Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2022 Exécuté par tituxx_pc_portable (administrateur) sur PATOU (ASUSTeK Computer Inc. K53SV) (08-11-2022 17:48:51) Exécuté depuis C:\Users\tituxx_pc_portable\Desktop Profils chargés: tituxx_pc_portable Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2193 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MpCopyAccelerator.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (Atheros Communications Inc. -> Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (svchost.exe ->) (ADLICE -> ) C:\Program Files\UCheck\UCheck64.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll" (Pas de fichier) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé] HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-3259157864-576597493-3506242795-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3259157864-576597493-3506242795-1000\...\Run: [MicrosoftEdgeAutoLaunch_D2F68602DFAD40A799C14DC56089BB2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\Windows\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series: C:\Windows\system32\CNMLMA9.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series XPS: C:\Windows\system32\CNMXLMA9.DLL [361472 2010-08-25] (CANON INC.) [Fichier non signé] HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\Windows\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-10-30] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-08-02] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2011-08-02] (Atheros Communications Inc. -> Atheros Commnucations) [Fichier non signé] AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinitx.dll [208800 2018-02-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvinit.dll [182272 2018-02-13] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {078360AC-16F4-4D2A-98BE-89492198DAA7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier) Task: {0861595A-CC55-4745-B23E-7538C5F728EA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier) Task: {0C73DF41-3B61-4DC8-9F05-3B30CF55F5CD} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [30807984 2022-10-14] (ADLICE -> ) Task: {12781D23-7EFC-40A3-8999-7F02E2241ADF} - System32\Tasks\Opera scheduled Autoupdate 1609855418 => C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\launcher.exe [1937352 2022-11-03] (Opera Norway AS -> Opera Software) Task: {17743E67-B47C-49EF-B661-91FCB8C9A6C5} - System32\Tasks\{926DF346-D4C2-4287-B1D6-9E2B05D8A305} => C:\Windows\system32\pcalua.exe -a "F:\Driver Detective\DriverDetective_7.0.exe" -d "F:\Driver Detective" Task: {29A919AE-954D-4E8B-88A9-4071CDEFE9FB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {2A4D854B-3537-4DCC-84C7-5EF50D838C4C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {2F350C7E-0B6F-479B-A3FA-3BE7405B159E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {30422C77-3931-4FF8-90A5-BF783DBE47AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [147398024 2022-10-12] (Microsoft Windows -> Microsoft Corporation) Task: {35AAC1A8-CF0C-43AB-A921-FA5DA9FA4BC0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e66d4698-7da6-45be-b418-97413101bc40" --version "6.05.10110" --silent Task: {362E53CE-553B-4F99-849B-F671562EECF2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform) Task: {366365FD-58A2-48BC-9030-CEFCCBC71125} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MpCmdRun.exe [1567360 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {38161C15-77F2-44AA-B5D6-4BD8D786C895} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4D2D38B0-1166-4FF5-BDCD-3E77E41B014A} - System32\Tasks\Opera scheduled assistant Autoupdate 1609855428 => C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\launcher.exe [1937352 2022-11-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\tituxx_pc_portable\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {4EBAFDE6-88B7-4467-8C16-063868448448} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {4EFEDB32-30AA-429B-8BD4-1BB03024E923} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {5522C3C8-CB65-4D87-9773-1A9E21176EDF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier) Task: {593213BA-BCD9-428B-B1D8-F0D91A67A4E2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5D58538B-2AC0-4267-927B-97A8CB9AF557} - System32\Tasks\{44AC226A-EB1A-4CE6-9A2E-9621BEC4C5EC} => C:\Windows\system32\pcalua.exe -a "E:\drivers pc portable asus\Lan_realtec_Win7_32_64_Z703801132011.zip-downloader.exe" -d "E:\drivers pc portable asus" Task: {5EF81BC0-ED2B-4666-824B-344F36D525C9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier) Task: {5FB5188B-FDB5-4E09-BF60-226CCB694813} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {679ADAAE-26F5-4FCC-B7B0-9A5F28C570D6} - System32\Tasks\CCleanerSkipUAC - tituxx_pc_portable => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {6D846EBF-0FF0-4275-85B8-201BD688C366} - System32\Tasks\{F4A9CB92-56F6-4DAB-B050-8E9D16CCD0D8} => C:\Windows\system32\pcalua.exe -a C:\Users\tituxx_pc_portable\Desktop\snuninst.exe -d C:\Users\tituxx_pc_portable\Desktop Task: {774DF76B-F9FB-4C9C-9971-6C6E3DCC9FCC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {796A08D3-8465-4C24-8B17-505B69F52752} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS) Task: {7B6AFEDB-D1FA-4008-BEB4-D72FE7E796B1} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {8411AC76-0EAA-43F2-9A7F-5FD0ABC865A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {86C361A9-94B5-476A-8939-2DBFF0C64CE3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software) Task: {89796E05-BB83-455C-B2D7-F82D5468A749} - System32\Tasks\RunSpeccy => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd) Task: {8B496DC7-BC83-41C0-B628-D9FFE9DEFA11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MpCmdRun.exe [1567360 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8F836547-AD85-4A89-8692-86AA47E3E956} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {95A4DDDD-8646-4E57-88C3-2AB0809E84AB} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {97865C0C-BC2B-4266-86A5-2F2D12474D78} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier) Task: {9A2E2ECD-75F4-4AA5-BCB5-C211347E956A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MpCmdRun.exe [1567360 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9DBD0CE8-CF8B-4616-A361-FA26FE26472D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier) Task: {A2A62135-51EC-46EF-AF45-611A6F09C41C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier) Task: {A6BC560A-961A-4B7A-AF4A-5E77893640F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {A984F0D7-65C4-41C4-830C-EF2EFBCF5DD9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier) Task: {A9ADA529-C712-4066-AD04-260DD8BAEF0B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier) Task: {A9E7B3D1-A03F-46FE-BFA4-EAE740A21EE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC) Task: {AAFD99ED-8255-4A33-90FA-F9470A72CB2B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {ACFF692A-C681-41FA-B928-0F5E09AEDB4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {AFB953ED-D4F0-4F96-A62F-7C69BD734E91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B1B2148C-D4C9-4ADE-A4F1-5A1EA604C7C4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {B35958BE-6A4A-4F75-B7FD-2A3D0C558F2E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier) Task: {B794AA19-2DB4-481B-8339-123CF88EAD91} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier) Task: {BFAD8A9C-F922-4968-8194-8BC7EE3212CE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier) Task: {C0F7FF80-DAAF-4D63-8F8F-1443F967BE53} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier) Task: {C2D51CF4-1335-48D8-A485-9DE48F57172A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier) Task: {C536E32B-C315-47CC-973F-F0E0DAF2ECC6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {C8BFF37E-FCE6-49EB-9066-572211FECA0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MpCmdRun.exe [1567360 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CBC73373-1F07-41F0-AAF6-30DA3EF6F876} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier) Task: {CDCCA935-43FF-4D63-8393-BC5A37A8B764} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {D256C645-A678-4FFF-AEA8-05DBF34C4B7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {D41E2AB2-1B85-45F6-BAC5-1820783795BF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier) Task: {DE1139C5-1348-4DAA-9326-C9F20A1F8CD5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier) Task: {DE51FDBD-429E-4912-94E8-A34478C10B70} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier) Task: {E0E5F97E-5881-48AD-877A-66B54EABAD6A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier) Task: {E66B4CAF-4BB3-478F-AEAB-F27E83EC24F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {E6F2C053-40ED-45D9-B0AA-C95A019A638E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier) Task: {EADF2FEF-7E1D-4595-9F29-4C73AA31E0BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier) Task: {F1923E0D-42E3-4667-8998-282083309501} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier) Task: {FA65D7A0-C290-43A7-A695-5D3F68C030EA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{dcbfadbe-66f0-4fdd-9afa-e62180771312}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{fca609b1-4ba1-4fa8-9568-f72277e0eb72}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\tituxx_pc_portable\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-08] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 464azwrb.default FF ProfilePath: C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default [2022-11-08] FF DownloadDir: C:\Users\tituxx_pc_portable\Desktop FF Homepage: Mozilla\Firefox\Profiles\464azwrb.default -> hxxps://www.google.fr/ FF Extension: (AdBlocker Ultimate) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\adblockultimate@adblockultimate.net.xpi [2022-09-30] FF Extension: (AdGuard AdBlocker) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\adguardadblocker@adguard.com.xpi [2022-10-26] FF Extension: (Dictionnaire français) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-06-01] FF Extension: (PDF Mage) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2021-11-17] FF