Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.04.2024
Exécuté par Bratak (administrateur) sur BRATAK-PC (MSI MS-7681) (17-04-2024 21:57:27)
Exécuté depuis C:\Users\Bratak\Desktop\FRST64.exe
Profils chargés: Bratak
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4291 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
(explorer.exe ->) (Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\lxdxcoms.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (StarWind Software) [Fichier non signé] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4289_none_7e26f6bc7c7a4793\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [423832 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [26624 2011-05-13] (Creative Technology Ltd.) [Fichier non signé]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [lxdxmon.exe] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] (Lexmark International, Inc. -> )
HKLM\...\Run: [lxdxamon] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2010-02-04] (Lexmark International, Inc. -> )
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.) [Fichier non signé]
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd) [Fichier non signé]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-19] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2018-05-29] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Tomtomax MaxiBox] => C:\Program Files (x86)\Tomtomax Maxi-Box V3\tomtomax_maxibox.exe [1686528 2018-04-05] (KoakDesign & Tomtomax) [Fichier non signé]
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1423608 2024-03-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [MicrosoftEdgeAutoLaunch_0FA4828AC9D3AF50620FEF8A8C9D38BD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Lexmark 3600-4600 Series Print Processor: C:\Windows\System32\spool\prtprocs\x64\lxdxdrpp.dll [177664 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\ssy4cPC: C:\Windows\System32\spool\prtprocs\x64\ssy4cpc.dll [43520 2015-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\3600-4600 Series Port: C:\WINDOWS\system32\lxdxlmpm.dll [884736 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [399368 2023-09-24] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\ssy4c Langmon: C:\WINDOWS\system32\ssy4clm.dll [22528 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe [2024-04-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0CFE0A9B-E876-4026-9EDD-B1AECCE54F59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {09287C5B-6C99-4597-844D-1EE142B4F246} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7B698F1F-11B7-4619-BE0E-8C18D258E1C9} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D2BCE11E-1B74-401D-90C9-A6AA827BC7CE} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5188504 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {680FFB48-D5C1-41B0-9C36-67A6992130F4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-07] (Avast Software s.r.o. -> Avast Software)
Task: {AC419726-3451-4BCA-985F-624F5535309F} - System32\Tasks\GoogleUpdateTaskMachineCore{68A6E7CD-4243-4202-ADEE-7EA02843C343} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-14] (Google LLC -> Google LLC)
Task: {96BFC63C-9C64-40D7-90B6-B9D788D983E1} - System32\Tasks\GoogleUpdateTaskMachineUA{083EA5CD-E8C2-4589-854B-2D2A137921AF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-14] (Google LLC -> Google LLC)
Task: {37D5C3AE-8BAA-48A8-86ED-F527765A796C} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2010-02-04] (Lexmark International, Inc. -> )
Task: {906AADEF-6309-4EBA-980B-87FDB8E405DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {25A3C903-EC49-45D3-ACA5-D6BB4E109385} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7415CC4F-85B6-4417-A38F-8FE9D6EC96E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA09D833-B1F8-4E99-9CE9-EE5FCB067918} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {E144E37B-8C8B-440B-9592-F6F760DE15AA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {4782D819-E623-4D48-A926-2A310E2118B0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {C074FDCB-1FF5-4138-9521-5B8EB9AB30D4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {99700D24-5670-4F69-83F5-DF4B502E38C0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {433617AB-0217-42DE-8F01-F971CD7F0A9B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {D0828069-B902-4D7C-9A72-8460B96BE09C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {F0F7C429-56A1-4778-9DB7-F5FE5A0076C4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {ADA1D049-F48B-4B82-8623-DB94AB81A4BC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {554A1048-4BAC-4F77-BD0B-C22D35BFCE39} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {14D45741-A07C-4A55-A983-1ECA643EBEF6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {814B877C-1C0E-42A6-9AE8-859ADBFF8938} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {93FC10A6-86EB-4191-B5F2-AF6DA625F6E9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {B5D42ED1-A774-4DDE-8285-2FA072752B3E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4A697D6C-2C97-4671-AFA8-43400FDCF107} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {A811CBA5-B0C6-4C3E-B482-5D411C13B4CE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {4675CC53-32DB-4934-8B5C-450F60E21A11} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {175430CC-DAE7-449E-AC38-6134E9C121E1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {F9BAB911-8FD1-4D4D-8B8D-73476A6635A4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {DE23458B-7DBB-4AD3-BE74-DA3921501