Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15.03.2024
Exécuté par antho (administrateur) sur DESKTOP-DJR5GQO (ASUSTeK COMPUTER INC. X756UV) (17-03-2024 13:28:31)
Exécuté depuis C:\Users\antho\Downloads\FRST64.exe
Profils chargés: antho
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2486 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCopyAccelerator.exe
(C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files\CrystalDiskInfo\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Conexant Systems, Inc.) [Fichier non signé] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.2141.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.2141.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(svchost.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1068512 2022-10-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\...\Run: [Mattermost] => "C:\Users\antho\AppData\Local\Programs\mattermost-desktop\Mattermost.exe" (Pas de fichier)
HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\...\Run: [MicrosoftEdgeAutoLaunch_22678834D11EF8347D026DFE52821DD9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-10-16] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-17] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {BE6A09A9-73DD-423F-8DB1-1096AE893F07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {DCB891E6-3817-4948-993C-B310398CC497} - System32\Tasks\GoogleUpdateTaskMachineCore{5D23DE45-0BAF-4EA1-A64D-77EB7B51B7C6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {2D2D3C1E-4521-4D39-8AB6-10C1AF0D9018} - System32\Tasks\GoogleUpdateTaskMachineUA{73031292-B113-4514-B713-C43D216E0030} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {A6A513A2-E03B-44CE-87A9-AD625D0BA5CE} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Fichier non signé]
Task: {177CEA3E-6DC6-438B-BDEB-DC756923C4F5} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {70DDDA1F-D0CC-45C8-9DE0-5FF7B6CC6594} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BEF2EB2-751F-4DA5-A1E5-703E127777A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5982797-8172-41CF-967D-D9D11281B8F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3CF421AC-D05B-4F32-968A-5C9760B2F972} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}\7416C61687970214432302537423443403: [DhcpNameServer] 192.168.67.235
Edge:
=======
Edge Profile: C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-17]
Edge Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-17]
Edge Extension: (Edge relevant text changes) - C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-17]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-10-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default [2024-03-17]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-17]
CHR Extension: (wanteeed) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-03-17]
CHR Extension: (Yoroi) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2024-03-17]
CHR Extension: (Word Counter Plus) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjegfbcdijjfkceenlfoehpcakfgldj [2022-01-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-17]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-17]
CHR Extension: (White Rabbit) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\hikfjdigkaodnikkepcclccgpbokkmfe [2022-04-05]
CHR Extension: (Hoxx VPN Proxy) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2024-03-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-30]
CHR Extension: (Marc Ecko) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2022-01-30]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-17]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-19]
CHR Notifications: Profile 1 -> hxxps://meet.google.com
CHR Session Restore: Profile 1 -> est activé.
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-25]
CHR Extension: (Word Counter Plus) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjegfbcdijjfkceenlfoehpcakfgldj [2022-08-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-17]
CHR HKLM\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm]
CHR HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923616 2022-10-07] (Adobe Inc. -> Adobe Inc.)
