Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022 Exécuté par Thierry (administrateur) sur DESKTOP-MTKA5M4 (ASUSTeK COMPUTER INC. TP300LD) (23-08-2022 02:08:51) Exécuté depuis C:\Users\Thierry\Desktop Profils chargés: Thierry Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1586 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\CR_883A9.tmp\setup.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\E5D26B9E-D892-4F17-8E7D-1DA2E4FEA72C\MpSigStub.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A3D9B851-2681-45E3-B2A2-511E5AE520E1}\104.0.5112.102_102.0.5005.63_chrome_updater.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7> (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-23db1e04.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe (services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe (services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe (wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837232 2014-10-01] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT CORPORATION -> IVT Corporation) HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier) HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [bt] => C:\Users\Thierry\AppData\Roaming\BitTorrent\BitTorrent.exe [2106408 2022-03-31] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371856 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.) HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\MountPoints2: {d8a0c562-91a3-11eb-89ba-c6bd2a310726} - "D:\SISetup.exe" HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2021-05-12] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-05] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {15AECEC6-36D1-464E-9DEA-906927F2179F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {17932707-C1DF-44EF-BABD-DA2552F409FB} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {39346560-2DBF-49D7-A821-5FC594D02A32} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {421736DB-D916-4368-BD37-AEA133EE4804} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-23] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6B0CB1FD-78FE-43C8-94C3-A1585BC7ECA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6D4CCC44-54D1-4FDD-8AA4-370100F57630} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [140088 2019-04-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {7F438022-55AD-4493-B16A-259D3EBA3B48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC) Task: {997FB40C-9630-41A8-A9F5-28ABE5C11E0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B0C91A25-C5CB-4033-B0F7-7A1F7751963A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC) Task: {B4A156AA-37F5-4810-AE49-B368163A046F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {C403A308-C4FD-46DF-809B-244BC5F8AAF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C60EDF1C-EDAD-42F2-9FF1-14F81950B897} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2015-06-30] (ASUSTeK Computer Inc. -> AsusTek) Task: {E8E3C7DB-6E6B-4402-8924-B7E169193B3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F1054B30-E7BA-4692-A62B-D21D85B0A54C} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {F2682B46-9E95-408B-B563-A70171940B82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{7149ca1f-5092-4525-a249-56fd84157758}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{b345be30-caea-41ba-9911-da6284bea7b8}: [DhcpNameServer] 172.20.10.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Thierry\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-28] FireFox: ======== FF HKU\S-1-5-21-3964324572-413007010-4171602057-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default [2022-08-23] CHR Notifications: Default -> hxxps://mail.yahoo.com; hxxps://www.20minutes.fr CHR StartupUrls: Default -> "","hxxp://www.google.fr/","hxxp://www.google.com/","hxxps://www.google.com/","hxxp://www.mondial-automobile.com/visiteurs/","hxxps://www.duckduckgo.com" CHR Extension: (Safe Torrent Scanner) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-08-23] CHR Extension: (Google Docs hors connexion) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-22] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-23] CHR Extension: (WhatFont) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-02-24] CHR Extension: (Cisco Webex Extension) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-08-23] CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-23] CHR Extension: (Pocket) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2021-02-24] CHR Extension: (Extension Abonnement RSS (par Google)) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2021-02-24] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT CORPORATION -> IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT CORPORATION -> IVT Corporation) R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [69328 2022-08-23] (CyberGhost S.R.L. -> CyberGhost S.R.L.) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP) R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112944 2020-08-15] (Code Sector -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare) S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUSTeK Computer Inc. -> ASUS Corporation) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Mediatek Inc. -> Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Mediatek Inc. -> Ralink Corporation) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch64.sys [19976 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R3 INVN_MotionApps; C:\Windows\System32\drivers\WUDFRd.sys [315392 2022-03-31] (Microsoft Windows -> Microsoft Corporation) R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [494384 2013-06-07] (Mediatek Inc. -> Ralink Technology Corp.) R3 MpKsl93d84305; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C9AC16A-F31E-4BB8-BD55-98D3508F0FB1}\MpKslDrv.sys [137464 2022-08-22] (Microsoft Windows -> Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-23 02:08 - 2022-08-23 02:13 - 000021541 _____ C:\Users\Thierry\Desktop\FRST.txt 2022-08-23 01:58 - 2022-08-23 02:11 - 000000000 ____D C:\FRST 2022-08-23 01:52 - 2022-08-23 01:52 - 000000873 _____ C:\Users\Thierry\Desktop\JRT.txt 2022-08-23 01:38 - 2022-08-23 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2022-08-23 01:37 - 2022-08-23 01:39 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2022-08-23 01:30 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Desktop\JRT.exe 2022-08-23 01:23 - 2022-08-23 01:24 - 001790024 _____ (Malwarebytes) C:\Users\Thierry\Downloads\JRT.exe 2022-08-23 01:22 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Desktop\FRST64 (1).exe 2022-08-23 01:12 - 2022-08-23 01:17 - 000000000 ____D C:\AdwCleaner 2022-08-23 01:11 - 2022-08-23 01:16 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\CyberGhost 2022-08-23 01:10 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Desktop\AdwCleaner.exe 2022-08-23 01:06 - 2022-08-23 01:09 - 000000000 ____D C:\Program Files\TAP-Windows 2022-08-23 01:03 - 2022-08-23 01:03 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\Mozilla 2022-08-23 01:01 - 2022-08-23 01:11 - 000000000 ____D C:\Users\Thierry\AppData\Local\CyberGhost 2022-08-23 01:01 - 2022-08-23 01:03 - 002371072 _____ (Farbar) C:\Users\Thierry\Downloads\FRST64 (1).exe 2022-08-23 01:01 - 2022-08-23 01:02 - 008551608 _____ (Malwarebytes) C:\Users\Thierry\Downloads\AdwCleaner.exe 2022-08-23 01:00 - 2022-08-23 01:00 - 000001067 _____ C:\Users\Thierry\Desktop\CyberGhost 8.lnk 2022-08-23 01:00 - 2022-08-23 01:00 - 000000916 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2022-08-23 01:00 - 2022-08-23 01:00 - 000000868 _____ C:\Users\Thierry\Desktop\Start Tor Browser.lnk 2022-08-23 01:00 - 2022-08-23 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8 2022-08-23 00:59 - 2022-08-23 01:02 - 000000000 ____D C:\Program Files\CyberGhost 8 2022-08-23 00:49 - 2022-08-23 00:51 - 000000000 ____D C:\Users\Thierry\Desktop\Tor Browser 2022-08-23 00:42 - 2022-08-23 00:43 - 000122104 _____ (CyberGhost S.R.L.) C:\Users\Thierry\Downloads\cgsetup_fr_.exe 2022-08-23 00:33 - 2022-08-23 00:46 - 103559184 _____ C:\Users\Thierry\Downloads\torbrowser-install-win64-11.5.1_fr.exe 2022-08-22 23:37 - 2022-08-22 23:37 - 000000000 ___HD C:\$WinREAgent ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-23 02:08 - 2021-02-24 22:19 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-23 02:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-23 02:00 - 2021-02-24 22:23 - 000000000 ____D C:\Program Files\Google 2022-08-23 01:58 - 2021-04-12 11:16 - 000000000 ____D C:\Program Files (x86)\Wondershare 2022-08-23 01:57 - 2021-04-12 11:16 - 000000000 ____D C:\Users\Thierry\.android 2022-08-23 01:41 - 2021-02-24 02:04 - 000000000 ____D C:\ProgramData\NVIDIA 2022-08-23 01:21 - 2021-05-07 23:39 - 000000000 ____D C:\ProgramData\Package Cache 2022-08-23 01:09 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-08-23 00:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-08-23 00:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-23 00:16 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages 2022-08-23 00:16 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-08-23 00:15 - 2020-11-19 00:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-23 00:15 - 2020-11-19 00:31 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-08-22 23:55 - 2021-02-24 00:47 - 000000000 ____D C:\Windows\system32\MRT 2022-08-22 23:34 - 2021-02-24 00:47 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-08-22 23:24 - 2021-10-13 22:25 - 000004180 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BD14C0D3-AE0E-45B0-87E4-27A76D6CA46D} 2022-08-22 23:14 - 2022-03-16 11:13 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3964324572-413007010-4171602057-1001 2022-08-22 23:14 - 2022-03-16 11:09 - 000002423 _____ C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-22 23:14 - 2022-01-21 10:47 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3964324572-413007010-4171602057-1001 2022-08-22 23:12 - 2022-04-09 16:43 - 000000000 ____D C:\Users\Thierry\AppData\LocalLow\BitTorrent 2022-08-22 23:12 - 2021-10-07 18:33 - 000000000 ____D C:\Users\Thierry\AppData\Roaming\BitTorrent 2022-08-22 23:11 - 2021-10-07 18:37 - 000000000 ____D C:\Users\Thierry\AppData\Local\BitTorrentHelper 2022-08-22 23:08 - 2020-11-19 00:31 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-22 23:08 - 2020-11-19 00:31 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================