Extension: (I don't care about cookies) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-10-30] FF Extension: (Show my Password) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\jid1-ytAaKUpYnPSfGA@jetpack.xpi [2021-02-25] FF Extension: (Français Language Pack) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2022-11-07] FF Extension: (Gestionnaire de téléchargements (S3)) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\s3download@statusbar.xpi [2019-07-10] FF Extension: (Google Translator for Firefox) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\translator@zoli.bod.xpi [2018-12-03] FF Extension: (Flagfox) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2022-11-02] FF Extension: (Toolbar Button for Facebook) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721}.xpi [2021-04-14] FF Extension: (Two little birds) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{a78f47b9-eac6-4996-bc9a-54701987af18}.xpi [2019-06-15] FF Extension: (Video DownloadHelper) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\tituxx_pc_portable\AppData\Roaming\Mozilla\Firefox\Profiles\464azwrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-08-29] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default [2022-11-08] CHR Extension: (Avira Password Manager) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-10-21] CHR Extension: (Protection Web Avira) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-15] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] StartMenuInternet: Google Chrome.TQR4JTVDNLWOI3ZCHB2JW5WWMA - C:\Users\tituxx_pc_portable\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= OPR Profile: C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable [2022-11-08] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-08] OPR Extension: (Opera Wallet) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-08] OPR Extension: (Amazon Assistant Promotion) - C:\Users\tituxx_pc_portable\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros Communications Inc. -> Atheros) [Fichier non signé] S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-06] (Microsoft Windows -> Microsoft Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-07] (Malwarebytes Inc. -> Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\NisSrv.exe [3191224 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe [133560 2022-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17024 2010-07-26] (ASUSTeK Computer Inc. -> ASUS) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] (Intel(R) Graphics DSS -> ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [118400 2011-09-11] (VSO-SOFTWARE -> VSO Software) S3 IntcDAud; C:\WINDOWS\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel(R) Corporation) [Fichier non signé] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-30] (Malwarebytes Inc. -> Malwarebytes) R3 MpKsl9e67afb1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{03C61E61-44F0-4C64-85C5-98D0EE1A80F8}\MpKslDrv.sys [214280 2022-11-08] (Microsoft Windows -> Microsoft Corporation) S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [82816 2011-09-11] (VSO Software) [Fichier non signé] S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49584 2022-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469248 2022-11-08] (Microsoft Windows -> Microsoft Corporation) R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [42392 2010-12-01] (Wireless Display -> Intel Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95528 2022-11-08] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-11-08 17:48 - 2022-11-08 17:51 - 000035342 _____ C:\Users\tituxx_pc_portable\Desktop\FRST.txt 2022-11-08 17:39 - 2022-11-08 17:39 - 002374656 _____ (Farbar) C:\Users\tituxx_pc_portable\Desktop\FRST64.exe 2022-11-08 13:31 - 2022-11-08 13:31 - 000261618 _____ C:\Users\tituxx_pc_portable\Desktop\100699461-111003221423.pdf 2022-11-08 13:28 - 2022-11-08 13:28 - 000510480 _____ C:\Users\tituxx_pc_portable\Desktop\100699461-contrats.zip 2022-11-08 13:28 - 2022-11-08 13:28 - 000510480 _____ C:\Users\tituxx_pc_portable\Desktop\100699461-contrats(1).zip 2022-11-07 18:23 - 2022-11-08 17:50 - 000000000 ____D C:\FRST 2022-11-07 16:07 - 2022-11-07 16:07 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-11-07 15:29 - 2022-11-07 15:29 - 000004534 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1609855428 2022-11-07 12:03 - 2022-11-07 12:03 - 000000000 ____D C:\ProgramData\ASUS 2022-11-07 11:58 - 2021-07-07 18:17 - 000001984 _____ C:\Users\tituxx_pc_portable\Desktop\PC Health Check.lnk 2022-11-07 11:48 - 2022-11-07 11:48 - 014278656 _____ C:\Users\tituxx_pc_portable\Downloads\WindowsPCHealthCheckSetup.msi 2022-11-07 11:27 - 2022-11-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-11-06 15:35 - 2022-11-08 14:52 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-11-06 15:35 - 2022-11-08 14:52 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-11-06 14:45 - 2022-11-06 14:45 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll 2022-11-06 14:44 - 2022-11-06 14:44 