B4A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {C9ED82DC-B83E-42EB-A39C-630C969647EB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {2806E872-9D20-4A80-92C8-7AEFC381C1CD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {93AE35F5-6992-4FDB-8DF7-4318A564C9B6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {40B8C7D6-688A-4354-98FA-E471CB3730DD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4D4F75D1-5021-4BAA-9470-8560B46DEB3A} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {437E6179-EA39-4023-AAB7-F83AB7F23185} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0A18FE0C-46E6-4444-B20E-1A5A5A511F3D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-11-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {24747039-D02B-4606-9055-1A1BC6838922} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-11-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {9F59EEDC-EE41-4979-94BC-58A2E72A4BC2} - System32\Tasks\Norton Security Scan for Bratak => C:\PROGRA~2\NORTON~2\Engine\461~1.145\Nss.exe -> C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.145\\/scan-quick /scheduled
Task: {F39544AB-5037-4F92-AC36-D22A47B69197} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3999071465-3090095205-1753645127-1005 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {EBED1FF8-9EFB-4DF5-A616-537F3D844146} - System32\Tasks\UpdaterChromeApp => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> hxxp://www.localdrive.win/
Task: {E25B5B83-DB33-4984-945B-BBA09087BFF7} - System32\Tasks\UpdaterChromeApp2 => C:\Program Files\Google\Chrome\Application\chrome.exe [2773280 2024-04-09] (Google LLC -> Google LLC) -> hxxp://www.localdrive.win/
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e84872e8-75ba-482b-823f-c7b64fcb95c6}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-17]
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBEQo0lOCwIxrzs2Rcb6iYh7SmU9Toh2f2c5M4dqivqMQED7r7BDyVPCimRt0ueuw6iqqP5mjxNdKyT9u5gfep_dBpqApVqYB6Lrbh3WszjUWXWVhO1-7A5M2lA8qyald7biNSIf0WezV-VzjDfCzD5v6SxEXGT-Tt6mtFlDSh0TlxCWroKRo477XnXT6wxrw,,
Edge Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
Edge Extension: (Edge relevant text changes) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2023-08-18]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]
FireFox:
========
FF DefaultProfile: prmk2co6.default
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\TomTom\HOME\Profiles\awufxihi.default [2019-03-28]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-03-09] [] [non signé]
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\prmk2co6.default [2023-04-01]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-01-22] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\prmk2co6.default\Extensions\rapportext@trusteer.com.xpi [2024-04-17] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\itvf3bfs.default-release [2024-04-17]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\itvf3bfs.default-release\Extensions\rapportext@trusteer.com.xpi [2024-04-17] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-05-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default [2024-04-17]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBEQo0lOCwIxrzs2Rcb6iYh7SmU9Toh2f2c5M4dqivqMQED7r7BDyVPCimRt0ueuw6iqqP5mjxNdKyT9u5gfep_dBpqApVqYB6Lrbh3WszjUWXWVhO1-7A5M2lA8qyald7biNSIf0WezV-VzjDfCzD5v6SxEXGT-Tt6mtFlDSh0TlxCWroKRo477XnXT6wxrw,,
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MC65C26C3-0552-461E-86A1-056296D64B71&SearchSource=55&CUI=&UM=6&UP=SP88F4329D-D843-419E-8891-30270AB7D7E8&SSPV=","hxxp://search.iminent.com/?appId=E4024380-CBBE-44C9-A4BD-5DCE6E3519EF","hxxp://websearch.searchinweb.info/?pid=2145&r=2014/01/26&hid=191135908935927888&lg=EN&cc=FR&unqvl=47","hxxp://www.sweet-page.com/?type=hp&ts=1413533945&from=cor&uid=MaxtorX7H500F0_H812JAXH","hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MC65C26C3-0552-461E-86A1-056296D64B71&SearchSource=55&CUI=&UM=6&UP=SP88F4329D-D843-419E-8891-30270AB7D7E8&SSPV=","","hxxp://www.google.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-03-03]
CHR Extension: (Authenticator) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-04-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-19]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-29]
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-02-19]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-29]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-16]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-04-17]
CHR Notifications: Profile 2 -> hxxps://fr.tradingview.com
CHR Session Restore: Profile 2 -> est activé.
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2023-11-05]
CHR Extension: (Authenticator) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-04-16]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-06]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-17]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9139608 2024-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [766360 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2275736 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1201560 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-08-14] (BattlEye Innovations e.K. -> )
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-03-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-04-17] (HP Inc. -> HP Inc.)
S2 lxdxCATSCustConnectService; C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxdxserv.exe [29184 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International, Inc.)