R2 NativePushService; C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [113152 2022-01-30] (Conexant Systems, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKslad730d5d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{811C5610-BCE9-4D4B-B585-7A2DD2E09EC1}\MpKslDrv.sys [300312 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-17 13:28 - 2024-03-17 13:31 - 000019339 _____ C:\Users\antho\Downloads\FRST.txt
2024-03-17 13:25 - 2024-03-17 13:25 - 002390528 _____ (Farbar) C:\Users\antho\Downloads\FRST64.exe
2024-03-17 13:22 - 2024-03-17 13:24 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2024-03-17 13:22 - 2024-03-17 13:22 - 000001836 _____ C:\Users\antho\OneDrive\Bureau\CrystalDiskInfo.lnk
2024-03-17 13:22 - 2024-03-17 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2024-03-17 13:21 - 2024-03-17 13:22 - 005915672 _____ (Crystal Dew World ) C:\Users\antho\Downloads\CrystalDiskInfo9_2_3.exe
2024-03-17 12:07 - 2024-03-17 12:07 - 000000000 ___HD C:\$WinREAgent
2024-03-17 11:43 - 2024-03-17 11:43 - 000000016 _____ C:\ProgramData\mntemp
2024-03-17 11:43 - 2024-03-17 11:43 - 000000000 ____D C:\Voiceover
2024-03-17 11:41 - 2024-03-17 11:41 - 000001470 _____ C:\Users\antho\OneDrive\Bureau\Wondershare Filmora 13.lnk
2024-03-17 11:41 - 2024-03-17 11:41 - 000000000 ____D C:\Users\antho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-03-17 11:38 - 2024-03-17 13:20 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-03-17 11:38 - 2024-03-17 11:47 - 000000000 ____D C:\ProgramData\Wondershare
2024-03-17 11:38 - 2024-03-17 11:44 - 000000000 ____D C:\Users\antho\AppData\Roaming\Wondershare
2024-03-17 11:38 - 2024-03-17 11:42 - 000000000 ____D C:\Users\antho\AppData\Local\Wondershare
2024-03-17 11:34 - 2024-03-17 11:34 - 002039288 _____ C:\Users\antho\Downloads\filmora_setup_full7552.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-17 13:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-17 13:30 - 2021-12-04 14:19 - 000000000 ____D C:\FRST
2024-03-17 13:21 - 2022-02-26 13:02 - 000000000 ____D C:\Windows\SystemTemp
2024-03-17 13:21 - 2022-01-30 13:53 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-17 13:19 - 2022-01-30 13:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-17 12:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-17 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-17 11:52 - 2022-01-30 13:47 - 000000000 ____D C:\Users\antho\AppData\Local\Packages
2024-03-17 11:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-17 11:45 - 2022-01-30 13:47 - 000000000 ____D C:\Users\antho\AppData\Local\D3DSCache
2024-03-17 11:41 - 2022-01-30 13:47 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 11:32 - 2022-06-24 14:30 - 000000000 ____D C:\Users\antho\AppData\LocalLow\Adobe
2024-03-17 11:32 - 2022-06-23 11:39 - 000000000 ____D C:\Users\antho\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:31 - 2022-01-30 13:10 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-17 11:25 - 2022-06-23 11:13 - 000000000 ____D C:\Users\antho\AppData\Local\Adobe
2024-03-17 11:23 - 2022-02-02 11:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-03-17 11:22 - 2022-02-02 11:14 - 000000000 __SHD C:\Users\antho\IntelGraphicsProfiles
2024-03-17 11:22 - 2022-01-31 08:53 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-17 11:16 - 2022-01-30 13:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-17 11:16 - 2021-04-30 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-17 11:16 - 2017-01-11 19:25 - 000000000 ___HD C:\Intel
2024-03-17 11:15 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-17 11:13 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-03-17 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-03-17 11:12 - 2022-01-30 13:13 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:10 - 2022-02-01 09:39 - 000000000 ____D C:\Windows\system32\MRT
2024-03-17 11:09 - 2022-02-01 09:39 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-17 11:06 - 2022-11-03 09:18 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-17 11:04 - 2022-11-03 09:17 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-03-17 11:04 - 2022-11-03 09:17 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-17 11:03 - 2022-01-30 13:53 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{73031292-B113-4514-B713-C43D216E0030}
2024-03-17 11:03 - 2022-01-30 13:53 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{5D23DE45-0BAF-4EA1-A64D-77EB7B51B7C6}
2024-03-17 10:53 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-17 10:52 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-03-17 10:47 - 2022-01-31 08:51 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-03-17 10:47 - 2022-01-30 13:11 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-17 10:47 - 2022-01-30 13:11 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-17 10:45 - 2022-01-30 13:55 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3037608147-2764415083-4069503796-1001