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-11-06 14:44 - 2022-11-06 14:44 - 000012263 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-11-06 14:42 - 2022-11-06 14:42 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-11-03 12:01 - 2022-11-03 12:01 - 000000000 ___HD C:\$WinREAgent 2022-10-30 13:54 - 2022-10-30 13:54 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-10-30 13:53 - 2022-10-30 13:53 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-10-27 10:44 - 2022-10-27 10:44 - 000136685 _____ C:\Users\tituxx_pc_portable\Documents\doc95292937 prise de sang.pdf 2022-10-27 10:42 - 2022-10-27 10:43 - 000136685 _____ C:\Users\tituxx_pc_portable\Downloads\doc95292937.pdf 2022-10-26 11:06 - 2022-10-26 11:06 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-10-26 11:06 - 2022-04-23 16:48 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-10-19 11:16 - 2022-10-19 11:16 - 000002228 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2022-10-17 09:46 - 2022-10-17 09:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4 2022-10-17 09:46 - 2022-10-17 09:46 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.4.lnk 2022-10-17 09:42 - 2022-10-17 09:44 - 000000000 ____D C:\Program Files\LibreOffice 2022-10-14 11:46 - 2022-10-24 14:34 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-10-14 11:46 - 2022-10-24 14:34 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2022-10-12 13:23 - 2022-10-12 13:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-11-08 17:48 - 2017-07-09 22:33 - 000000000 ____D C:\Users\tituxx_pc_portable\AppData\LocalLow\Mozilla 2022-11-08 17:35 - 2011-09-11 18:28 - 000000000 ____D C:\Program Files (x86)\Google 2022-11-08 17:34 - 2022-02-09 10:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-11-08 17:31 - 2021-12-10 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-11-08 14:52 - 2021-10-21 09:54 - 000000000 ____D C:\Program Files\CCleaner 2022-11-08 14:32 - 2013-03-09 16:13 - 000000000 ____D C:\Program Files\Java 2022-11-08 13:36 - 2016-03-15 22:19 - 000000000 ____D C:\ProgramData\NVIDIA 2022-11-08 13:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-11-08 10:16 - 2018-07-06 12:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-11-07 16:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-11-07 16:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-11-07 16:06 - 2021-12-10 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-11-07 16:06 - 2021-11-03 23:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-11-07 16:06 - 2020-07-14 22:50 - 000008192 ___SH C:\DumpStack.log.tmp 2022-11-07 16:06 - 2018-07-05 16:43 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-11-07 16:06 - 2018-07-05 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-11-07 16:05 - 2021-12-10 10:39 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK 2022-11-07 16:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-11-07 15:29 - 2022-09-22 15:40 - 000001542 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-11-07 15:29 - 2021-12-10 11:16 - 000004280 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1609855418 2022-11-07 15:15 - 2020-10-02 11:01 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\Nouveau dossier 2022-11-07 15:13 - 2021-10-24 15:45 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\paoier contrat apprentissage gaetan 2022-11-07 15:13 - 2021-01-26 21:18 - 000000000 ____D C:\Users\tituxx_pc_portable\Documents\papier pour permis gaetan 2022-11-07 12:28 - 2011-09-13 20:51 - 000000000 ____D C:\Users\tituxx_pc_portable\AppData\Local\CrashDumps 2022-11-07 12:20 - 2019-02-19 14:55 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2022-11-07 11:58 - 2021-07-07 18:17 - 000001446 _____ C:\Users\tituxx_pc_portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-11-07 11:58 - 2021-07-07 18:17 - 000000000 ___RD C:\Users\tituxx_pc_portable\AppData\Local\PCHealthCheck 2022-11-07 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-11-07 11:26 - 2018-07-05 16:43 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-11-07 11:17 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-11-06 15:34 - 2021-12-10 11:05 - 002036638 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-11-06 15:34 - 2019-12-07 15:50 - 000877926 _____ C:\WINDOWS\system32\perfh00C.dat 2022-11-06 15:34 - 2019-12-07 15:50 - 000183412 _____ C:\WINDOWS\system32\perfc00C.dat 2022-11-06 15:27 - 2021-12-10 10:39 - 000632320 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-11-06 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-11-06 15:21 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-11-06 15:21 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-11-06 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-11-06 15:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-11-06 14:43 - 2011-09-11 20:24 - 000415708 __RSH C:\bootmgr 2022-11-06 14:41 - 2021-12-10 10:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-11-02 10:09 - 2021-12-21 14:45 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2022-11-02 10:00 - 2019-10-05 16:44 