R2 lxdx_device; C:\WINDOWS\system32\lxdxcoms.exe [1039872 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 lxdx_device; C:\WINDOWS\SysWOW64\lxdxcoms.exe [589824 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3032400 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20528 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230448 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268856 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548912 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935992 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695864 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201784 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306232 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-10-30] (Glarysoft LTD -> Glarysoft Ltd)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [14288 2017-03-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 PcaSp60; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA)) [Fichier non signé]
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA)) [Fichier non signé]
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [451992 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2304045; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2304045.sys [1453424 2023-10-22] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544664 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398744 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [451952 2023-10-22] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448880 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557464 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno -> Atola) [Fichier non signé]
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2018-08-20] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [469288 2022-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-13] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S0 mvs91xx; System32\drivers\mvs91xx.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-17 21:57 - 2024-04-17 21:58 - 000042010 _____ C:\Users\Bratak\Desktop\FRST.txt
2024-04-17 21:57 - 2024-04-17 21:58 - 000000000 ____D C:\FRST
2024-04-17 21:38 - 2024-04-17 21:38 - 002394112 _____ (Farbar) C:\Users\Bratak\Desktop\FRST64.exe
2024-04-17 18:53 - 2024-04-17 18:53 - 000019925 _____ C:\Users\Bratak\Downloads\Oh ! Giovanna !.torrent
2024-04-17 18:07 - 2024-04-17 18:07 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTimeTrading
2024-04-17 18:06 - 2024-04-17 18:06 - 008136352 _____ (IT-Finance ) C:\Users\Bratak\Downloads\Installer-ProRealTimeTrading-win64 (2).exe
2024-04-17 17:13 - 2024-04-17 17:13 - 008136352 _____ (IT-Finance ) C:\Users\Bratak\Downloads\Installer-ProRealTimeTrading-win64 (1).exe
2024-04-17 11:16 - 2024-04-17 11:16 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-17 11:15 - 2024-04-17 11:15 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-04-17 10:51 - 2024-04-17 10:51 - 000000000 ___HD C:\$WinREAgent
2024-04-16 21:24 - 2024-04-16 21:24 - 000000000 ____D C:\WINDOWS\system32\o2
2024-04-16 19:28 - 2024-04-16 19:28 - 000154684 _____ C:\Users\Bratak\Downloads\Dune.Part.Two.2024.MULTi.TRUEFRENCH.HDR.DV.2160p.WEB-DL.H265-Slay3R.mkv.torrent
2024-04-16 09:35 - 2024-04-16 09:35 - 000314776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-17 21:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-17 21:57 - 2021-08-04 11:33 - 000000000 ____D C:\Users\Bratak\AppData\Local\CyberGhost
2024-04-17 21:56 - 2018-08-14 00:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-17 21:56 - 2018-05-29 22:16 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\uTorrent
2024-04-17 21:55 - 2023-11-20 01:52 - 000000000 ____D C:\Users\Bratak
2024-04-17 21:55 - 2023-11-20 01:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-17 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-17 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-17 21:55 - 2018-06-10 21:54 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-17 21:55 - 2018-05-27 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-17 21:54 - 2023-11-20 01:55 - 001924358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-17 21:54 - 2019-12-07 16:50 - 000831906 _____ C:\WINDOWS\system32\perfh00C.dat
2024-04-17 21:54 - 2019-12-07 16:50 - 000167672 _____ C:\WINDOWS\system32\perfc00C.dat
2024-04-17 21:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-17 21:53 - 2019-11-16 15:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-04-17 21:52 - 2023-11-20 02:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-17 21:52 - 2020-09-02 16:40 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-17 21:52 - 2018-05-27 22:13 - 000000000 ____D C:\ProgramData\AVAST Software
2024-04-17 21:48 - 2023-11-20 01:50 - 000453952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-17 21:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-04-17 21:45 - 2023-12-24 02:28 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-17 21:45 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-17 21:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-04-17 21:44 - 2023-11-20 01:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-17 21:26 - 2023-11-20 02:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-04-17 21:26 - 2023-08-13 21:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-04-17 21:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-17 18:38 - 2024-01-14 23:03 - 000003602 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{083EA5CD-E8C2-4589-854B-2D2A137921AF}