2024-03-17 10:45 - 2022-01-30 13:53 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3037608147-2764415083-4069503796-1001
2024-03-17 10:45 - 2022-01-30 13:44 - 000002423 _____ C:\Users\antho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par antho (administrateur) sur DESKTOP-DJR5GQO (ASUSTeK COMPUTER INC. X756UV) (17-03-2024 13:28:31)
Exécuté depuis C:\Users\antho\Downloads\FRST64.exe
Profils chargés: antho
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2486 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCopyAccelerator.exe
(C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files\CrystalDiskInfo\DiskInfo64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Conexant Systems, Inc.) [Fichier non signé] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.2141.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.2141.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(svchost.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1068512 2022-10-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\...\Run: [Mattermost] => "C:\Users\antho\AppData\Local\Programs\mattermost-desktop\Mattermost.exe" (Pas de fichier)
HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\...\Run: [MicrosoftEdgeAutoLaunch_22678834D11EF8347D026DFE52821DD9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-10-16] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-17] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {BE6A09A9-73DD-423F-8DB1-1096AE893F07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {DCB891E6-3817-4948-993C-B310398CC497} - System32\Tasks\GoogleUpdateTaskMachineCore{5D23DE45-0BAF-4EA1-A64D-77EB7B51B7C6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {2D2D3C1E-4521-4D39-8AB6-10C1AF0D9018} - System32\Tasks\GoogleUpdateTaskMachineUA{73031292-B113-4514-B713-C43D216E0030} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {A6A513A2-E03B-44CE-87A9-AD625D0BA5CE} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Fichier non signé]
Task: {177CEA3E-6DC6-438B-BDEB-DC756923C4F5} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {70DDDA1F-D0CC-45C8-9DE0-5FF7B6CC6594} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BEF2EB2-751F-4DA5-A1E5-703E127777A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5982797-8172-41CF-967D-D9D11281B8F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3CF421AC-D05B-4F32-968A-5C9760B2F972} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b04a701d-978b-428d-9ae2-d4655e792520}\7416C61687970214432302537423443403: [DhcpNameServer] 192.168.67.235
Edge:
=======
Edge Profile: C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-17]
Edge Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-17]
Edge Extension: (Edge relevant text changes) - C:\Users\antho\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-17]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-10-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default [2024-03-17]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-17]
CHR Extension: (wanteeed) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-03-17]
CHR Extension: (Yoroi) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2024-03-17]
CHR Extension: (Word Counter Plus) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjegfbcdijjfkceenlfoehpcakfgldj [2022-01-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-17]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-03-17]
CHR Extension: (White Rabbit) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\hikfjdigkaodnikkepcclccgpbokkmfe [2022-04-05]
CHR Extension: (Hoxx VPN Proxy) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2024-03-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-30]
CHR Extension: (Marc Ecko) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2022-01-30]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-17]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-19]
CHR Notifications: Profile 1 -> hxxps://meet.google.com
CHR Session Restore: Profile 1 -> est activé.
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-25]
CHR Extension: (Word Counter Plus) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjegfbcdijjfkceenlfoehpcakfgldj [2022-08-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\antho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Profile: C:\Users\antho\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-17]
CHR HKLM\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm]
CHR HKU\S-1-5-21-3037608147-2764415083-4069503796-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923616 2022-10-07] (Adobe Inc. -> Adobe Inc.)