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-10-31 17:30 - 2021-12-10 09:14 - 000000000 ____D C:\Users\tituxx_pc_portable 2022-10-31 12:17 - 2021-02-20 10:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-10-30 15:29 - 2022-02-04 15:28 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-10-30 15:29 - 2021-01-07 14:03 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-27 10:27 - 2022-01-25 10:28 - 000001266 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2022-10-27 10:27 - 2021-08-26 12:38 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2022-10-26 11:07 - 2021-05-29 11:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-10-26 11:07 - 2021-05-29 11:47 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-10-26 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-26 10:55 - 2021-05-29 11:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-10-26 10:55 - 2018-07-05 20:13 - 000000000 ____D C:\Program Files\Malwarebytes 2022-10-24 15:15 - 2021-02-17 14:33 - 000000837 _____ C:\Users\Public\Desktop\UCheck.lnk 2022-10-24 15:15 - 2020-07-15 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck 2022-10-24 15:15 - 2020-07-15 02:08 - 000000000 ____D C:\Program Files\UCheck 2022-10-24 14:37 - 2022-01-13 07:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-10-24 14:16 - 2021-12-10 11:16 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-10-24 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-10-23 16:03 - 2022-08-05 17:28 - 000000000 ____D C:\WINDOWS\Minidump 2022-10-14 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-12 10:37 - 2021-12-10 11:16 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-12 10:25 - 2021-12-10 11:16 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-12 10:11 - 2013-09-07 16:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-12 09:39 - 2011-09-11 00:51 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2020-02-05 14:09 - 2019-09-19 09:39 - 030570784 _____ (Adlice Software ) C:\Users\tituxx_pc_portable\UCheck_setup.exe 2011-09-11 19:50 - 2015-12-14 10:10 - 000007833 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.cat 2011-09-11 19:50 - 2015-12-14 10:10 - 000001127 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.inf 2011-09-11 19:50 - 2011-09-11 19:50 - 000000125 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.ini 2011-09-11 19:50 - 2015-12-14 10:10 - 000000033 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\ezplay.log 2011-09-11 19:47 - 2015-12-14 10:04 - 000007859 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.cat 2011-09-11 19:47 - 2015-12-14 10:04 - 000001167 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.inf 2011-09-11 19:47 - 2015-12-14 10:04 - 000000033 _____ () C:\Users\tituxx_pc_portable\AppData\Roaming\pcouffin.log 2019-07-16 17:30 - 2019-08-16 09:58 - 050616672 _____ (Sony) C:\Users\tituxx_pc_portable\AppData\Local\pcc.exe 2016-03-16 13:25 - 2016-03-16 13:25 - 000001265 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132545.txt 2016-03-16 13:25 - 2016-03-16 13:25 - 000001265 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132554.txt 2016-03-16 13:26 - 2016-03-16 13:26 - 000000673 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132647.txt 2016-03-16 13:27 - 2016-03-16 13:27 - 000001567 _____ () C:\Users\tituxx_pc_portable\AppData\Local\PDLSetup.20160316.132717.txt ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {49f041ff-5997-11ec-8f59-14dae9279401} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {5d9f7faa-599d-11ec-8f5a-ebeac29a386b} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {49f041ff-5997-11ec-8f59-14dae9279401} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de d‚marrage Windows ----------------------------- identificateur {5d9f7faa-599d-11ec-8f5a-ebeac29a386b} device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5d9f7fab-599d-11ec-8f5a-ebeac29a386b} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5d9f7fab-599d-11ec-8f5a-ebeac29a386b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {9c8cc5be-dcab-11e0-8ffa-96b67b4d915b} device ramdisk=[C:]\Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\Winre.wim,{9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\Winre.wim,{9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b} systemroot \windows nx OptIn winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {b58a3a6c-810b-11e8-a669-fcff3203c98a} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b58a3a6d-810b-11e8-a669-fcff3203c98a} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{b58a3a6d-810b-11e8-a669-fcff3203c98a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {49f041ff-5997-11ec-8f59-14dae9279401} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {5d9f7faa-599d-11ec-8f5a-ebeac29a386b} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {5d9f7fab-599d-11ec-8f5a-ebeac29a386b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {9c8cc5bf-dcab-11e0-8ffa-96b67b4d915b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\9c8cc5be-dcab-11e0-8ffa-96b67b4d915b\boot.sdi ==================== Fin de FRST.txt ========================