2024-04-17 18:38 - 2024-01-14 23:03 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{68A6E7CD-4243-4202-ADEE-7EA02843C343}
2024-04-17 18:38 - 2023-11-20 02:11 - 000003822 _____ C:\WINDOWS\system32\Tasks\Norton Security Scan for Bratak
2024-04-17 18:38 - 2023-11-20 02:11 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-17 18:38 - 2023-11-20 02:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-17 18:38 - 2023-11-20 02:11 - 000003394 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-17 18:38 - 2023-11-20 02:11 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3999071465-3090095205-1753645127-1005
2024-04-17 18:38 - 2023-11-20 02:11 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3999071465-3090095205-1753645127-1000
2024-04-17 18:38 - 2023-11-20 02:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3999071465-3090095205-1753645127-1005
2024-04-17 18:38 - 2023-11-20 02:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3999071465-3090095205-1753645127-1000
2024-04-17 18:38 - 2023-11-20 02:11 - 000002596 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2024-04-17 18:38 - 2023-11-20 02:11 - 000002508 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-04-17 18:38 - 2023-11-20 02:11 - 000002482 _____ C:\WINDOWS\system32\Tasks\UpdaterChromeApp
2024-04-17 18:38 - 2023-11-20 02:11 - 000002472 _____ C:\WINDOWS\system32\Tasks\UpdaterChromeApp2
2024-04-17 18:38 - 2023-11-20 02:11 - 000002352 _____ C:\WINDOWS\system32\Tasks\Installation App Launcher
2024-04-17 18:37 - 2023-11-20 02:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-04-17 18:08 - 2018-08-20 22:55 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Excel
2024-04-17 18:07 - 2023-02-12 22:42 - 000002374 _____ C:\Users\Bratak\Desktop\ProRealTime Trading.lnk
2024-04-17 11:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-17 11:16 - 2017-05-04 21:25 - 000416842 __RSH C:\bootmgr
2024-04-17 11:15 - 2023-11-20 01:51 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-17 10:48 - 2018-06-10 23:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-17 10:43 - 2023-10-21 19:22 - 000000000 ____D C:\Program Files\RUXIM
2024-04-17 10:43 - 2018-06-10 23:43 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-17 10:07 - 2019-10-06 18:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-04-16 21:31 - 2021-08-04 11:33 - 000000000 ____D C:\Program Files\CyberGhost 8
2024-04-16 21:21 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-04-16 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-04-16 17:08 - 2018-09-01 10:18 - 000000000 ____D C:\Users\Bratak\AppData\Local\CrashDumps
2024-04-16 15:42 - 2024-01-14 23:04 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-16 15:42 - 2024-01-14 23:04 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-16 10:49 - 2018-08-20 22:46 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Word
2024-04-16 10:41 - 2021-09-28 22:26 - 000000000 ____D C:\Users\Bratak\AppData\Local\IT-Finance
2024-04-16 10:01 - 2018-06-22 22:06 - 000000000 ____D C:\Users\Bratak\AppData\Local\AVAST Software
2024-04-16 09:39 - 2020-07-09 09:08 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-16 09:39 - 2020-07-09 09:08 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-16 09:39 - 2018-06-10 21:19 - 000000000 ____D C:\Users\Bratak\AppData\Local\Packages
2024-04-16 09:37 - 2023-11-20 01:52 - 000002463 _____ C:\Users\Bratak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-16 09:35 - 2020-10-16 14:28 - 000268856 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-04-16 09:35 - 2020-04-18 14:45 - 000548912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-04-16 09:35 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-16 09:35 - 2019-01-06 09:42 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000020528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-04-16 09:35 - 2018-10-11 15:35 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000935992 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000695864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000306232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000230448 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-04-16 09:31 - 2018-08-14 00:09 - 000000000 ____D C:\Users\Bratak\AppData\Local\Steam
==================== Fichiers à la racine de certains dossiers ========
2018-05-27 08:54 - 2018-05-27 08:54 - 000025297 _____ () C:\Users\Bratak\AppData\Roaming\addons.dat
2018-06-21 21:26 - 2018-06-21 21:26 - 000000600 _____ () C:\Users\Bratak\AppData\Roaming\winscp.rnd
2018-10-06 09:28 - 2018-10-06 09:28 - 000000000 _____ () C:\Users\Bratak\AppData\Local\oobelibMkey.log
2018-06-21 21:28 - 2018-06-22 00:08 - 000000600 _____ () C:\Users\Bratak\AppData\Local\PUTTY.RND
2023-06-17 17:11 - 2023-06-17 17:11 - 000004395 _____ () C:\Users\Bratak\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Bratak (administrateur) sur BRATAK-PC (MSI MS-7681) (17-04-2024 21:57:27)
Exécuté depuis C:\Users\Bratak\Desktop\FRST64.exe
Profils chargés: Bratak
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4291 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
