index-ma.com
Edge Extension: (Google Docs hors connexion) - C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-30]
FireFox:
========
FF DefaultProfile: fqups9x5.default
FF ProfilePath: C:\Users\Ali\AppData\Roaming\Zotero\Zotero\Profiles\fqups9x5.default [2023-10-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default [2024-01-19]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (uBlock Origin) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-16]
CHR Extension: (Zotero Connector) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2023-10-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-16]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-30]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9479600 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Ds3Service; C:\ScpServer\bin\ScpService.exe [381952 2014-04-03] (Scarlet.Crush Productions) [Fichier non signé]
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12006504 2024-01-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-16] (Malwarebytes Inc. -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2023-03-05] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1201648 2023-11-24] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-01-16] (Malwarebytes Inc. -> Malwarebytes)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
S3 MpKsl3d53e2d2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB19AA95-6A9E-4652-8ACB-836FC176589A}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Exécuté par Ali (administrateur) sur DESKTOP-RLFQFF4 (Acer Aspire VN7-793G) (19-01-2024 23:13:40)
Exécuté depuis C:\Users\Ali\Desktop\FRST64.exe
Profils chargés: Ali
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Scarlet.Crush Productions) [Fichier non signé] C:\ScpServer\bin\ScpService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384864 2017-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1492960 2017-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [Discord] => C:\Users\Ali\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37105616 2023-10-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ali\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-05-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2729576 2024-01-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Run: [MicrosoftEdgeAutoLaunch_5849BF807E016217A11F1D6C1C6FB425] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2158282799-3516595556-4141620104-1001\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {82450D04-39C7-4726-91B8-877C3B3DFE5A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8DE9E53B-08C6-4D93-BFCD-DAFA396287F4} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6b8120fe-362a-4f72-95ed-b2dde10338d5" --version "6.20.10897" --silent
Task: {1CC6B6C4-F6CA-418F-BD0E-2A2B57C21966} - System32\Tasks\CCleanerSkipUAC - Ali => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {150ED5C7-C864-45F9-85D6-27D72CF465E4} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{D4C0E7A8-A39D-4E86-8793-CD31C89DCE6A} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {1526FA11-374B-43B1-A79B-9FB85302557B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23542704 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {91C633EC-784B-4A91-A453-4576D67CEBB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23542704 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {978695C1-4E7D-4787-AD3E-D7EDF93A34FA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe (Pas de fichier)
Task: {2192C83A-7801-4DC2-A454-0D36B4C1AAD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (Pas de fichier)
Task: {AC868DF8-A384-4A34-A3CD-9585DE1235D4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208144 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F5B2DED-2373-46B1-B2DD-16A40B99FA82} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208144 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6C63317-CC76-4FBA-BFC9-EA7B19E6F989} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3506568 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD6F3049-C208-4B56-94AE-0E5A29726779} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3506568 2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF68B64-8010-4C8B-B6C8-9D50A731D21F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1529E5BF-684A-465F-A8BC-DF6B12BD612C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5AE3283-23FF-47F2-8496-263EA634D0DF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {F924A35D-BFF6-4D8C-9BBA-C496DF037565} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {63BD6C74-AFE2-4F3B-81DA-E927C353CF8D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {15222729-F6F3-4D57-8939-60E738710BEA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6607D18-F260-42F9-B117-9F63BF1B3C6B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {EDEACB98-6589-47F5-9953-66C83CBDEC64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FDAE2B6C-2074-4D5E-9F74-0F5C044FAB65} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB3FDA13-C9D1-420A-AF0F-EDF83B588089} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9020F89B-A6EC-4BA1-BAF1-B5FD5DB48D6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7C020B1-7F0F-4B3E-8019-9E888822302B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D67133A6-FBCC-42B9-AAB3-8B80E1530116} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29D93269-33DD-4391-A4E0-0DFC38D09FC2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8D4978D-9DA3-45A1-BDE0-439F7F5F7E42} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED1E31C1-C8F0-41AB-B571-E68B2D794DB6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-2158282799-3516595556-4141620104-1001] => 89.140.125.17:80
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\1646D696E6: [DhcpNameServer] 10.255.255.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\25F637560246275616D602: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\25F637560246275616D6025374: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\C6160266F6E6471696E656: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\F42716E67656D224545464: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{06d1a9d6-2d6f-4047-8d1e-110422cf240c}\F42716E67656D224545464: [DhcpDomain] .home
Tcpip\..\Interfaces\{8cc07abb-3e24-4771-a1cd-90a7f8850364}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{9ddef280-d344-4c76-8091-c31a9be77a83}: [DhcpNameServer] 8.8.8.8 212.217.0.1
Tcpip\..\Interfaces\{9ef97b6b-d7ca-472c-bd36-4fdcf358fdb3}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{9ef97b6b-d7ca-472c-bd36-4fdcf358fdb3}\84745333136513D2855374846434: [DhcpNameServer] 192.168.1.1 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-19]
Edge HomePage: Default -> hxxp://www.index-ma.com/
Edge StartupUrls: Default -> "hxxp://www.index-ma.com/"
Edge DefaultSearchURL: Default -> hxxp://www.index-ma.com/search?q={searchTerms}
Edge DefaultSearchKeyword: Default -> index-ma.com
Edge Extension: (Google Docs hors connexion) - C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Ali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-30]
FireFox:
========
FF DefaultProfile: fqups9x5.default
FF ProfilePath: C:\Users\Ali\AppData\Roaming\Zotero\Zotero\Profiles\fqups9x5.default [2023-10-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default [2024-01-19]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (uBlock Origin) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-16]
CHR Extension: (Zotero Connector) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2023-10-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-16]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ali\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-30]
CHR Profile: C:\Users\Ali\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9479600 2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 Ds3Service; C:\ScpServer\bin\ScpService.exe [381952 2014-04-03] (Scarlet.Crush Productions) [Fichier non signé]
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12006504 2024-01-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-16] (Malwarebytes Inc. -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2023-03-05] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1201648 2023-11-24] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-01-16] (Malwarebytes Inc. -> Malwarebytes)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
S3 MpKsl3d53e2d2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB19AA95-6A9E-4652-8ACB-836FC176589A}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)