R2 NativePushService; C:\Users\antho\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [113152 2022-01-30] (Conexant Systems, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKslad730d5d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{811C5610-BCE9-4D4B-B585-7A2DD2E09EC1}\MpKslDrv.sys [300312 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-17 13:28 - 2024-03-17 13:31 - 000019339 _____ C:\Users\antho\Downloads\FRST.txt
2024-03-17 13:25 - 2024-03-17 13:25 - 002390528 _____ (Farbar) C:\Users\antho\Downloads\FRST64.exe
2024-03-17 13:22 - 2024-03-17 13:24 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2024-03-17 13:22 - 2024-03-17 13:22 - 000001836 _____ C:\Users\antho\OneDrive\Bureau\CrystalDiskInfo.lnk
2024-03-17 13:22 - 2024-03-17 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2024-03-17 13:21 - 2024-03-17 13:22 - 005915672 _____ (Crystal Dew World ) C:\Users\antho\Downloads\CrystalDiskInfo9_2_3.exe
2024-03-17 12:07 - 2024-03-17 12:07 - 000000000 ___HD C:\$WinREAgent
2024-03-17 11:43 - 2024-03-17 11:43 - 000000016 _____ C:\ProgramData\mntemp
2024-03-17 11:43 - 2024-03-17 11:43 - 000000000 ____D C:\Voiceover
2024-03-17 11:41 - 2024-03-17 11:41 - 000001470 _____ C:\Users\antho\OneDrive\Bureau\Wondershare Filmora 13.lnk
2024-03-17 11:41 - 2024-03-17 11:41 - 000000000 ____D C:\Users\antho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-03-17 11:38 - 2024-03-17 13:20 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-03-17 11:38 - 2024-03-17 11:47 - 000000000 ____D C:\ProgramData\Wondershare
2024-03-17 11:38 - 2024-03-17 11:44 - 000000000 ____D C:\Users\antho\AppData\Roaming\Wondershare
2024-03-17 11:38 - 2024-03-17 11:42 - 000000000 ____D C:\Users\antho\AppData\Local\Wondershare
2024-03-17 11:34 - 2024-03-17 11:34 - 002039288 _____ C:\Users\antho\Downloads\filmora_setup_full7552.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-17 13:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-17 13:30 - 2021-12-04 14:19 - 000000000 ____D C:\FRST
2024-03-17 13:21 - 2022-02-26 13:02 - 000000000 ____D C:\Windows\SystemTemp
2024-03-17 13:21 - 2022-01-30 13:53 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-17 13:19 - 2022-01-30 13:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-17 12:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-17 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-17 11:52 - 2022-01-30 13:47 - 000000000 ____D C:\Users\antho\AppData\Local\Packages
2024-03-17 11:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-17 11:45 - 2022-01-30 13:47 - 000000000 ____D C:\Users\antho\AppData\Local\D3DSCache
2024-03-17 11:41 - 2022-01-30 13:47 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 11:32 - 2022-06-24 14:30 - 000000000 ____D C:\Users\antho\AppData\LocalLow\Adobe
2024-03-17 11:32 - 2022-06-23 11:39 - 000000000 ____D C:\Users\antho\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:31 - 2022-01-30 13:10 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-17 11:25 - 2022-06-23 11:13 - 000000000 ____D C:\Users\antho\AppData\Local\Adobe
2024-03-17 11:23 - 2022-02-02 11:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-03-17 11:22 - 2022-02-02 11:14 - 000000000 __SHD C:\Users\antho\IntelGraphicsProfiles
2024-03-17 11:22 - 2022-01-31 08:53 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-17 11:16 - 2022-01-30 13:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-17 11:16 - 2021-04-30 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-17 11:16 - 2017-01-11 19:25 - 000000000 ___HD C:\Intel
2024-03-17 11:15 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-17 11:13 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-03-17 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-03-17 11:12 - 2022-01-30 13:13 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:10 - 2022-02-01 09:39 - 000000000 ____D C:\Windows\system32\MRT
2024-03-17 11:09 - 2022-02-01 09:39 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-17 11:06 - 2022-11-03 09:18 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-17 11:04 - 2022-11-03 09:17 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-03-17 11:04 - 2022-11-03 09:17 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-17 11:03 - 2022-01-30 13:53 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{73031292-B113-4514-B713-C43D216E0030}
2024-03-17 11:03 - 2022-01-30 13:53 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{5D23DE45-0BAF-4EA1-A64D-77EB7B51B7C6}
2024-03-17 10:53 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-17 10:52 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-03-17 10:47 - 2022-01-31 08:51 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-03-17 10:47 - 2022-01-30 13:11 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-17 10:47 - 2022-01-30 13:11 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-17 10:45 - 2022-01-30 13:55 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3037608147-2764415083-4069503796-1001
2024-03-17 10:45 - 2022-01-30 13:53 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3037608147-2764415083-4069503796-1001
2024-03-17 10:45 - 2022-01-30 13:44 - 000002423 _____ C:\Users\antho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================