(explorer.exe ->) (Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alcohol Soft -> Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\lxdxcoms.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (StarWind Software) [Fichier non signé] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4289_none_7e26f6bc7c7a4793\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [423832 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [26624 2011-05-13] (Creative Technology Ltd.) [Fichier non signé]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [lxdxmon.exe] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] (Lexmark International, Inc. -> )
HKLM\...\Run: [lxdxamon] => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2010-02-04] (Lexmark International, Inc. -> )
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.) [Fichier non signé]
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd) [Fichier non signé]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-19] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2018-05-29] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [Tomtomax MaxiBox] => C:\Program Files (x86)\Tomtomax Maxi-Box V3\tomtomax_maxibox.exe [1686528 2018-04-05] (KoakDesign & Tomtomax) [Fichier non signé]
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1423608 2024-03-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\...\Run: [MicrosoftEdgeAutoLaunch_0FA4828AC9D3AF50620FEF8A8C9D38BD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Lexmark 3600-4600 Series Print Processor: C:\Windows\System32\spool\prtprocs\x64\lxdxdrpp.dll [177664 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\ssy4cPC: C:\Windows\System32\spool\prtprocs\x64\ssy4cpc.dll [43520 2015-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\3600-4600 Series Port: C:\WINDOWS\system32\lxdxlmpm.dll [884736 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\WINDOWS\system32\hpinkstsE511LM.dll [399368 2023-09-24] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\ssy4c Langmon: C:\WINDOWS\system32\ssy4clm.dll [22528 2015-04-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe [2024-04-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0CFE0A9B-E876-4026-9EDD-B1AECCE54F59} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {09287C5B-6C99-4597-844D-1EE142B4F246} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7B698F1F-11B7-4619-BE0E-8C18D258E1C9} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D2BCE11E-1B74-401D-90C9-A6AA827BC7CE} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5188504 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {680FFB48-D5C1-41B0-9C36-67A6992130F4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-07] (Avast Software s.r.o. -> Avast Software)
Task: {AC419726-3451-4BCA-985F-624F5535309F} - System32\Tasks\GoogleUpdateTaskMachineCore{68A6E7CD-4243-4202-ADEE-7EA02843C343} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-14] (Google LLC -> Google LLC)
Task: {96BFC63C-9C64-40D7-90B6-B9D788D983E1} - System32\Tasks\GoogleUpdateTaskMachineUA{083EA5CD-E8C2-4589-854B-2D2A137921AF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-14] (Google LLC -> Google LLC)
Task: {37D5C3AE-8BAA-48A8-86ED-F527765A796C} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2010-02-04] (Lexmark International, Inc. -> )
Task: {906AADEF-6309-4EBA-980B-87FDB8E405DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {25A3C903-EC49-45D3-ACA5-D6BB4E109385} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7415CC4F-85B6-4417-A38F-8FE9D6EC96E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA09D833-B1F8-4E99-9CE9-EE5FCB067918} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {E144E37B-8C8B-440B-9592-F6F760DE15AA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {4782D819-E623-4D48-A926-2A310E2118B0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {C074FDCB-1FF5-4138-9521-5B8EB9AB30D4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {99700D24-5670-4F69-83F5-DF4B502E38C0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {433617AB-0217-42DE-8F01-F971CD7F0A9B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {D0828069-B902-4D7C-9A72-8460B96BE09C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {F0F7C429-56A1-4778-9DB7-F5FE5A0076C4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {ADA1D049-F48B-4B82-8623-DB94AB81A4BC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {554A1048-4BAC-4F77-BD0B-C22D35BFCE39} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {14D45741-A07C-4A55-A983-1ECA643EBEF6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {814B877C-1C0E-42A6-9AE8-859ADBFF8938} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {93FC10A6-86EB-4191-B5F2-AF6DA625F6E9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {B5D42ED1-A774-4DDE-8285-2FA072752B3E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4A697D6C-2C97-4671-AFA8-43400FDCF107} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {A811CBA5-B0C6-4C3E-B482-5D411C13B4CE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {4675CC53-32DB-4934-8B5C-450F60E21A11} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {175430CC-DAE7-449E-AC38-6134E9C121E1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {F9BAB911-8FD1-4D4D-8B8D-73476A6635A4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {DE23458B-7DBB-4AD3-BE74-DA3921501B4A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {C9ED82DC-B83E-42EB-A39C-630C969647EB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {2806E872-9D20-4A80-92C8-7AEFC381C1CD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {93AE35F5-6992-4FDB-8DF7-4318A564C9B6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {40B8C7D6-688A-4354-98FA-E471CB3730DD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4D4F75D1-5021-4BAA-9470-8560B46DEB3A} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {437E6179-EA39-4023-AAB7-F83AB7F23185} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0A18FE0C-46E6-4444-B20E-1A5A5A511F3D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-11-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {24747039-D02B-4606-9055-1A1BC6838922} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-11-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {9F59EEDC-EE41-4979-94BC-58A2E72A4BC2} - System32\Tasks\Norton Security Scan for Bratak => C:\PROGRA~2\NORTON~2\Engine\461~1.145\Nss.exe -> C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.145\\/scan-quick /scheduled
Task: {F39544AB-5037-4F92-AC36-D22A47B69197} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3999071465-3090095205-1753645127-1005 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {EBED1FF8-9EFB-4DF5-A616-537F3D844146} - System32\Tasks\UpdaterChromeApp => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> hxxp://www.localdrive.win/
Task: {E25B5B83-DB33-4984-945B-BBA09087BFF7} - System32\Tasks\UpdaterChromeApp2 => C:\Program Files\Google\Chrome\Application\chrome.exe [2773280 2024-04-09] (Google LLC -> Google LLC) -> hxxp://www.localdrive.win/
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e84872e8-75ba-482b-823f-c7b64fcb95c6}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-17]
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBEQo0lOCwIxrzs2Rcb6iYh7SmU9Toh2f2c5M4dqivqMQED7r7BDyVPCimRt0ueuw6iqqP5mjxNdKyT9u5gfep_dBpqApVqYB6Lrbh3WszjUWXWVhO1-7A5M2lA8qyald7biNSIf0WezV-VzjDfCzD5v6SxEXGT-Tt6mtFlDSh0TlxCWroKRo477XnXT6wxrw,,
Edge Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
Edge Extension: (Edge relevant text changes) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2023-08-18]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]
FireFox:
========
FF DefaultProfile: prmk2co6.default
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\TomTom\HOME\Profiles\awufxihi.default [2019-03-28]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-03-09] [] [non signé]
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\prmk2co6.default [2023-04-01]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-01-22] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\prmk2co6.default\Extensions\rapportext@trusteer.com.xpi [2024-04-17] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\itvf3bfs.default-release [2024-04-17]
FF Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Roaming\Mozilla\Firefox\Profiles\itvf3bfs.default-release\Extensions\rapportext@trusteer.com.xpi [2024-04-17] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-05-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default [2024-04-17]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBEQo0lOCwIxrzs2Rcb6iYh7SmU9Toh2f2c5M4dqivqMQED7r7BDyVPCimRt0ueuw6iqqP5mjxNdKyT9u5gfep_dBpqApVqYB6Lrbh3WszjUWXWVhO1-7A5M2lA8qyald7biNSIf0WezV-VzjDfCzD5v6SxEXGT-Tt6mtFlDSh0TlxCWroKRo477XnXT6wxrw,,
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MC65C26C3-0552-461E-86A1-056296D64B71&SearchSource=55&CUI=&UM=6&UP=SP88F4329D-D843-419E-8891-30270AB7D7E8&SSPV=","hxxp://search.iminent.com/?appId=E4024380-CBBE-44C9-A4BD-5DCE6E3519EF","hxxp://websearch.searchinweb.info/?pid=2145&r=2014/01/26&hid=191135908935927888&lg=EN&cc=FR&unqvl=47","hxxp://www.sweet-page.com/?type=hp&ts=1413533945&from=cor&uid=MaxtorX7H500F0_H812JAXH","hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MC65C26C3-0552-461E-86A1-056296D64B71&SearchSource=55&CUI=&UM=6&UP=SP88F4329D-D843-419E-8891-30270AB7D7E8&SSPV=","","hxxp://www.google.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-03-03]
CHR Extension: (Authenticator) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-04-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-19]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-29]
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-02-19]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-29]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-16]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-04-17]
CHR Notifications: Profile 2 -> hxxps://fr.tradingview.com
CHR Session Restore: Profile 2 -> est activé.
CHR Extension: (IBM Security Rapport) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2023-11-05]
CHR Extension: (Authenticator) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-04-16]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-16]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-06]
CHR Profile: C:\Users\Bratak\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-17]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3999071465-3090095205-1753645127-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9139608 2024-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [766360 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2275736 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1201560 2024-04-16] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-28] (Avast Software s.r.o. -> AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-08-14] (BattlEye Innovations e.K. -> )
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [82680 2024-03-20] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-04-17] (HP Inc. -> HP Inc.)
S2 lxdxCATSCustConnectService; C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxdxserv.exe [29184 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International, Inc.)
R2 lxdx_device; C:\WINDOWS\system32\lxdxcoms.exe [1039872 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 lxdx_device; C:\WINDOWS\SysWOW64\lxdxcoms.exe [589824 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3032400 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20528 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230448 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268856 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548912 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935992 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695864 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201784 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306232 2024-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-10-30] (Glarysoft LTD -> Glarysoft Ltd)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [14288 2017-03-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 PcaSp60; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA)) [Fichier non signé]
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA)) [Fichier non signé]
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [451992 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportCerberus_2304045; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2304045.sys [1453424 2023-10-22] (International Business Machines Corporation -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544664 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398744 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [451952 2023-10-22] (International Business Machines Corporation -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448880 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557464 2023-06-19] (International Business Machines Corporation -> IBM Corp.)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno -> Atola) [Fichier non signé]
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2018-08-20] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-06-19] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2022-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [469288 2022-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-13] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S0 mvs91xx; System32\drivers\mvs91xx.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-17 21:57 - 2024-04-17 21:58 - 000042010 _____ C:\Users\Bratak\Desktop\FRST.txt
2024-04-17 21:57 - 2024-04-17 21:58 - 000000000 ____D C:\FRST
2024-04-17 21:38 - 2024-04-17 21:38 - 002394112 _____ (Farbar) C:\Users\Bratak\Desktop\FRST64.exe
2024-04-17 18:53 - 2024-04-17 18:53 - 000019925 _____ C:\Users\Bratak\Downloads\Oh ! Giovanna !.torrent
2024-04-17 18:07 - 2024-04-17 18:07 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProRealTimeTrading
2024-04-17 18:06 - 2024-04-17 18:06 - 008136352 _____ (IT-Finance ) C:\Users\Bratak\Downloads\Installer-ProRealTimeTrading-win64 (2).exe
2024-04-17 17:13 - 2024-04-17 17:13 - 008136352 _____ (IT-Finance ) C:\Users\Bratak\Downloads\Installer-ProRealTimeTrading-win64 (1).exe
2024-04-17 11:16 - 2024-04-17 11:16 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-17 11:15 - 2024-04-17 11:15 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-04-17 10:51 - 2024-04-17 10:51 - 000000000 ___HD C:\$WinREAgent
2024-04-16 21:24 - 2024-04-16 21:24 - 000000000 ____D C:\WINDOWS\system32\o2
2024-04-16 19:28 - 2024-04-16 19:28 - 000154684 _____ C:\Users\Bratak\Downloads\Dune.Part.Two.2024.MULTi.TRUEFRENCH.HDR.DV.2160p.WEB-DL.H265-Slay3R.mkv.torrent
2024-04-16 09:35 - 2024-04-16 09:35 - 000314776 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-17 21:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-17 21:57 - 2021-08-04 11:33 - 000000000 ____D C:\Users\Bratak\AppData\Local\CyberGhost
2024-04-17 21:56 - 2018-08-14 00:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-17 21:56 - 2018-05-29 22:16 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\uTorrent
2024-04-17 21:55 - 2023-11-20 01:52 - 000000000 ____D C:\Users\Bratak
2024-04-17 21:55 - 2023-11-20 01:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-17 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-17 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-17 21:55 - 2018-06-10 21:54 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-17 21:55 - 2018-05-27 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-17 21:54 - 2023-11-20 01:55 - 001924358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-17 21:54 - 2019-12-07 16:50 - 000831906 _____ C:\WINDOWS\system32\perfh00C.dat
2024-04-17 21:54 - 2019-12-07 16:50 - 000167672 _____ C:\WINDOWS\system32\perfc00C.dat
2024-04-17 21:54 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-17 21:53 - 2019-11-16 15:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-04-17 21:52 - 2023-11-20 02:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-17 21:52 - 2020-09-02 16:40 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-17 21:52 - 2018-05-27 22:13 - 000000000 ____D C:\ProgramData\AVAST Software
2024-04-17 21:48 - 2023-11-20 01:50 - 000453952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-17 21:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-04-17 21:45 - 2023-12-24 02:28 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-17 21:45 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-04-17 21:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-17 21:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-04-17 21:44 - 2023-11-20 01:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-17 21:26 - 2023-11-20 02:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-04-17 21:26 - 2023-08-13 21:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-04-17 21:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-17 18:38 - 2024-01-14 23:03 - 000003602 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{083EA5CD-E8C2-4589-854B-2D2A137921AF}
2024-04-17 18:38 - 2024-01-14 23:03 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{68A6E7CD-4243-4202-ADEE-7EA02843C343}
2024-04-17 18:38 - 2023-11-20 02:11 - 000003822 _____ C:\WINDOWS\system32\Tasks\Norton Security Scan for Bratak
2024-04-17 18:38 - 2023-11-20 02:11 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-17 18:38 - 2023-11-20 02:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-17 18:38 - 2023-11-20 02:11 - 000003394 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-17 18:38 - 2023-11-20 02:11 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3999071465-3090095205-1753645127-1005
2024-04-17 18:38 - 2023-11-20 02:11 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3999071465-3090095205-1753645127-1000
2024-04-17 18:38 - 2023-11-20 02:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3999071465-3090095205-1753645127-1005
2024-04-17 18:38 - 2023-11-20 02:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3999071465-3090095205-1753645127-1000
2024-04-17 18:38 - 2023-11-20 02:11 - 000002596 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2024-04-17 18:38 - 2023-11-20 02:11 - 000002508 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-04-17 18:38 - 2023-11-20 02:11 - 000002482 _____ C:\WINDOWS\system32\Tasks\UpdaterChromeApp
2024-04-17 18:38 - 2023-11-20 02:11 - 000002472 _____ C:\WINDOWS\system32\Tasks\UpdaterChromeApp2
2024-04-17 18:38 - 2023-11-20 02:11 - 000002352 _____ C:\WINDOWS\system32\Tasks\Installation App Launcher
2024-04-17 18:37 - 2023-11-20 02:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-04-17 18:08 - 2018-08-20 22:55 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Excel
2024-04-17 18:07 - 2023-02-12 22:42 - 000002374 _____ C:\Users\Bratak\Desktop\ProRealTime Trading.lnk
2024-04-17 11:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-17 11:16 - 2017-05-04 21:25 - 000416842 __RSH C:\bootmgr
2024-04-17 11:15 - 2023-11-20 01:51 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-17 10:48 - 2018-06-10 23:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-17 10:43 - 2023-10-21 19:22 - 000000000 ____D C:\Program Files\RUXIM
2024-04-17 10:43 - 2018-06-10 23:43 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-17 10:07 - 2019-10-06 18:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-04-16 21:31 - 2021-08-04 11:33 - 000000000 ____D C:\Program Files\CyberGhost 8
2024-04-16 21:21 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-04-16 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-04-16 21:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-04-16 17:08 - 2018-09-01 10:18 - 000000000 ____D C:\Users\Bratak\AppData\Local\CrashDumps
2024-04-16 15:42 - 2024-01-14 23:04 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-16 15:42 - 2024-01-14 23:04 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-16 10:49 - 2018-08-20 22:46 - 000000000 ____D C:\Users\Bratak\AppData\Roaming\Microsoft\Word
2024-04-16 10:41 - 2021-09-28 22:26 - 000000000 ____D C:\Users\Bratak\AppData\Local\IT-Finance
2024-04-16 10:01 - 2018-06-22 22:06 - 000000000 ____D C:\Users\Bratak\AppData\Local\AVAST Software
2024-04-16 09:39 - 2020-07-09 09:08 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-16 09:39 - 2020-07-09 09:08 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-16 09:39 - 2018-06-10 21:19 - 000000000 ____D C:\Users\Bratak\AppData\Local\Packages
2024-04-16 09:37 - 2023-11-20 01:52 - 000002463 _____ C:\Users\Bratak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-16 09:35 - 2020-10-16 14:28 - 000268856 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-04-16 09:35 - 2020-04-18 14:45 - 000548912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-04-16 09:35 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-16 09:35 - 2019-01-06 09:42 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-04-16 09:35 - 2019-01-06 09:42 - 000020528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-04-16 09:35 - 2018-10-11 15:35 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000935992 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000695864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000306232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000230448 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-04-16 09:35 - 2018-05-27 22:15 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-04-16 09:31 - 2018-08-14 00:09 - 000000000 ____D C:\Users\Bratak\AppData\Local\Steam
==================== Fichiers à la racine de certains dossiers ========
2018-05-27 08:54 - 2018-05-27 08:54 - 000025297 _____ () C:\Users\Bratak\AppData\Roaming\addons.dat
2018-06-21 21:26 - 2018-06-21 21:26 - 000000600 _____ () C:\Users\Bratak\AppData\Roaming\winscp.rnd
2018-10-06 09:28 - 2018-10-06 09:28 - 000000000 _____ () C:\Users\Bratak\AppData\Local\oobelibMkey.log
2018-06-21 21:28 - 2018-06-22 00:08 - 000000600 _____ () C:\Users\Bratak\AppData\Local\PUTTY.RND
2023-06-17 17:11 - 2023-06-17 17:11 - 000004395 _____ () C:\Users\Bratak\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================